On Mon, 2020-05-11 at 13:37 -0700, Benjamin Kaduk via openssl-users
wrote:
> On Tue, May 12, 2020 at 05:22:29AM +0900, NAKANO Takuho wrote:
> > 2020年5月12日(火) 0:31 Benjamin Kaduk :
> >
> > > OS-vendor customization
> >
> > Thank you. That's very helpful. I get how to configure (but don't
> > know
> https://src.fedoraproject.org/rpms/openssl/blob/master/f/openssl-1.1.1-system-cipherlist.patch
> suggests (the ssl.h chunk) that this patch does force the use of the "system
> profile" as the default cipher list.
https://src.fedoraproject.org/rpms/openssl/blob/master/f/openssl.spec
"./Configure"
On Tue, May 12, 2020 at 05:22:29AM +0900, NAKANO Takuho wrote:
> 2020年5月12日(火) 0:31 Benjamin Kaduk :
>
> > OS-vendor customization
>
> Thank you. That's very helpful. I get how to configure (but don't know
> why...).
>
> On CentOS 8:
> First result of SSL_CTX_get_security_level depends on
> A:
2020年5月12日(火) 0:31 Benjamin Kaduk :
>
> On Mon, May 11, 2020 at 05:01:27PM +0900, NAKANO Takuho wrote:
> > Hello,
> >
> > I've found SSL_CTX_set_ssl_version changes security level:
> >
> > =
> > int main(void){
> > int i;
>
On Mon, May 11, 2020 at 05:01:27PM +0900, NAKANO Takuho wrote:
> Hello,
>
> I've found SSL_CTX_set_ssl_version changes security level:
>
> =
> int main(void){
> int i;
> struct ssl_ctx_st *ctx = SSL_CTX_new(SSLv23_method());
>
> printf("secleve
Hello,
I've found SSL_CTX_set_ssl_version changes security level:
=
int main(void){
int i;
struct ssl_ctx_st *ctx = SSL_CTX_new(SSLv23_method());
printf("seclevel: %d\n", SSL_CTX_get_security_level(ctx));
// 0--5 any
i = SSL_CTX_set_ssl_version(ctx, SSLv2