Hi,
We are upgrading to OpenSSL 0.9.8zc on FreeBSD based OS to mitigate POODLE risk.
Could you please answer our following query,
Definition of a function ssl23_get_client_method() in C file
'openssl-0.9.8zc/ssl/s23_clnt.c' shows,
#ifndef OPENSSL_NO_SSL3
if (ver == SSL3_VERSION)
return(SSLv3_client_method());
#endifSo does this mean, 0.9.8zc needs to be built with -DOPENSSL_NO_SSL3 to block downgrading to SSLv3 in SSLv23_* functions ? Regards, Nimesh
