On Thu, 4 Dec 2014 10:57:11 +0100 Kurt Roeckx wrote:
It seems *TLS*_VERSION constants are meant to be used to set
minimum / maximum. A drawback of such approach is that
applications need to be recompiled and/or modified when OpenSSL is
updated with support for newer protocol version, if
On Fri, Dec 05, 2014 at 02:14:54PM +0100, Tomas Hoger wrote:
On Thu, 4 Dec 2014 10:57:11 +0100 Kurt Roeckx wrote:
It seems *TLS*_VERSION constants are meant to be used to set
minimum / maximum. A drawback of such approach is that
applications need to be recompiled and/or modified when
|What is the SECLEVEL you refer to? I had a quick look at SSL_CONF API
|pointed out by Stephen.[.]
|
I did too. Attached a doc patch (against 1.0.2) to match code
reality. Fixes linking for me.
--steffen
diff --git a/doc/ssl/SSL_CONF_cmd.pod b/doc/ssl/SSL_CONF_cmd.pod
index
On Wed, 3 Dec 2014 22:55:06 +0100 Kurt Roeckx wrote:
This is an initial patch to support being able to set the minimum
and maximum protocol version. The patch is currently untested,
that will happen as I rewrite other things. But I'm looking for
feedback.
It seems *TLS*_VERSION constants
On Thu, Dec 04, 2014 at 10:16:47AM +0100, Tomas Hoger wrote:
On Wed, 3 Dec 2014 22:55:06 +0100 Kurt Roeckx wrote:
This is an initial patch to support being able to set the minimum
and maximum protocol version. The patch is currently untested,
that will happen as I rewrite other things.
On Thu, Dec 04, 2014, Tomas Hoger wrote:
On Wed, 3 Dec 2014 22:55:06 +0100 Kurt Roeckx wrote:
Maybe applications may benefit from an API where they can pass string
set by the end user and let OpenSSL parse version number from that.
If mod_ssl had configuration directives as SSLProtocolMin
Hello,
Dr. Stephen Henson st...@openssl.org wrote:
|On Thu, Dec 04, 2014, Tomas Hoger wrote:
| On Wed, 3 Dec 2014 22:55:06 +0100 Kurt Roeckx wrote:
| Maybe applications may benefit from an API where they can pass string
| set by the end user and let OpenSSL parse version number from that.
|