Working around servers requiring SSL 2/3 record layer, and using TLS 1.2?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

>> How do we work around a server that seems to require SSLv23_method?
>
> Don't think of this as a work-around.  You SHOULD use the version-flexible
> method (renamed from SSLv23_method() to TLS_method() in master).
>
> You should then disable unwanted protocols that are too weak.  In master
> use the new min/max version controls and avoid the SSL_OP_NO_<some_version>
> macros.  In 1.0.x, use the macros to disable some contiguous set of protocol
> versions starting at SSLv2.
>
Thanks Viktor. It sounds like Master is in good working order. Is
there anything that can be done with OpenSSL 1.0.2?

Jeff
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux