f0b235a24e
Disable the SSL 3.0/TLS 1.0 CBC vulnerability workaround since this breaks NLA - the remote host will return a TLS alert 50, terminating the session. This flag used to be part of SSL_OP_ALL, however was removed in r1.36 of lib/libssl/src/ssl/ssl.h. Issue reported by and fix tested by sthen@ ok sthen@