Skip to content

Commit 3a414d6

Browse files
drwetterdrwetter
committed
Comment the removal of binaries
1 parent f208c09 commit 3a414d6

1 file changed

Lines changed: 8 additions & 2 deletions

File tree

bin/Readme.md

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22
Binaries
33
========
44

5-
All the precompiled binaries provided here have extended support for weak crypto which is normally not in OpenSSL or LibreSSL: 40+56 Bit,
5+
The precompiled binaries provided here have extended support for weak crypto which is normally not in OpenSSL or LibreSSL: 40+56 Bit,
66
export/ANON ciphers, weak DH ciphers, weak EC curves, SSLv2 etc. -- all the dirty features needed for testing if you just want to test with
77
binaries. They also come with extended support for some new / advanced cipher suites and/or features which are not in the official branch like (old version of the) CHACHA20+POLY1305 and CAMELLIA 256 bit ciphers.
88

@@ -16,13 +16,19 @@ The important thing upfront: **DO NOT USE THESE BINARIES FOR PRODUCTION PURPOSES
1616
More
1717
====
1818

19+
In general these binaries are not needed anymore as weak crypto is covered by bash sockets if the binary from the vendor can't handle weak crypto. In the future release they will ne retired.
20+
21+
Testing with openssl however is at the moment faster opposed to using bash sockets. And binaries can handle protocols (/better) once the SSL/TLS connection is established, like retrieving the HTTP header.
22+
1923
General
2024
-------
2125
The (stripped) binaries this directory are all compiled from the [old OpenSSL snapshot](https://github.com/testssl/openssl-1.0.2.bad) which adds a few bits to [Peter
22-
Mosman's openssl fork](https://github.com/PeterMosmans/openssl). The few bits are IPv6 support (except IPV6 proxy) and some STARTTLS backports. More, see the [README.md](https://github.com/testssl/openssl-1.0.2.bad/README.md).
26+
Mosman's openssl fork](https://github.com/PeterMosmans/openssl). The few bits are IPv6 support (except IPV6 proxy) and some STARTTLS backports. More, see the [README.md](https://github.com/testssl/openssl-1.0.2.bad/README.md). Also, as of now, a few CVEs were fixed.
2327

2428
Compiled Linux and FreeBSD binaries so far came from Dirk, other contributors see ../CREDITS.md . Binaries for more architectures see [contributed builds @ https://testssl.sh/](https://testssl.sh/contributed_binaries/).
2529

30+
A few binaries were removed in the latest edition, which are Kerberos binaries and 32 Bit binaries. The diff krb5-ciphers.diff shows the additional ciphers when using the kerberos binary.
31+
2632

2733
Compilation instructions
2834
------------------------

0 commit comments

Comments
 (0)