[Icecast-dev] fix for unsafe ssl options

Thomas B. Ruecker dm8tbr at afthd.tu-darmstadt.de
Fri Aug 6 13:43:57 PDT 2010


Hi Niv,

Thanks for your comments. I'm CC'ing the patch author.

On Wed, Aug 04, 2010 at 05:37:44PM +0200, Niv Sardi wrote:
> Do we really need that many ?
> http://www.google.com/codesearch/p?hl=en#5KTrgOW2hXs/pub/nslu2/sources/vsftpd-2.0.4.tar.gz%7CXknrlk4c3C4/vsftpd-2.0.4/ssl.c&q=SSL_CTX_set_cipher_list
> 
> vsftpd seems to only be including "DES-CBC3-SHA"
> http://www.google.com/codesearch?q=tunable_ssl_ciphers&exact_package=http://ftp.osuosl.org/pub/nslu2/sources/vsftpd-2.0.4.tar.gz&hl=en
> 
> That appart (and I'm no OpenSSL savvy), the patch looks good.

I have to admit that I haven't even looked at the patch while forwarding the information, but I'm willing to trust justdave here as he most likely looked at what Mozilla products do and why they do it. ;-)

Cheers

Thomas


PS: List requires subscription to post.


More information about the Icecast-dev mailing list