Bug 225949

Summary: Base openssl is inconsistent in handling SSLv3
Product: Base System Reporter: bc979
Component: miscAssignee: freebsd-bugs (Nobody) <bugs>
Status: New ---    
Severity: Affects Some People CC: pstef
Priority: ---    
Version: 11.1-RELEASE   
Hardware: Any   
OS: Any   

Description bc979 2018-02-16 10:53:25 UTC 
/usr/include/openssl/ssl.h includes the line
#define OPENSSL_NO_SSL2
As a result, the SSLv2 features are not available and are not in the man file.

However, there is no equivalent for SSL3.  OPENSSL_NO_SSL3 is not defined anywhere.  Thus the SSLv3 functions like SSLv3_server_method should be available.  However, they do not appear in the man pages and cannot be linked to.  As a result, qpopper will not properly build on 11.1-RELEASE.

The interesting aspect of this is ssl.h does include the defines for the server methods if OPENSSL_NO_SSL2_METHOD or OPENSSL_NO_SSL3_METHOD is not defined.  I think at least the SSLv3_server_method (and client_method) should be linkable.
Comment 1 Piotr Pawel Stefaniak freebsd_committer freebsd_triage 2021-10-09 16:58:09 UTC 
I can't find OPENSSL_NO_SSL2 anywhere in the file or its history. If you mean SSL_OP_NO_SSLv2 then that's been disabled in all supported branches.