ERR_GET_FUNC was blocking this for me on FreeBSD 13 with OpenSSL 3.0 from ports.
Warning in build logs, but failure at runtime
ssl_engine_init.c:1375:22: warning: implicit declaration of function
'ERR_GET_FUNC' is invalid in C99 [-Wimplicit-function-declaration]
&&
Just tested this branch with OpenSSL 1.1.1p9. Haven't found issues yet.
> Listen 42002 https
> SSLHonorCipherOrder on
> SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
Server error.log
> AH00489: Apache/2.4.35-dev (FreeBSD) OpenSSL/1.1.1-pre9 configured --
> resuming normal operations
client
Hi All,
I've received a patch from the LibreSSL devs via mail. That resolves
the renegotiation issue. Patch is awaiting review, I expect it to land
in the LibreSSL repo soon.
Cheers, Bernard.
On Mon, Sep 3, 2018 at 1:36 PM Stefan Eissing
wrote:
>
> Speaking of SSL and rare renegotiation setups:
:00 William A Rowe Jr <wr...@rowe-clan.net>:
> On Sun, Apr 8, 2018 at 11:37 AM, Bernard Spil <br...@freebsd.org> wrote:
>> Hi Stefan, Mario,
>>
>> I saw that 2.5.1-dev was tagged, is another release coming some time soon?
>
> Worried me enough to look; http://sv
both do not on my MacOS desktop.
>
> Cheers,
>
> Stefan
>
>> Am 31.03.2018 um 22:42 schrieb Bernard Spil <br...@freebsd.org>:
>>
>> I'm running an Apache 2.5.1 snapshot from 2018-03-30 linked against
>> 1.1.1-pre3 from 2018-03-20 (AKA beta 1).
>>
&g
I'm running an Apache 2.5.1 snapshot from 2018-03-30 linked against
1.1.1-pre3 from 2018-03-20 (AKA beta 1).
If I connect to Apache with openssl 1.1.1 it makes a TLSv1.3
connection. Qualys SSLLabs doesn't see the TLSv1.3 at all.
Additionally, Apache doesn't start when SSLOpenSSLConfCmd is used
Hi Stefan,
Submitted a PR with changes required to build with LibreSSL 2.6 and
2.7 https://bz.apache.org/bugzilla/show_bug.cgi?id=62236
Cheers, Bernard.
2018-03-31 10:34 GMT+02:00 Bernard Spil <br...@freebsd.org>:
> Hi Stefan,
>
> Sure I'm here :D Have been the maintainer of the
Hi Stefan,
Sure I'm here :D Have been the maintainer of the LibreSSL ports in
FreeBSD for a good while and more recently joined the apache@ team.
I'll let you know my results. I have an OpenSSL 1.1.1 port in the
making so I can test all of this long before it lands in a release.
Cheers,
Naturally, there was something I saw in the archives I want to react
upon, even if not a vote...
I am also the maintainer of the OpenSSL (and LibreSSL) ports for
FreeBSD and am the author of many patches for LibreSSL, No-SSLv2,
No-SSLv3 for upstream projects.
I was searching for the rationale to
in the
changelog...
Cheers, Bernard Spil.
10 matches
Mail list logo