|
From: | Thomas Chust |
Subject: | Re: [Chicken-users] OpenSSL egg option defaults poll |
Date: | Thu, 16 Oct 2014 17:21:26 +0200 (CEST) |
User-agent: | Alpine 2.03 (LNX 1266 2009-07-14) |
On Thu, 16 Oct 2014, Florian Zumbiehl wrote:
[...] I just wanted to point out that we still have a bunch of patches lying around that among other things implement security improvements: openssl: add support for TLS 1.1 and 1.2 openssl: add functions ssl-set-reneg-legacy-server-connect!, ssl-set-no-compression!, and ssl-set-cipher-list! openssl: add support for fetching the first finished message of the connection openssl: add ssl-connect-fd [...]
Hello Florian,thanks for the heads up, I had totally forgotten about these patches. Can they be found somewhere online? I'd like to take a look again, perhaps they aren't that hard to incorporate.
Incidentally I just added a ssl-set-cipher-list! to the trunk of the egg as well, since I thought this would really be useful to strengthen security.
Ciao, Thomas -- When C++ is your hammer, every problem looks like your thumb.
[Prev in Thread] | Current Thread | [Next in Thread] |