Skip to content
This repository has been archived by the owner on Apr 22, 2023. It is now read-only.

Weird SSLv2 problem #880

Closed
qharlie opened this issue Apr 5, 2011 · 6 comments
Closed

Weird SSLv2 problem #880

qharlie opened this issue Apr 5, 2011 · 6 comments

Comments

@qharlie
Copy link

qharlie commented Apr 5, 2011

I'm on ubuntu 10.04 with libssl-dev and libcrypto installed, compiling node from head I kept getting

../src/node_crypto.cc: In static member function ‘static v8::Handlev8::Value node::crypto::SecureContext::Init(const v8::Arguments&)’:
../src/node_crypto.cc:102: error: ‘SSLv2_method’ was not declared in this scope
../src/node_crypto.cc:104: error: ‘SSLv2_server_method’ was not declared in this scope
../src/node_crypto.cc:106: error: ‘SSLv2_client_method’ was not declared in this scope

Looking in ssl.h I see they have a conditional

ifndef OPENSSL_NO_SSL2

I wrapped the parts in node_crypto.cc to look like this

ifndef OPENSSL_NO_SSL2

if (strcmp(*sslmethod, "SSLv2_method") == 0) {
  method = SSLv2_method();
} else if (strcmp(*sslmethod, "SSLv2_server_method") == 0) {
  method = SSLv2_server_method();
} else if (strcmp(*sslmethod, "SSLv2_client_method") == 0) {
  method = SSLv2_client_method();
} 

endif

And the problem went away.

@kapouer
Copy link

kapouer commented Apr 10, 2011

I had the same issue here : openssl 1.0.0 allows to disable easily v2 methods, which are considered not so secure.
This patch adds a --no-ssl2 switch to wscript and throw a more explicit error when those methods are used within node :
https://gist.github.com/912440

@mscdex
Copy link

mscdex commented Apr 23, 2011

+1 for this patch

@ixti
Copy link

ixti commented May 18, 2011

It would be nice if this will be fixed at least on next release...

@isaacs
Copy link

isaacs commented Jun 2, 2011

29da0ae0edc14e0482403de8d3305e01e1c52c9f seems like the best approach to me. @ry, what do you think?

@ry ry closed this as completed in f23c45f Jun 3, 2011
@guybrush
Copy link

nice!

this can be closed too: #676

@MoarDm
Copy link

MoarDm commented Aug 19, 2016

For newbies:

  • download and extract into node sources directory no_ssl_v2.patch
  • apply patch with command: git apply no_ssl_v2.patch

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

8 participants