SSL/TLS parameters used in Bro, Broccoli

Hilko_Bengen · November 5, 2015, 4:22pm

Hi,

in Debian/unstable (and probably elsewhere) support for SSLv3 has been
dropped: SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()
are no longer available. This leads to build failures with at least bro
and broccoli (see
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=804104).

What should SSLv3_method() in SSL_CTX_new(SSLv3_method()) be replaced
with? Would SSLv23_method() which is still available and (according to
the OpenSSL documentation) means support for SSLv2, 3 and TLSv1, 1.1,
1.2 appropriate?

Cheers,
-Hilko

Seth_Hall3 · November 5, 2015, 5:09pm

We have a ticket related to this:
https://bro-tracker.atlassian.net/browse/BIT-1499

.Seth

Hilko_Bengen · November 5, 2015, 5:19pm

* Seth Hall:

We have a ticket related to this:
[BIT-1499] - Bro Tracker

Alright, I will be using those patches for the Debian packages of bro
and broccoli.

Thank you for answering so quickly!

Cheers,
-Hilko

Topic		Replies	Views
Bro communication via SSL Zeek	4	45	May 6, 2022
SSL for FreeBSD/bro Zeek	5	77	May 6, 2022
Potential of including TLSv1.3 support in Bro 2.5 Development development	8	61	May 6, 2022
BroPing Connection Failure Zeek	11	79	May 6, 2022
Bro and OpenSSL 1.1 Zeek	4	62	May 6, 2022

SSL/TLS parameters used in Bro, Broccoli

Related Topics