Re: DH parameter reading in OPENSSL 3

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Wed, Jul 13, 2022 at 04:35:42PM +0200, Dirk Stöcker wrote:

> when upgrading to openssl3 my code states that some functions are 
> deprecated in openssl 3, but even after reading documentation I was 
> unable to find a non-deprecated replacement.

    https://github.com/vdukhovni/postfix/blob/master/postfix/src/tls/tls_dh.c#L148-L205

> Now it seems the default can be replaced by
> 
>   SSL_CTX_set_dh_auto(context, 1);

This is preferred over all explicit parameter choices, as it allows the
server and client to negotiate a common known-strong group.

-- 
    Viktor.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux