diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2009-01-26 14:36:18 +0000 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2009-01-26 14:36:18 +0000 |
| commit | 8fa8df95fb10d8aede9f3e40300865d06b8ad204 (patch) | |
| tree | 73a2f0a3bf2b06c077f6e6e0b498e6b974f75509 /RELEASE-NOTES | |
| parent | 82ca52713bbb7b31e5d269e7f50dbc0cd065a297 (diff) | |
- The "-no_ticket" option was introduced in Openssl0.9.8j. It's a flag to
disable "rfc4507bis session ticket support". rfc4507bis was later turned
into the proper RFC5077 it seems: http://tools.ietf.org/html/rfc5077
The enabled extension concerns the session management. I wonder how often
libcurl stops a connection and then resumes a TLS session. also, sending the
session data is some overhead. .I suggest that you just use your proposed
patch (which explicitly disables TICKET).
If someone writes an application with libcurl and openssl who wants to
enable the feature, one can do this in the SSL callback.
Sharad Gupta brought this to my attention. Peter Sylvester helped me decide
on the proper action.
Diffstat (limited to 'RELEASE-NOTES')
| -rw-r--r-- | RELEASE-NOTES | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/RELEASE-NOTES b/RELEASE-NOTES index a54f611cb..2bafd5a32 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -10,6 +10,8 @@ Curl and libcurl 7.19.4 This release includes the following changes: o Added CURLOPT_NOPROXY and the corresponding --noproxy + o the OpenSSL-specific code disables TICKET (rfc5077) which is enabled by default + in openssl 0.9.8j This release includes the following bugfixes: @@ -24,6 +26,7 @@ This release includes the following known bugs: This release would not have looked like this without help, code, reports and advice from friends like these: - Lisa Xu, Daniel Fandrich, Craig A West, Alexey Borzov + Lisa Xu, Daniel Fandrich, Craig A West, Alexey Borzov, Sharad Gupta, + Peter Sylvester Thanks! (and sorry if I forgot to mention someone) |