Date: Thu, 27 Feb 2020 20:25:36 +0100 From: Miroslav Lachman <000.fbsd@quip.cz> To: Willem Jan Withagen <wjw@digiware.nl>, "ports@freebsd.org" <ports@freebsd.org> Subject: Re: About protocols in openssl Message-ID: <d7673dcd-467a-25ce-bca7-21cd74bf1777@quip.cz> In-Reply-To: <f7d98734-20dd-5ee7-b8b9-6ebc69603cb7@digiware.nl> References: <f7d98734-20dd-5ee7-b8b9-6ebc69603cb7@digiware.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
Willem Jan Withagen wrote on 2020/02/27 20:00: > Hi, > > My ceph ports uses all kinds of python stuff, and now the trouble is > that I'm getting > an error on missing: > SSLv3_client_method > > Which i guess, is because in the current openssl libs SSLv3 is disabled. > And I sort of get this, SSLv3 is unsafe. > > But I need it to be able to run parts of the ceph port. > > So how do I get a openssl lib dependancy that has SSLv3 enabled. You can build OpenSSL 1.1.1 from the ports where you can enable SSLv3 in the options dialog. https://www.freshports.org/security/openssl/ The defaults are: ====> Protocol Support NEXTPROTONEG=on: Next Protocol Negotiation (SPDY) SCTP=on: SCTP (Stream Control Transmission) SSL3=off: SSLv3 (unsafe) TLS1=on: TLSv1.0 (requires TLS1_1, TLS1_2) TLS1_1=on: TLSv1.1 (requires TLS1_2) TLS1_2=on: TLSv1.2 Miroslav Lachman
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d7673dcd-467a-25ce-bca7-21cd74bf1777>