English 中文(简体)
编码/配置开放式服务器,以达到最大兼容性
原标题:Coding/configuring an OpenSSL server for maximum compatibility

I am coding an SSL server in C + OpenSSL. This is pretty straightforward, and there are lots of examples to follow.

However, I need to interoperate with a broad range of legacy clients, some of which are really old, and have a variety of bugs which prevent SSL negotiation from working. Reaching the users of these clients to have them upgrade is impractical at best.

SSL_CTX_set_options(ctx, SSL_OP_ALL);

......帮助,但还有一些客户可以建立特别后勤联系。

我可以采取哪些其他措施使开放式特别安全区尽可能相互操作?

(一个有问题的客户是“视窗”的Kermit95——2003年汇编成册,我认为安装名录中有校正。) 虽然凯尔米特95来源现已自由,但即便是维护者也不知道如何在视窗上建造它。

最佳回答

我知道,有一些事情提高了开放式特别安全局的互操作性。

  1. Use "ALL" or maybe "ALL:EXPORT:LOW". I haven t checked if ALL really does mean ALL.
  2. There is a compile-time option to re-enable EXPORT56 ciphers in openSSL. You will have to set TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES to 1 in ssl/tls1.h. By default they are disabled
  3. Some binary distributions including RedHat s leave out any ciphers that have patent issues.
  4. The experimental ciphers are likely to require a 512 bit RSA key. See sample code here: http://www.openssl.org/docs/ssl/SSL_CTX_set_tmp_rsa_callback.html

基本答案——编辑你自己的开放式特别生活!

时间:2011-10-12 15:02:18
问题回答

暂无回答


上一篇:
下一篇:


相关问题
Fastest method for running a binary search on a file in C?

For example, let s say I want to find a particular word or number in a file. The contents are in sorted order (obviously). Since I want to run a binary search on the file, it seems like a real waste ...

时间:2009-11-13 04:56:58 回答:7 展示:1
Print possible strings created from a Number

Given a 10 digit Telephone Number, we have to print all possible strings created from that. The mapping of the numbers is the one as exactly on a phone s keypad. i.e. for 1,0-> No Letter for 2->...

时间:2009-11-13 04:24:12 回答:3 展示:1
Tips for debugging a made-for-linux application on windows?

I m trying to find the source of a bug I have found in an open-source application. I have managed to get a build up and running on my Windows machine, but I m having trouble finding the spot in the ...

时间:2009-11-13 04:02:50 回答:4 展示:1
Trying to split by two delimiters and it doesn t work - C

I wrote below code to readin line by line from stdin ex. city=Boston;city=New York;city=Chicago and then split each line by ; delimiter and print each record. Then in yet another loop I try to ...

时间:2009-11-13 03:45:11 回答:4 展示:1
Good, free, easy-to-use C graphics libraries? [closed]

I was wondering if there were any good free graphics libraries for C that are easy to use? It s for plotting 2d and 3d graphs and then saving to a file. It s on a Linux system and there s no gnuplot ...

时间:2009-11-09 15:25:34 回答:8 展示:1
Encoding, decoding an integer to a char array

Please note that this is not homework and i did search before starting this new thread. I got Store an int in a char array? I was looking for an answer but didn t get any satisfactory answer in the ...

时间:2009-11-09 14:38:59 回答:10 展示:1
热门标签

友情链接

Allggapp Alljchome-教程家园 mvfinale.com-影视剧情大结局大全