diff --git a/openssl-bins/openssl-1.0.2-chacha.pm/Readme.md b/openssl-bins/openssl-1.0.2-chacha.pm/Readme.md index 10b363f..874ae6d 100644 --- a/openssl-bins/openssl-1.0.2-chacha.pm/Readme.md +++ b/openssl-bins/openssl-1.0.2-chacha.pm/Readme.md @@ -4,11 +4,11 @@ Instructions ============ The precompiled binaries provided here have extended support for everything -which is normally not configured to be compiled (56 Bit, some other -old ciphers) and come with extended support for new cipher suites and/or +which is normally not configured to be compiled (56 Bit, export/ANOn ciphers, SSLv2 etc.) +The bninraies come also with extended support for new cipher suites and/or features which are not yet in the official branch. -They are all compiled from an OpenSSL 1.0.2 fork +The binaries in this directory are all compiled from an OpenSSL 1.0.2 fork from Peter Mosmans. He has patched the master git branch to support CHACHA20 + POLY1305 and other ciphers (like CAMELIA 256 Bit). @@ -16,22 +16,23 @@ CHACHA20 + POLY1305 cipher suites from the official git repo didn't work for me work correctly, it's also likely they'll disappear shortly (https://www.mail-archive.com/openssl-dev@openssl.org/msg34756.html). -Pls note bug #38 (https://github.com/drwetter/testssl.sh/issues/38) +*Pls note bug [#38](https://github.com/drwetter/testssl.sh/issues/38) = bug [#6](https://github.com/PeterMosmans/openssl/issues/5): False negatives for 40Bit and export ciphers.* + +Workaround: use the binaries from the vanilla tree, see https://github.com/drwetter/testssl.sh/openssl-bins/openssl-1.0.2-vanilla. + General ------- Both 64+32 bit versions were compiled under Ubuntu 12.04 LTS. Likely you cannot use older distributions, younger should work. I provide for each distributions two sets of binaries: -* statically linked binaries (except a few libs which are nowadays difficult to statically link) +* statically linked binaries * dynamically linked binaries with MIT Kerberos support ("krb5" in the name) For the latter you need a whopping bunch of kerberos libraries which you maybe need to install from your distributor (libgssapi_krb5, libkrb5, libcom_err, libk5crypto, libkrb5support, libkeyutils). For the 'static' binaries kerberos is not compiled in, so that's is not needed. -All binaries are signed with my gpg key (.asc files). - Compilation instructions ------------------------