Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Compression check relies on OpenSSL #192

Open
rbsec opened this issue Feb 22, 2020 · 2 comments
Open

Compression check relies on OpenSSL #192

rbsec opened this issue Feb 22, 2020 · 2 comments

Comments

@rbsec
Copy link
Owner

rbsec commented Feb 22, 2020

The check for TLS compression relies on OpenSSL library supporting it - so will not be available if building dynamically. This can be worked around with a static build - but would be nice to do ourselves.
@rbsec rbsec mentioned this issue Feb 22, 2020
Closed
12 tasks
@3eka
Copy link

3eka commented Nov 4, 2020
edited

Is there option to include existing libssl.a libcrypto.a to static build, instead of building OpenSSL again
(let us say I have already self-built OpenSSL 1.1.1h with both shared and static libraries)?

If not, can you consider it?
Thanks.

P.S: Tool is great, nice job

@rbsec
Copy link
Owner Author

rbsec commented Nov 6, 2020

I can't see any reason that you wouldn't be able to to statically link against a pre-compiled version, but it's not something that's in the Makefile as an option, so you'd have to patch that. Although maybe just symlinking the ./openssl directory to your version would be a quick workaround?

At some point the TLS compression check will be done manually (rather than via OpenSSL) - at which point it might even be possible to get rid of the static build entirely.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rbsec @3eka