On Tue, Oct 16, 2007 at 01:54:44AM +0200, Dr. Stephen Henson wrote: > On Mon, Oct 15, 2007, Kurt Roeckx wrote: > > > Hi, > > > > The security announcement had this in it: > > > Recommendation > > > -------------- > > > > > > Either > > > > > > a) Upgrade to the latest version of OpenSSL (0.9.8f) and rebuild all > > > packages using OpenSSL for DTLS. > > > > > > or, > > > > > > b) Disable DTLS. > > > > How do I disable DTLS? > > > > Is there an easy way I can build the library so that DTLS is not > > supported? > > > > Upgrading to 0.9.8f is not an option, and I want to make sure > > that no application can use DTLS. > > > > Try no-dtls as an option to the configuration script.
Adding no-dtls1 would disable it in s_client and s_server, but I see no other things that get disabled. The library is still exactly the same. Kurt ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
