On Mon 06 Apr 2020 at 11:34:05 +0200, Thomas Klausner wrote: > On Mon, Apr 06, 2020 at 11:28:35AM +0200, Rhialto wrote: > > I find myself compiling comms/kermit with the ssl option (because I have > > PKG_DEFAULT_OPTIONS += tls ssl) and it no longer compiles. > > > > There are patches for ssl already, but they seem to need some > > refreshing. I've put the exact errors I get below, but it seems to be > > mostly about deprecated types/functions. Is there any guidance somewhere > > on how to modernize openssl client programs? > > google has some options, e.g. this one: > > http://vega.pgw.jp/~kabe/vsd/migrate2openssl-1.1.html > > It's mostly mechanical but errors might have security impact, so you > should take care. I find that it tries to manage by itself the differences between SSL and TLS, and has lots of code to try it both ways... while the current openssl library (as I understand it) has a single method to try that automatically (using SSLv23_client_method() or SSLv23_server_method()). This is a bit of a mess, I get the urge to throw out all that duplicate code. But I only half (at most) know what I'm doing... > Thomas -Olaf. -- Olaf 'Rhialto' Seibert -- rhialto at falu dot nl ___ Anyone who is capable of getting themselves made President should on \X/ no account be allowed to do the job. --Douglas Adams, "THGTTG"
Attachment:
signature.asc
Description: PGP signature