Hi I wonder should default value of TSSLContext.SslVersionMethod be also updated to be at least sslV3, or to sslTLS_V1
-----Original Message----- From: TWSocket [mailto:twsocket-boun...@lists.elists.org] On Behalf Of Angus Robertson - Magenta Systems Ltd Sent: March-03-16 11:52 AM To: twsocket@lists.elists.org Subject: [twsocket] OpenSSL 1.0.2g support OpenSSL has released new versions this week, ICS versions of OpenSSL 1.0.2g and 1.0.1s may be downloaded from: http://wiki.overbyte.be/wiki/index.php/ICS_Download These new OpenSSL versions fix several issues, the worst of which relate to the obsolete SSLv2 protocol which by default is no longer supported, also some old export, low and DES ciphers are removed. Because these new DLLs no longer export some SSLv2 functions, they can not be used with existing versions of ICS, V8.24 is needed which is available with the overnight V8 zip. If your ICS application still needs to support the obsolete SSLv2 protocol (which is open to malicious attacks), ICS V8.24 and later include a define OPENSSL_ALLOW_SSLV2 which must be enabled and the library rebuilt to allow SSLv2 methods to be specifically selected for older DLLs or new ones that specifically have obsolete SSLv2 support compiled. The ICS_Download page has two versions of each of the new DLLs, without and with SSLv2 and the later versions may be used with ICS V8.23 and earlier. It is not out intention to continue building the version with SSLv2, this is a stop gap to avoid rebuilding new applications. Angus -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
