New option to enable/disable connection to unpatched servers

2009-12-16 20:28:30 +00:00
parent 2456cd58c4
commit 675564835c
12 changed files with 48 additions and 8 deletions
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1677,6 +1677,10 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
 	}
 #endif
 #endif
+	/* Default is to connect to non-RI servers. When RI is more widely
+	 * deployed might change this.
+	 */
+	ret->options = SSL_OP_LEGACY_SERVER_CONNECT;

 	return(ret);
 err: