[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [request-for-help] o-saft maintenance and openssl

Hi Robert, 
thanks for the information. I will try that on my kali and check if it works
and also Net::SSLeay can be compiled against it it.

Next challenge (for me) is to use it together with an TLSv3-enabled openssl ...

Ciao
Achim

Am 06.11.19 um 10:49 schrieb Raphael Hertzog:
> Hi,
> 
> On Sun, 13 Oct 2019, Samuel Henrique wrote:
>> You see, o-saft needs an old version of openssl to be able to check for
>> old ssl things (ciphers etc.).
>>
>> I know there has been some talk about getting an "openssl-insecure"
>> package for the testssl.sh[0] package for the same reason. I think we
>> should rather talk with upstream and propose some bundling of this
>> required version of openssl into o-saft.
> 
> FWIW, another upstream with similar needs created "unsafeopenssl"
> and we packaged it in Kali:
> http://pkg.kali.org/pkg/unsafeopenssl
> 
> It's basically openssl 1.0 with the build system tweaked to create
> the library under another name. Beware that those changes are currently
> made in debian/rules (in the kali/master branch) and are not part of the
> master branch which just has plain openssl:
> https://github.com/gremwell/unsafeopenssl-pkg-deb
> 
> Cheers,
>
Reply to: