Hi, On Sun, 13 Oct 2019, Samuel Henrique wrote: > You see, o-saft needs an old version of openssl to be able to check for > old ssl things (ciphers etc.). > > I know there has been some talk about getting an "openssl-insecure" > package for the testssl.sh[0] package for the same reason. I think we > should rather talk with upstream and propose some bundling of this > required version of openssl into o-saft.
FWIW, another upstream with similar needs created "unsafeopenssl" and we packaged it in Kali: http://pkg.kali.org/pkg/unsafeopenssl It's basically openssl 1.0 with the build system tweaked to create the library under another name. Beware that those changes are currently made in debian/rules (in the kali/master branch) and are not part of the master branch which just has plain openssl: https://github.com/gremwell/unsafeopenssl-pkg-deb Cheers, -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: https://www.freexian.com/services/debian-lts.html Learn to master Debian: https://debian-handbook.info/get/
