Re: SSL is broken on FreeBSD



On Wed, 2011-04-06 at 01:45 -0400, jhell wrote:
If you truss the command above before and after creating so said links
in /usr/local/etc/ssl and in /etc/ssl youll see that there is no
default
CAfile or CApath searched for.

Interesting, thanks. I don't have a FreeBSD box around at present so my
guess was just from starting with s_client.c and reading through to the
Makefile.

s_client(1)
The s_client command implements a generic SSL/TLS client which
connects to a remote host using SSL/TLS. It is a very useful
diagnostic tool for SSL servers
[...]
Maybe there should be an emphasis on ``diagnostic''

Agreed. From openssl(1): "s_client ... It's intended for testing
purposes only..."

------------------------------------------------------------
This message and any files transmitted within are intended
solely for the addressee or its representative and may
contain company sensitive information. If you are not the
intended recipient, notify the sender immediately and delete
this message. Publication, reproduction, forwarding, or
content disclosure is prohibited without the consent of the
original sender and may be unlawful.

Concurrent Technologies Corporation and its Affiliates.
www.ctc.com 1-800-282-4392
------------------------------------------------------------
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"