Re: SSL_CTX_set_ssl_version changes security level

On Mon, 2020-05-11 at 13:37 -0700, Benjamin Kaduk via openssl-users wrote: > On Tue, May 12, 2020 at 05:22:29AM +0900, NAKANO Takuho wrote: > > 2020年5月12日(火) 0:31 Benjamin Kaduk : > > > > > OS-vendor customization > > > > Thank you. That's very helpful. I get how to configure (but don't > > know

Re: SSL_CTX_set_ssl_version changes security level

> https://src.fedoraproject.org/rpms/openssl/blob/master/f/openssl-1.1.1-system-cipherlist.patch > suggests (the ssl.h chunk) that this patch does force the use of the "system > profile" as the default cipher list. https://src.fedoraproject.org/rpms/openssl/blob/master/f/openssl.spec "./Configure"

Re: SSL_CTX_set_ssl_version changes security level

On Tue, May 12, 2020 at 05:22:29AM +0900, NAKANO Takuho wrote: > 2020年5月12日(火) 0:31 Benjamin Kaduk : > > > OS-vendor customization > > Thank you. That's very helpful. I get how to configure (but don't know > why...). > > On CentOS 8: > First result of SSL_CTX_get_security_level depends on > A:

Re: SSL_CTX_set_ssl_version changes security level

2020年5月12日(火) 0:31 Benjamin Kaduk : > > On Mon, May 11, 2020 at 05:01:27PM +0900, NAKANO Takuho wrote: > > Hello, > > > > I've found SSL_CTX_set_ssl_version changes security level: > > > > = > > int main(void){ > > int i; >

Re: SSL_CTX_set_ssl_version changes security level

On Mon, May 11, 2020 at 05:01:27PM +0900, NAKANO Takuho wrote: > Hello, > > I've found SSL_CTX_set_ssl_version changes security level: > > = > int main(void){ > int i; > struct ssl_ctx_st *ctx = SSL_CTX_new(SSLv23_method()); > > printf("secleve

SSL_CTX_set_ssl_version changes security level

Hello, I've found SSL_CTX_set_ssl_version changes security level: = int main(void){ int i; struct ssl_ctx_st *ctx = SSL_CTX_new(SSLv23_method()); printf("seclevel: %d\n", SSL_CTX_get_security_level(ctx)); // 0--5 any i = SSL_CTX_set_ssl_version(ctx, SSLv2