[Ach] Disabling SSLv2/3 in openssl compile time
L. Aaron Kaplan
aaron at lo-res.org
Mon Oct 20 18:44:56 CEST 2014
On Oct 19, 2014, at 6:03 PM, Hanno Böck <hanno at hboeck.de> wrote:
> To fix the issue at the root I played around a bit with disabling
> ssl2/3 compile time. (if you're asking now if OpenSSL still supports
> SSLv2 by default - yes, it does!)
> Disabling sslv3 was basically no issue at all. Somewhat surprisingly
> disabling sslv2 was a bit more of an issue because this removes a bunch
> of function definitions and thus the API. Some stuff had to be
> recompiled (along them wget and curl) to work again.
> Please note also that openssl before 1.0.1j seems to have a bug that
> makes the disable-ssl3 compile option incomplete.
Hanno, interesting results.
Do you have a screen session or some other instructions on how to do this?
> Hanno Böck
> mail/jabber: hanno at hboeck.de
> GPG: BBB51E42
> Ach mailing list
> Ach at lists.cert.at
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 801 bytes
Desc: Message signed with OpenPGP using GPGMail
More information about the Ach