Heads up: SSLv2|3 disabled by default in OpenSSL f21

Robert Kuska rkuska at redhat.com
Wed Jul 16 12:57:49 UTC 2014


Just a notice about downstream behaviour change in fedora 21 before you find out
the harder way as I did.

Starting with openssl-1.0.1h-5.fc21[1] SSLv2 and SSLv3 are disabled
by default in fedora openssl. This change is not in upstream (but
may get there by v1.0.3).
Workaround is to use SSL_CTX_clear_options[2].



Regards,

Robert Kuska 
-----------------------------------------------------
rkuska @ 
#fedora-devel on freenode
#brno #gulag #software-collections on brq.redhat

[1] http://koji.fedoraproject.org/koji/buildinfo?buildID=540893
[2] https://www.openssl.org/docs/ssl/SSL_CTX_set_options.html



More information about the devel mailing list