Date: Fri, 14 Oct 2005 19:12:33 +0100 From: Ian G <iang@iang.org> To: Jacques Vidrine <jacques@vidrine.us> Cc: Peter Jeremy <PeterJeremy@optushome.com.au>, freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-05:21.openssl Message-ID: <434FF511.1000505@iang.org> In-Reply-To: <47D785F8-E28E-4753-ABE9-8627107D9038@vidrine.us> References: <200510111202.j9BC2obf081876@freefall.freebsd.org> <434BCB75.2000402@iang.org> <B9EA75B5-B5AE-4164-A91E-061E5AECCC5B@vidrine.us> <20051012191019.GJ2482@cirb503493.alcatel.com.au> <47D785F8-E28E-4753-ABE9-8627107D9038@vidrine.us>
next in thread | previous in thread | raw e-mail | index | archive | help
Jacques Vidrine wrote: > > On 2005-10-12, at 12:10 :19, Peter Jeremy wrote: > >> On Tue, 2005-Oct-11 09:45:53 -0700, Jacques Vidrine wrote: >> >>> On Oct 11, 2005, at 7:25 AM, Ian G wrote: >>> >>>> Isn't the workaround obviously to switch off V2? >>> >>> >>> Yes. Sorry that wasn't mentioned. >> >> >> That sounds like a good workaround. How do I implement it? I've >> looked through the documentation and can't find any reference to a >> runtime OpenSSL configuration file that would let me do this. > > > I'm not aware of a global option for OpenSSL, either. Disabling SSLv2 > would need to be handled by the application, i.e. turn off SSLv2 for > each of your SSL/TLS applications. Cheers, Seems correct, no global option. Sorry to have got your hopes up there. iang -------- Original Message -------- Subject: Re: [Fwd: Re: FreeBSD Security Advisory FreeBSD-SA-05:21.openssl] Date: Fri, 14 Oct 2005 14:38:15 +0100 From: Ben Laurie <ben@algroup.co.uk> To: Ian G <iang@iang.org> Ian G wrote: > Does this sound right? No global option in OpenSSL > to turn off SSL v2? Yes.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?434FF511.1000505>