Re: testing, upgrade of openssl libssl1.1 ( 1.1.0f-3 => 1.1.0f-4 )
-----BEGIN PGP SIGNED MESSAGE-----
On Tue, Sep 05, 2017 at 11:40:46PM +0200, Sven Hartge wrote:
> Michael Grant <email@example.com> wrote:
> > Is there something I can set on Debian side to force this newer
> > openssl to accept older 1.x connections?
> No, you can't.
> Kurt Roeckx, the DD maintaining OpenSSL, patched it in such a way that a
> program needs to call a special function of OpenSSL to override the
> default minimum TLS-version of TLS1.2.
> Problem is: next to no program implements this as of yet.
Isn't there any LD_PRELOAD    trick one could play? I mean
interposing something between the executable and the lib to slightly
modify the lib's default behaviour?
Sorry, I haven't the spare cycles ATM to give it a shot (although it
would be tempting...)
- -- t
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
-----END PGP SIGNATURE-----