Merge branch 'master' of github.com:drwetter/testssl.sh

This commit is contained in:
Dirk 2015-05-12 13:38:20 +02:00
commit 7614ac6f87

View File

@ -1,15 +1,15 @@
Instructions Compiling and Usage Instructions
============ ================================
The precompiled binaries provided here have extended support for everything The precompiled binaries provided here have extended support for everything
which is normally not configured to be compiled (40+56 Bit, export/ANON ciphers, which is normally not configured to be compiled (40+56 Bit, export/ANON ciphers,
SSLv2 etc.). The binaraies come also with extended support for new cipher suites SSLv2 etc.). The binaries also come with extended support for new cipher suites
and/or features which are not yet in the official branch. and/or features which are not (yet?) in the official branch.
The binaries in this directory are all compiled from an OpenSSL 1.0.2 fork The binaries in this directory are all compiled from an OpenSSL 1.0.2 fork
from Peter Mosmans. He has patched the master git branch from Peter Mosmans. He has patched the master git branch
to support CHACHA20 + POLY1305 and other ciphers (like CAMELIA 256 Bit). to support CHACHA20 + POLY1305 and other ciphers like CAMELIA 256 Bit.
CHACHA20 + POLY1305 cipher suites from the official git repo didn't CHACHA20 + POLY1305 cipher suites from the official git repo didn't
work for me work correctly, it's also likely they'll disappear shortly work for me work correctly, it's also likely they'll disappear shortly
@ -20,13 +20,12 @@ General
------- -------
Both 64+32 bit versions were compiled under Ubuntu 12.04 LTS. Likely you Both 64+32 bit versions were compiled under Ubuntu 12.04 LTS. Likely you
cannot use older distributions, younger should work. I provide for each cannot use older distributions, younger worked in my test environments. I provide
distributions two sets of binaries: for each distributions two sets of binaries:
* completely statically linked binaries * completely statically linked binaries
* dynamically linked binaries with MIT Kerberos support ("krb5" in the name). * dynamically linked binaries, additionally with MIT Kerberos support ("krb5" in the name).
They provide additionally KRB5-* and EXP-KRB5-* support (in OpenSSL They provide also KRB5-* and EXP-KRB5-* support (in OpenSSL terminology, see krb5-ciphers.txt).
terminology, see krb5-ciphers.txt).
For the latter you need a whopping bunch of kerberos runtime libraries which you maybe need to For the latter you need a whopping bunch of kerberos runtime libraries which you maybe need to
install from your distributor (libgssapi_krb5, libkrb5, libcom_err, libk5crypto, libkrb5support, install from your distributor (libgssapi_krb5, libkrb5, libcom_err, libk5crypto, libkrb5support,
@ -76,8 +75,8 @@ If you want to compile OpenSSL yourself, here are the instructions:
Don't use -DTEMP_GOST_TLS, it currently breaks things and it is not needed for general GOST [1] support. Don't use -DTEMP_GOST_TLS, it currently breaks things and it is not needed for general GOST [1] support.
If you don't have / don't want Kerberos libraries and devel rpms/debs, omit "--with-krb5-flavor=MIT" (see examples). So the difference ypu maybe spotted: If you don't have / don't want Kerberos libraries and devel rpms/debs, omit "--with-krb5-flavor=MIT" (see examples).
If you have other Kerberos flavors you need to figure out by yourself. If you have another Kerberos flavor you need to figure out by yourself.
3.) make depend 3.) make depend