| 9a830ab822682a48105b28e501d6f7c1077557c7 |
|
31-Mar-2010 |
Brian Carlstrom <bdc@google.com> |
Enable TLSEXT and OCSP to restore connectivity to openssl 0.9.8m servers such as imap.gmail.com:993
Issue http://b/2557948
Android has historically built openssl with TLS extensions
disabled. However, starting with 0.9.8m, the openssl client started
sending client hello messages that required TLS extensions to be
enabled in order to parse the server hello response. imap.gmail.com
recently rolled out 0.9.8m code that started responding to our
extended client hello, which started causing our client to choke since
it was not able to parse the tls extension in the server hello
response.
This change enables TLSEXT in openssl, which also requires that we
enabled OCSP (Online Certificate Status Protocol) which is one of the
TLS extensions.
Change-Id: I2be1cdead6f3d797bb33a56a4abd0a9a92142b57
/external/openssl/ssl/t1_reneg.c
|