Heads up: SSLv2|3 disabled by default in OpenSSL f21

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Just a notice about downstream behaviour change in fedora 21 before you find out
the harder way as I did.

Starting with openssl-1.0.1h-5.fc21[1] SSLv2 and SSLv3 are disabled
by default in fedora openssl. This change is not in upstream (but
may get there by v1.0.3).
Workaround is to use SSL_CTX_clear_options[2].



Regards,

Robert Kuska 
-----------------------------------------------------
rkuska @ 
#fedora-devel on freenode
#brno #gulag #software-collections on brq.redhat

[1] http://koji.fedoraproject.org/koji/buildinfo?buildID=540893
[2] https://www.openssl.org/docs/ssl/SSL_CTX_set_options.html

-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux