mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-11-15 14:56:13 +01:00
80a315ffb6
SSLv3 has been deprecated since 2015 (and broken since 2014: "POODLE"); it should not have shipped in FreeBSD 11 (2016) or 12 (2018). No one should use it, and if they must, they can use some implementation outside of base. There are three symbols removed with OPENSSL_NO_SSL3_METHOD: SSLv3_client_method SSLv3_method SSLv3_server_method These symbols exist to request an explicit SSLv3 connection to a server. There is no good reason for an application to link or invoke these symbols instead of TLS_method(), et al (née SSLv23_method, et al). Applications that do so have broken cryptography. Define these symbols for some pedantic definition of ABI stability, but remove the functionality again (r361392) after r362620. Reviewed by: gordon, jhb (earlier-but-equivalent version both) Discussed with: bjk, kib Differential Revision: https://reviews.freebsd.org/D25493 |
||
---|---|---|
.. | ||
caroot | ||
lib | ||
libexec | ||
tests | ||
usr.bin | ||
usr.sbin | ||
Makefile | ||
Makefile.inc |