[Pkg-ace-devel] SSLv2
Pau Garcia i Quiles
pgquiles at elpauer.org
Tue Apr 26 22:10:03 UTC 2011
On Tue, Apr 26, 2011 at 10:54 AM, Johnny Willemsen <jwillemsen at remedy.nl> wrote:
> Hi,
>
>> Given that ACE already supports SSLv2, I am now looking into disabling
>> the SSLv2 code in ACE 6.0.2 to get it to build on Wheezy. Johnny, do
>> you have any plans on this matter?
>
> Not a this moment. I assume you mean that ACE supports SSLv3 and want to
> disable SSLv2?
Yes, I mean exactly that.
I am using this patch:
https://alioth.debian.org/plugins/scmgit/cgi-bin/gitweb.cgi?p=pkg-ace/pkg-ace.git;a=blob_plain;f=debian/patches/35_disable_sslv2.dpatch;hb=HEAD
to do that in 6.0.1 and 6.0.2. I think I am not breaking anything,
apart from SSLv2 not working anymore, which might lead to some
interoperability problems.
I don't know if we should add a note in README.Debian saying we have
removed SSLv2 support because it's insecure. I'm all in favor of it,
but SSLv2 has been removed everywhere in Debian, so I'm not sure it
makes sense to add to ACE a note that should actually be
Debian-global.
--
Pau Garcia i Quiles
http://www.elpauer.org
(Due to my workload, I may need 10 days to answer)
More information about the Pkg-ace-devel
mailing list