Merge branch 'master' of github.com:drwetter/testssl.sh
This commit is contained in:
commit
7614ac6f87
|
@ -1,15 +1,15 @@
|
||||||
|
|
||||||
Instructions
|
Compiling and Usage Instructions
|
||||||
============
|
================================
|
||||||
|
|
||||||
The precompiled binaries provided here have extended support for everything
|
The precompiled binaries provided here have extended support for everything
|
||||||
which is normally not configured to be compiled (40+56 Bit, export/ANON ciphers,
|
which is normally not configured to be compiled (40+56 Bit, export/ANON ciphers,
|
||||||
SSLv2 etc.). The binaraies come also with extended support for new cipher suites
|
SSLv2 etc.). The binaries also come with extended support for new cipher suites
|
||||||
and/or features which are not yet in the official branch.
|
and/or features which are not (yet?) in the official branch.
|
||||||
|
|
||||||
The binaries in this directory are all compiled from an OpenSSL 1.0.2 fork
|
The binaries in this directory are all compiled from an OpenSSL 1.0.2 fork
|
||||||
from Peter Mosmans. He has patched the master git branch
|
from Peter Mosmans. He has patched the master git branch
|
||||||
to support CHACHA20 + POLY1305 and other ciphers (like CAMELIA 256 Bit).
|
to support CHACHA20 + POLY1305 and other ciphers like CAMELIA 256 Bit.
|
||||||
|
|
||||||
CHACHA20 + POLY1305 cipher suites from the official git repo didn't
|
CHACHA20 + POLY1305 cipher suites from the official git repo didn't
|
||||||
work for me work correctly, it's also likely they'll disappear shortly
|
work for me work correctly, it's also likely they'll disappear shortly
|
||||||
|
@ -20,13 +20,12 @@ General
|
||||||
-------
|
-------
|
||||||
|
|
||||||
Both 64+32 bit versions were compiled under Ubuntu 12.04 LTS. Likely you
|
Both 64+32 bit versions were compiled under Ubuntu 12.04 LTS. Likely you
|
||||||
cannot use older distributions, younger should work. I provide for each
|
cannot use older distributions, younger worked in my test environments. I provide
|
||||||
distributions two sets of binaries:
|
for each distributions two sets of binaries:
|
||||||
|
|
||||||
* completely statically linked binaries
|
* completely statically linked binaries
|
||||||
* dynamically linked binaries with MIT Kerberos support ("krb5" in the name).
|
* dynamically linked binaries, additionally with MIT Kerberos support ("krb5" in the name).
|
||||||
They provide additionally KRB5-* and EXP-KRB5-* support (in OpenSSL
|
They provide also KRB5-* and EXP-KRB5-* support (in OpenSSL terminology, see krb5-ciphers.txt).
|
||||||
terminology, see krb5-ciphers.txt).
|
|
||||||
|
|
||||||
For the latter you need a whopping bunch of kerberos runtime libraries which you maybe need to
|
For the latter you need a whopping bunch of kerberos runtime libraries which you maybe need to
|
||||||
install from your distributor (libgssapi_krb5, libkrb5, libcom_err, libk5crypto, libkrb5support,
|
install from your distributor (libgssapi_krb5, libkrb5, libcom_err, libk5crypto, libkrb5support,
|
||||||
|
@ -76,8 +75,8 @@ If you want to compile OpenSSL yourself, here are the instructions:
|
||||||
|
|
||||||
Don't use -DTEMP_GOST_TLS, it currently breaks things and it is not needed for general GOST [1] support.
|
Don't use -DTEMP_GOST_TLS, it currently breaks things and it is not needed for general GOST [1] support.
|
||||||
|
|
||||||
If you don't have / don't want Kerberos libraries and devel rpms/debs, omit "--with-krb5-flavor=MIT" (see examples).
|
So the difference ypu maybe spotted: If you don't have / don't want Kerberos libraries and devel rpms/debs, omit "--with-krb5-flavor=MIT" (see examples).
|
||||||
If you have other Kerberos flavors you need to figure out by yourself.
|
If you have another Kerberos flavor you need to figure out by yourself.
|
||||||
|
|
||||||
3.) make depend
|
3.) make depend
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue