On Thu, 16 Oct 2014, Florian Zumbiehl wrote:
[...]
I just wanted to point out that we still have a bunch of patches lying
around that among other things implement security improvements:
openssl: add support for TLS 1.1 and 1.2
openssl: add functions ssl-set-reneg-legacy-server-connect!,
ssl-set-no-compression!, and ssl-set-cipher-list!
openssl: add support for fetching the first finished message of the connection
openssl: add ssl-connect-fd
[...]
Hello Florian,
thanks for the heads up, I had totally forgotten about these patches. Can
they be found somewhere online? I'd like to take a look again, perhaps
they aren't that hard to incorporate.
Incidentally I just added a ssl-set-cipher-list! to the trunk of the egg
as well, since I thought this would really be useful to strengthen
security.
Ciao,
Thomas
--
When C++ is your hammer, every problem looks like your thumb.
_______________________________________________
Chicken-users mailing list
Chicken-users@nongnu.org
https://lists.nongnu.org/mailman/listinfo/chicken-users
