[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Lynx-dev] SSLv23 method gone now

From: Thorsten Glaser
Subject: Re: [Lynx-dev] SSLv23 method gone now
Date: Tue, 19 May 2015 15:04:57 +0000 (UTC)

Gisle Vanem dixit:

> +#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)

No. The change is not a property of the version number.
I have OpenSSL 0.9.7 (plus patches…) without SSLv{2,3}.

Index: HTTP.c
RCS file: /cvs/src/gnu/usr.bin/lynx/WWW/Library/Implementation/HTTP.c,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -p -r1.26 -r1.27
--- HTTP.c      13 Mar 2014 04:46:43 -0000      1.26
+++ HTTP.c      4 Jan 2015 22:24:27 -0000       1.27
@@ -124,7 +124,11 @@ SSL *HTGetSSLHandle(void)
+#if defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3)
+       ssl_ctx = SSL_CTX_new(TLSv1_client_method());
        ssl_ctx = SSL_CTX_new(SSLv23_client_method());
        SSL_CTX_set_options(ssl_ctx, ssl_opts);
        SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER, HTSSLCallback);

This should do the trick.

(gnutls can also be used, but if you are compiling lynx for your own use,
there is no reason to consider using that package)
        -- Thomas E. Dickey on the Lynx mailing list, about OpenSSL

reply via email to

[Prev in Thread] Current Thread [Next in Thread]