Dear Scott,
--------------------------------------------
From: Scott Robison <[email protected]>
Sent: Mon, 15 Dec 2014 10:52:06 -0700
To: [email protected]
Subject: Re: [fossil-dev] Fossil-scm.org SSL login mismatch
On Mon, Dec 15, 2014 at 10:16 AM, jungle Boogie <[email protected]>
wrote:
Hi Scott,
On 5 December 2014 at 12:03, Scott Robison <[email protected]>
wrote:
I believe you can disable this in OpenSSL at configure / build time.
no-ssl2
& no-ssl3 are both options. If the library used doesn't support SSLvX
then
the application using it can't support it either.
Take a look at this patch:
http://www3.fossil-scm.org/site.cgi/vpatch?from=1f498a6ef26bb814&to=ea1d369d23c68f79
It would be great if this patch could be applied to disable ssl2 and ssl3.
Hopefully someone familiar with the code (DRH? Stephen? Bueller?) will take
a look and decide if this is appropriate / desirable. I'm too low on the
totem pole to make such decisions myself. :)
I'm lower! It would be really great if this could be implemented as ssl2 and 3
are dead, and we don't want it sticking around in a project that's alive!
SDR
Jungle
--
inum: 883510009027723
sip: [email protected]
xmpp: [email protected]
_______________________________________________
fossil-dev mailing list
[email protected]
http://sqlite.org:8080/cgi-bin/mailman/listinfo/fossil-dev
