[Bug 202990] exp-build with WITH_OPENSSL_PORT=yes no-ssl2/no-ssl3

Wed Sep 9 12:52:20 UTC 2015

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=202990

            Bug ID: 202990
           Summary: exp-build with WITH_OPENSSL_PORT=yes no-ssl2/no-ssl3
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Ports Framework
          Assignee: portmgr at FreeBSD.org
          Reporter: brnrd at freebsd.org
                CC: freebsd-ports-bugs at FreeBSD.org

I'd like to request an exp-build with ports' SSL built without support for
either SSLv2/SSLv3. Either WITH_OPENSSL_PORT=yes and security_openssl_UNSET+=
SSL2 SSL3 or a build with LibreSSL 2.3 from https://reviews.freebsd.org/D3585
 (my personal preference being the LibreSSL build as that has really _removed_
the SSLv3_ methods and structures).

Purpose is to detect what ports require patching to build/run without SSLv3 and
yes I'm volunteering to fix/patch these ports and upstream the result.

I know that this has been requested before (https://bugs.freebsd.org/195796)
but that was _before_ POODLE happened. Currently everyone has (or should)
disable SSLv3 completely.

I have a patched Apache lying around (would help with the # packages that will
build).

-- 
You are receiving this mail because:
You are on the CC list for the bug.