"Unsafe for SAFESEH" is a completely different error:
It means that at least one file or library in your program was either
not compiled with the /SAFESEH switch or is an assembler module without
the magic incantation to tell the linker it contains no Structured
Exeption Handlers.In either case, it only occurs if you try to link with
the /SAFESEH linker switch despite the inclusion of such object file(s).
On 27/06/2016 22:08, Tony Girgenti wrote:
Michael,
Thank you for your explanation of where my program is and what I
should do to continue using some kind of SSL.
I first need to figure out how this program uses SSL. Then I can go
ahead and try to use TLSv1.2.
I did try to use "SSLv23_client_method" and got the same compile error
“LNK2026 module unsafe for SAFESEH image.”.
*From:* openssl-users [mailto:openssl-users-boun...@openssl.org] *On
Behalf Of *Michael Wojcik
*Sent:* Monday, June 27, 2016 3:50 PM
*To:* openssl-users@openssl.org
*Subject:* Re: [openssl-users] Getting error 'SSLv2_client_method':
identifier not found
SSLv2 is no longer supported, and neither are the SSLv2_*_method
calls. (And yes, this causes build problems when updating to newer
OpenSSL builds; and while that causes some pain, it was the Right
Thing to do.)
As Rich said, don't use SSLv2. Don't use SSLv3. If you can help it,
don't use anything older than TLSv1.2.
The simplest fix is to change "SSLv2_client_method" to
"SSLv23_client_method". (Inserting a single character; can't get much
simpler than that.) But since you really don't want to talk to a
server that only supports SSLv3, you might as well use
TLSv1_client_method instead, or even better TLSv1_2_client_method.
Since we have no idea what your program does, or what it has to
interoperate with, we can't offer any more-specific advice.
SSLv23_client_method will use the old SSL-format ClientHello, but will
(barring more-restrictive options set using SSL_CTX_set_options or
similar) use later protocol versions for the actual conversation if
the server supports them.
All that said, by far the best approach is to learn how TLS and
OpenSSL work, so you can make an informed decision. TLS is agonizingly
complicated and a minefield of security holes, and TLS applications
maintained by people who don't have the necessary specialized
knowledge are very likely to be severely insecure. For example, they
may try to use SSLv2, which has been broken for a couple of decades.
(That is, it's been broken for as long as it existed, but it's been
widely known to be broken since the mid-1990s.)
Feistyduck.com has a free "OpenSSL cookbook" ebook which is a decent
introduction.
*From:*openssl-users [mailto:openssl-users-boun...@openssl.org] *On
Behalf Of *Tony Girgenti
*Sent:* Monday, June 27, 2016 13:09
*To:* openssl-users@openssl.org <mailto:openssl-users@openssl.org>
*Subject:* [openssl-users] Getting error 'SSLv2_client_method':
identifier not found
Hello,
I migrated a Visual Studio 6.0 C++ program to Visual Studio 2015 C++.
The program uses OpenSSL. I have downloaded and installed
OpenSSL-Win32 version 1.0.2g.
I’m trying to figure what I need to do to fix the error I am getting
on this line: m_pSSLctx = SSL_CTX_new(SSLv2_client_method());
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
