[Pkg-openssl-devel] Fwd: Bug#828422: links2: FTBFS with openssl 1.1.0
Axel Beckert
abe at debian.org
Tue Jun 28 00:16:38 UTC 2016
Hi Mikulas,
Mikulas Patocka wrote:
> I will release Links 2.13 soon, that will fix this problem.
Yay, thanks!
> If you need a quick fix, simply delete these lines from the file https.c:
> if (SSL_get_ssl_method(ssl) == SSLv2_client_method())
> return S_INSECURE_CIPHER;
I don't think it's that urgent, so I probably wait for 2.13.
> BTW. links verifies ssl certificates (since version 2.11), so it should
> depend on the "ca-certificates" package.
Good point, thanks!
> You can add it to the "Recommends" field, or maybe as a mandatory
> dependency.
Will check if it works without or not and choose accordingly.
> OpenSSL 1.0.2h in Debian Sid is compiled with SSLv2_client_method enabled
> and SSLv3_client_method disabled. Is it a configuration error? Why would
> anyone want to enable SSL2 and disable SSL3? I suppose that the older
> protocols should be disabled and newer protocols enabled.
No idea, Cc'ing Debian's OpenSSL team. They probably can tell.
Regards, Axel
--
,''`. | Axel Beckert <abe at debian.org>, http://people.debian.org/~abe/
: :' : | Debian Developer, ftp.ch.debian.org Admin
`. `' | 4096R: 2517 B724 C5F6 CA99 5329 6E61 2FF9 CD59 6126 16B5
`- | 1024D: F067 EA27 26B9 C3FC 1486 202E C09E 1D89 9593 0EDE
More information about the Pkg-openssl-devel
mailing list