Date: Wed, 09 Sep 2015 12:52:20 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 202990] exp-build with WITH_OPENSSL_PORT=yes no-ssl2/no-ssl3 Message-ID: <bug-202990-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=202990 Bug ID: 202990 Summary: exp-build with WITH_OPENSSL_PORT=yes no-ssl2/no-ssl3 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Ports Framework Assignee: portmgr@FreeBSD.org Reporter: brnrd@freebsd.org CC: freebsd-ports-bugs@FreeBSD.org I'd like to request an exp-build with ports' SSL built without support for either SSLv2/SSLv3. Either WITH_OPENSSL_PORT=yes and security_openssl_UNSET+= SSL2 SSL3 or a build with LibreSSL 2.3 from https://reviews.freebsd.org/D3585 (my personal preference being the LibreSSL build as that has really _removed_ the SSLv3_ methods and structures). Purpose is to detect what ports require patching to build/run without SSLv3 and yes I'm volunteering to fix/patch these ports and upstream the result. I know that this has been requested before (https://bugs.freebsd.org/195796) but that was _before_ POODLE happened. Currently everyone has (or should) disable SSLv3 completely. I have a patched Apache lying around (would help with the # packages that will build). -- You are receiving this mail because: You are on the CC list for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-202990-13>