The key thing to do is to make those client applications not request the
ssl23-method from OpenSSL 0.9.x .
ssl23 explicitly requests this backward-compatibility feature while
OpenSSL 3.x.x apparently deleted the
ability to respond to this "historic" TLS hello format, which is also
sent by some n
On 06/08/2020 22:17, Quanah Gibson-Mount wrote:
--On Thursday, August 6, 2020 1:21 PM -0700 Dan Kegel
wrote:
lists 861 packages, belonging to something like 400 projects, that
depend
on openssl
Unfortunately, due to Debian's odd take on the OpenSSL license, many
projects that can u
Hello,
New to this list. I am looking at compiling OpenSSL 1.1.1. on OS/2 with
GCC. Would OpenSSL be willing to accept patches to re-enable OS/2 in the
OpenSSL ?
Best regards,
Roderick Klein
President OS/2 VOICE
Sadly, I need to be able to test some KTLS changes I have in FreeBSD
that support legacy clients still using TLS 1.0. After seeing the note
in CHANGES.md about TLS 1.0 signature algs no longer being permitted
in the default security level, I tried using '-auth_level=0' to lower
the security level,
