From 7cc6c9b2f275ed0a9c42c326d71fa98eb3addf36 Mon Sep 17 00:00:00 2001
From: Steven Fackler <sfackler@gmail.com>
Date: Mon, 25 Dec 2017 21:18:49 -0700
Subject: [PATCH] Tweak default ssl options

---
 openssl/src/ssl/connector.rs | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/openssl/src/ssl/connector.rs b/openssl/src/ssl/connector.rs
index 34cb4956..dc65ad5e 100644
--- a/openssl/src/ssl/connector.rs
+++ b/openssl/src/ssl/connector.rs
@@ -29,9 +29,11 @@ ssbzSibBsu/6iGtCOGEoXJf//////////wIBAg==
 fn ctx(method: SslMethod) -> Result<SslContextBuilder, ErrorStack> {
     let mut ctx = SslContextBuilder::new(method)?;
 
-    let opts = SslOptions::ALL | SslOptions::NO_TICKET | SslOptions::NO_COMPRESSION
-        | SslOptions::NO_SSLV2 | SslOptions::NO_SSLV3 | SslOptions::SINGLE_DH_USE
+    let mut opts = SslOptions::ALL | SslOptions::NO_COMPRESSION | SslOptions::NO_SSLV2
+        | SslOptions::NO_SSLV3 | SslOptions::SINGLE_DH_USE
         | SslOptions::SINGLE_ECDH_USE | SslOptions::CIPHER_SERVER_PREFERENCE;
+    opts &= !SslOptions::DONT_INSERT_EMPTY_FRAGMENTS;
+
     ctx.set_options(opts);
 
     let mut mode =