From c7afd8e3665d0dd4f8c1ef1d345a58af394af110 Mon Sep 17 00:00:00 2001 From: Dirk Wetter Date: Tue, 26 Jul 2016 20:22:51 +0200 Subject: [PATCH 1/4] Update Readme.md --- bin/Readme.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/bin/Readme.md b/bin/Readme.md index 32c22c9..ebdaacd 100644 --- a/bin/Readme.md +++ b/bin/Readme.md @@ -1,6 +1,8 @@ -**Note: new, improved binaries (1.0.2i, compiled from a snapshot from Peter Mosman's fork: https://github.com/drwetter/openssl) will come soon. Have a look @ https://testssl.sh/** +**Note: Further new improved binaries (1.0.2i, compiled from a snapshot from Peter Mosman's fork: https://github.com/drwetter/openssl) will be uploaded soon. + +Probably we discontinue the rarely used ones at github as it is not very approrpriate. Main site for binaries see https://testssl.sh/** Binaries From 830bc0fb4fbdd566810f4ae471220fa64b3877d7 Mon Sep 17 00:00:00 2001 From: Dirk Wetter Date: Tue, 26 Jul 2016 20:23:31 +0200 Subject: [PATCH 2/4] Update Readme.md --- bin/Readme.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bin/Readme.md b/bin/Readme.md index ebdaacd..e3e2adc 100644 --- a/bin/Readme.md +++ b/bin/Readme.md @@ -1,8 +1,8 @@ -**Note: Further new improved binaries (1.0.2i, compiled from a snapshot from Peter Mosman's fork: https://github.com/drwetter/openssl) will be uploaded soon. +**Note: Further new improved binaries (1.0.2i, compiled from a snapshot from Peter Mosman's fork: https://github.com/drwetter/openssl) will be uploaded soon. ** -Probably we discontinue the rarely used ones at github as it is not very approrpriate. Main site for binaries see https://testssl.sh/** +**Probably we discontinue the rarely used ones at github as it is not very approrpriate. Main site for binaries see https://testssl.sh/** Binaries From 2e1e45fca0e0139b2cbd3638a1411632ab1f16a8 Mon Sep 17 00:00:00 2001 From: Dirk Wetter Date: Tue, 26 Jul 2016 20:31:20 +0200 Subject: [PATCH 3/4] Update Readme.md --- bin/Readme.md | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/bin/Readme.md b/bin/Readme.md index e3e2adc..2ac674b 100644 --- a/bin/Readme.md +++ b/bin/Readme.md @@ -23,16 +23,13 @@ everything which is normally not in OpenSSL or LibreSSL -- 40+56 Bit, export/ANON ciphers, weak DH ciphers, weak EC curves, SSLv2 etc. -- all the dirty features needed for testing. OTOH they also come with extended support for new / advanced cipher suites and/or features which are not in the -official branch like CHACHA20+POLY1305 and CAMELIA 256 bit ciphers. +official branch like (old version of the) CHACHA20+POLY1305 and CAMELIA 256 bit ciphers. The binaries in this directory are all compiled from an OpenSSL 1.0.2 fork from Peter Mosmans (https://github.com/PeterMosmans/openssl). Thx a bunch, Peter! -Compiled Linux binaries so far come from Dirk, other contributors see ../CREDITS.md . - -**__New binaries inluding IPv6 support are @ https://testssl.sh__**. The ones here will be -updated soon. +Compiled Linux and FreeBSD binaries so far come from Dirk, other contributors see ../CREDITS.md . Compiling and Usage Instructions @@ -95,8 +92,7 @@ If you want to compile OpenSSL yourself, here are the instructions: enable-seed enable-camellia enable-idea enable-rfc3779 no-ec_nistp_64_gcc_128 \ -static experimental-jpake -DOPENSSL_USE_BUILD_DATE -(IPv6 would need additionally ``-DOPENSSL_USE_IPV6`` and the patch from ``fedora-dirk-ipv6.diff`` --- this doesn't give you the option of an IPv6 enabled proxy -- yet.) +IPv6 support would need additionally the patch from ``fedora-dirk-ipv6.diff``. This doesn't give you the option of an IPv6 enabled proxy yet. It is good practice to compile those binaries with ``-DOPENSSL_USE_IPV6`` as later on you can tell them apart by``openssl version -a``. Four GOST [1][2] ciphers come via engine support automagically with this setup. Two additional GOST ciphers can be compiled in (``GOST-GOST94``, ``GOST-MD5``) with ``-DTEMP_GOST_TLS`` but as of now they make @@ -113,10 +109,10 @@ If you don't have / don't want Kerberos libraries and devel rpms/debs, just omit 5.) make report (check whether it runs ok!) 6.) ``./apps/openssl ciphers -V 'ALL:COMPLEMENTOFALL' | wc -l`` lists for me -* 191(+4 GOST) ciphers -- including kerberos +* 193(+4 GOST) ciphers including kerberos * 177(+4 GOST) ciphers without kerberos -as opposed to 111/109 from Ubuntu or Opensuse. +as opposed to ~110 from Ubuntu or Opensuse. **Never use these binaries for anything other than testing** From 1c4790b1842666db6fb426ac768abea97f955cc7 Mon Sep 17 00:00:00 2001 From: Dirk Wetter Date: Tue, 26 Jul 2016 20:32:05 +0200 Subject: [PATCH 4/4] Update Readme.md --- bin/Readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/Readme.md b/bin/Readme.md index 2ac674b..bfb755c 100644 --- a/bin/Readme.md +++ b/bin/Readme.md @@ -1,6 +1,6 @@ -**Note: Further new improved binaries (1.0.2i, compiled from a snapshot from Peter Mosman's fork: https://github.com/drwetter/openssl) will be uploaded soon. ** +**Note: Further new improved binaries (1.0.2i, compiled from a snapshot from Peter Mosman's fork: https://github.com/drwetter/openssl) will be uploaded soon.** **Probably we discontinue the rarely used ones at github as it is not very approrpriate. Main site for binaries see https://testssl.sh/**