Hallo together,
I've updatet my ucspi-tcp6 (1.02) and ucspi-ssl (0.97) packages.
For those, who are interested, the following information might we useful:
1. Both packages are now easy to install on a Raspian Linux and work well.
2. Both packages work on MacOS X El Capitan with some additional settings (as described).
3. Further ucspi-tcp6/ucspi-ssl includes a bug-fix for a potential segfault parsing IP CIDR addresses.
4. However - most important - and thanks to Frank Bergmann, ucspi-ssl is now Elliptic curve capable (ECDH).
In order to benefit from those, do:
- Upgrade to a recent version of OpenSSL.
- Install ucspi-ssl 0.97.
- Re-compile/Re-Install s/qmail or qmail+Spamcontrol patch (the new generated lib ucspissl.a is required).
What you will see in the logs is about the following:
! 2016-08-04 07:41:18.527932500 sslserver: ssl 12295 accept TLSv1:ECDHE-RSA-AES256-SHA !
No UI changes are necessary; however you might need to adjust your Cipher suite (examples given).
The sources are ready for download from my web site.
Best regards.
--eh.
Dr. Erwin Hoffmann | FEHCom | http://www.fehcom.de | PGP Key-Id: EE00CF65
I've updatet my ucspi-tcp6 (1.02) and ucspi-ssl (0.97) packages.
For those, who are interested, the following information might we useful:
1. Both packages are now easy to install on a Raspian Linux and work well.
2. Both packages work on MacOS X El Capitan with some additional settings (as described).
3. Further ucspi-tcp6/ucspi-ssl includes a bug-fix for a potential segfault parsing IP CIDR addresses.
4. However - most important - and thanks to Frank Bergmann, ucspi-ssl is now Elliptic curve capable (ECDH).
In order to benefit from those, do:
- Upgrade to a recent version of OpenSSL.
- Install ucspi-ssl 0.97.
- Re-compile/Re-Install s/qmail or qmail+Spamcontrol patch (the new generated lib ucspissl.a is required).
What you will see in the logs is about the following:
! 2016-08-04 07:41:18.527932500 sslserver: ssl 12295 accept TLSv1:ECDHE-RSA-AES256-SHA !
No UI changes are necessary; however you might need to adjust your Cipher suite (examples given).
The sources are ready for download from my web site.
Best regards.
--eh.
Dr. Erwin Hoffmann | FEHCom | http://www.fehcom.de | PGP Key-Id: EE00CF65