On Dec 21, 2004, at 1:03 PM, Sander Temme wrote:
On Dec 21, 2004, at 11:21 AM, William A. Rowe, Jr. wrote:
Can we use a separate flag to specific protocol version?
To address both your and André's response, yes we can. I even found an unused letter that makes sense: -m for 'method'. And yes, I'll do a 2.1 patch. The reason my personal itch was with the 1.3 ab is that it defaults to SSLv2 and my company's product doesn't support SSLv2.
Now that the holidays are over:
<Tickle>
If we (as a community) don't want to put that kind of work into ab, especially 1.3 ab, I totally understand. In that case, I would like you to consider the following one-line patch that just makes ab negotiate the highest SSL version available rather than finding itself stuck at the obsolete SSL version 2:
Index: src/support/ab.c =================================================================== --- src/support/ab.c (revision 124022) +++ src/support/ab.c (working copy) @@ -1655,7 +1655,7 @@
#ifdef USE_SSL SSL_library_init(); - if (!(ctx = SSL_CTX_new(SSLv2_client_method()))) { + if (!(ctx = SSL_CTX_new(SSLv23_client_method()))) { fprintf(stderr, "Could not init SSL CTX: "); ERR_print_errors_fp(stderr); exit(1);
Thanks!
S.
-- [EMAIL PROTECTED] http://www.temme.net/sander/ PGP FP: 51B4 8727 466A 0BC3 69F4 B7B8 B2BE BC40 1529 24AF
smime.p7s
Description: S/MIME cryptographic signature