Bug 225949 - Base openssl is inconsistent in handling SSLv3
Summary: Base openssl is inconsistent in handling SSLv3
Status: New
Alias: None
Product: Base System
Classification: Unclassified
Component: misc (show other bugs)
Version: 11.1-RELEASE
Hardware: Any Any
: --- Affects Some People
Assignee: freebsd-bugs mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2018-02-16 10:53 UTC by bc979
Modified: 2018-02-16 10:53 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description bc979 2018-02-16 10:53:25 UTC
/usr/include/openssl/ssl.h includes the line
#define OPENSSL_NO_SSL2
As a result, the SSLv2 features are not available and are not in the man file.

However, there is no equivalent for SSL3.  OPENSSL_NO_SSL3 is not defined anywhere.  Thus the SSLv3 functions like SSLv3_server_method should be available.  However, they do not appear in the man pages and cannot be linked to.  As a result, qpopper will not properly build on 11.1-RELEASE.

The interesting aspect of this is ssl.h does include the defines for the server methods if OPENSSL_NO_SSL2_METHOD or OPENSSL_NO_SSL3_METHOD is not defined.  I think at least the SSLv3_server_method (and client_method) should be linkable.