Re: FreeBSD Security Advisory FreeBSD-SA-05:21.openssl

• Previous message: Jacques Vidrine: "Re: FreeBSD Security Advisory FreeBSD-SA-05:21.openssl"
• In reply to: Jacques Vidrine: "Re: FreeBSD Security Advisory FreeBSD-SA-05:21.openssl"
• Next in thread: David Coder: "Re: FreeBSD Security Advisory FreeBSD-SA-05:21.openssl"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 14 Oct 2005 19:12:33 +0100
To: Jacques Vidrine <jacques@vidrine.us>

Jacques Vidrine wrote:
>
> On 2005-10-12, at 12:10 :19, Peter Jeremy wrote:
>
>> On Tue, 2005-Oct-11 09:45:53 -0700, Jacques Vidrine wrote:
>>
>>> On Oct 11, 2005, at 7:25 AM, Ian G wrote:
>>>
>>>> Isn't the workaround obviously to switch off V2?
>>>
>>>
>>> Yes. Sorry that wasn't mentioned.
>>
>>
>> That sounds like a good workaround. How do I implement it? I've
>> looked through the documentation and can't find any reference to a
>> runtime OpenSSL configuration file that would let me do this.
>
>
> I'm not aware of a global option for OpenSSL, either. Disabling SSLv2
> would need to be handled by the application, i.e. turn off SSLv2 for
> each of your SSL/TLS applications. Cheers,

Seems correct, no global option. Sorry to have
got your hopes up there.

iang

-------- Original Message --------
Subject: Re: [Fwd: Re: FreeBSD Security Advisory FreeBSD-SA-05:21.openssl]
Date: Fri, 14 Oct 2005 14:38:15 +0100
From: Ben Laurie <ben@algroup.co.uk>
To: Ian G <iang@iang.org>

Ian G wrote:
> Does this sound right? No global option in OpenSSL
> to turn off SSL v2?

Yes.
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

• Previous message: Jacques Vidrine: "Re: FreeBSD Security Advisory FreeBSD-SA-05:21.openssl"
• In reply to: Jacques Vidrine: "Re: FreeBSD Security Advisory FreeBSD-SA-05:21.openssl"
• Next in thread: David Coder: "Re: FreeBSD Security Advisory FreeBSD-SA-05:21.openssl"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: LibTomMath forked [SSE2 addons] ... My patches do make the P4 a contender for crypto-sized bignum math. ... [decent speed but slower on P4, sloppy code, no documentation, just ... My biggest gripe with OpenSSL BN is how poorly it was written. ... The fact that they manually unroll loops is just sad. ... (sci.crypt) Re: Activeperl and 3DES encryption - probably simple ... I just tried using openssl, ... Unfortunately the documentation is very incomplete. ... I am not a perl programmer but I need to test that file ... input file, output file, encryption key and initialization ... (comp.lang.perl.misc) Re: LibTomMath forked [SSE2 addons] ... > My patches do make the P4 a contender for crypto-sized bignum math. ... And if the lack of documentation is a problem, ... that OpenSSL is first based on SSLeay, mostly written by one guy, Eric ... (sci.crypt) Re: Ruby and Cryptography ... One example of using OpenSSL and Ruby for encryption is: ... It is true that the documentation on using OpenSSL from Ruby is lacking. ... (comp.lang.ruby)