The new OpenSSL 1.0.2b and 1.0.1n versions lasted one day, and were replaced with 1.0.2c and 1.0.1o to fix a bug, which may be downloaded from:
http://wiki.overbyte.be/wiki/index.php/ICS_Download They can be used with ICS V8 releases later than 25th March 2015 that relax the check for minor versions of OpenSSL, to avoid rebuilding projects. Note that one of the security fixes increases the minimum SSL server DH Param key length to 768 bits, which means use of the 512 bit key which is currently the default in ICS will give this error: SSL Handshake Failed - error:14082174:SSL routines:ssl3_check_cert_and_algorithm:dh key too small If you use a DH Param key file, to enable DH or ECDH key exchange, you will need use the 1024 bit or larger keys files. This only effects SSL servers, not SSL clients. My pending list still has ICS SSL improvements to support embedding SSL files in the application, and support for multiple DH Param key sizes, hopefully to be done by late July. Angus -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
