- older openssl bins with ~150 cipher suites. More to come soon

This commit is contained in:
Dirk Wetter 2014-07-03 16:38:34 +02:00
parent 07b363d74b
commit dd3d0bef33
6 changed files with 71 additions and 0 deletions

Binary file not shown.

View File

@ -0,0 +1,7 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)
iD8DBQBTtWqtWZzt6LgYwDkRAh66AKDPH+8Z96WkGMY37JQ660TdCuiuNACfY6wi
RAhPwM6AiWqkJfcnltSJ9kc=
=eyei
-----END PGP SIGNATURE-----

Binary file not shown.

View File

@ -0,0 +1,7 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)
iD8DBQBTtWqzWZzt6LgYwDkRAgXhAKCSnhieSIzcIxUSUlHThrLLmXp71QCg0K9e
bvp1NF/9InyxgD53PXddEA4=
=/OeI
-----END PGP SIGNATURE-----

View File

@ -0,0 +1,26 @@
Both compiled versions are are from OpenSSL 1.0.2-beta1. The
64 bit version was compiled under Opensuse 12.3
32 bit version was compiled under Ubuntu 12.04 LTS
Both are statically linked, except a few libraries which
are nowadays sometimes hard to link in, i.e. the dynamic
loader (libdl) and glibc (libc).
If you want to compile OpenSSL yourself, here are the configure
options:
for 32 Bit:
--prefix=/usr/ --openssldir=/etc/ssl enable-zlib enable-ssl2 enable-rc5 enable-rc2 enable-gost enable-cms enable-md2 enable-mdc2 enable-rc5 enable-ec enable-ec2m enable-ecdh enable-ecdsa enable-seed enable-idea -Wa,--noexecstack no-dane no-ec_nistp_64_gcc_128 no-gmp no-jpake no-krb5 no-libunbound no-multiblock no-rfc3779 no-sctp no-shared no-ssl-trace no-store no-zlib-dynamic static-engine
for 64Bit:
--prefix=/usr/ --openssldir=/etc/ssl enable-zlib enable-ssl2 enable-ec_nistp_64_gcc_128 enable-rc5 enable-rc2 enable-gost enable-cms enable-md2 enable-mdc2 enable-rc5 enable-ec enable-ec2m enable-ecdh enable-ecdsa enable-seed enable-idea -Wa,--noexecstack no-dane no-gmp no-jpake no-krb5 no-libunbound no-multiblock no-rfc3779 no-sctp no-shared no-ssl-trace no-store no-zlib-dynamic static-engine
And: You have to patch the sources, see file vanilla.patch otherwise ypu miss the experimental
and some RC4/MD5 cipher suites. "openssl ciphers -V | wc -l" lists for me 112 ciphers as opposed
to 82 from Ubuntu or Opensuse.
Enjoy,
Dirk

View File

@ -0,0 +1,31 @@
--- ./ssl/tls1.h.orig 2014-03-03 20:43:11.535295959 +0100
+++ ./ssl/tls1.h 2014-03-03 20:43:25.911430196 +0100
@@ -157,7 +157,7 @@
extern "C" {
#endif
-#define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 0
+#define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 1
#define TLS1_2_VERSION 0x0303
#define TLS1_2_VERSION_MAJOR 0x03
--- ./ssl/s2_lib.c.orig 2014-03-05 18:16:40.966589866 +0100
+++ ./ssl/s2_lib.c 2014-03-05 18:17:36.572043680 +0100
@@ -122,7 +122,7 @@
/* list of available SSLv2 ciphers (sorted by id) */
OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[]={
-#if 0
+#if 1
/* NULL_WITH_MD5 v3 */
{
1,
@@ -254,7 +254,7 @@
168,
},
-#if 0
+#if 1
/* RC4_64_WITH_MD5 */
{
1,