我已经在笔记本电脑上安装了 Ubuntu 16.04 LTS 以供测试。使用以下命令连接到 gmail.com。
openssl s_client -connect gmail.com:443 -ssl3
但我收到以下错误:
139903184385688:错误:140A90C4:SSL 例程:SSL_CTX_new:null ssl 方法已传递:ssl_lib.c:1878
问题:
我是否缺少要安装的库?或者 openssl 1.0.2g-1ubuntu4.1 现在不支持 -ssl3 选项?
答案1
SSLv3 已在随 Ubuntu 16.04 分发的 openssl 版本中永久禁用,因此 -ssl3 选项不再有效。
来自 /usr/share/doc/openssl/changelog.Debian.gz:
openssl (1.0.2g-1ubuntu1) xenial; urgency=medium
* Merge with Debian, remaining changes.
- Disable SSLv3 without changing ABI:
+ debian/patches/no-sslv3.patch: Disable SSLv3 without using the
no-ssl3-method option
+ debian/rules: don't use no-ssl3-method, don't bump soname
+ debian/patches/engines-path.patch: don't bump soname
+ debian/patches/version-script.patch: don't bump soname
+ debian/patches/soname.patch: removed
+ debian/lib*: don't bump soname