[Ach] Disabling SSLv2/3 in openssl compile time
L. Aaron Kaplan
aaron at lo-res.org
Mon Oct 20 18:44:56 CEST 2014
On Oct 19, 2014, at 6:03 PM, Hanno Böck <hanno at hboeck.de> wrote:
> Hi,
>
> To fix the issue at the root I played around a bit with disabling
> ssl2/3 compile time. (if you're asking now if OpenSSL still supports
> SSLv2 by default - yes, it does!)
>
> Disabling sslv3 was basically no issue at all. Somewhat surprisingly
> disabling sslv2 was a bit more of an issue because this removes a bunch
> of function definitions and thus the API. Some stuff had to be
> recompiled (along them wget and curl) to work again.
>
> Please note also that openssl before 1.0.1j seems to have a bug that
> makes the disable-ssl3 compile option incomplete.
>
Hanno, interesting results.
Do you have a screen session or some other instructions on how to do this?
Best,
a.
> cu,
> --
> Hanno Böck
> http://hboeck.de/
>
> mail/jabber: hanno at hboeck.de
> GPG: BBB51E42
> _______________________________________________
> Ach mailing list
> Ach at lists.cert.at
> http://lists.cert.at/cgi-bin/mailman/listinfo/ach
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.cert.at/pipermail/ach/attachments/20141020/6decf1f0/attachment.sig>
More information about the Ach
mailing list