Security Fix for Ruby OpenSSL module: Allow "0/n splitting" as a prevention for the TLS BEAST attack.
In OpenSSL, SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS option for SSL
connection is used to prevent TLS-CBC-IV vulnerability described at
[1]. It's known issue of TLSv1/SSLv3 but it attracts lots of
attention these days as BEAST attack [2] (CVE-2011-3389). Ruby
related topics are at our issue tracker [3].
Posted by Urabe Shyouhei on 16 Feb 2012