[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] [PATCH] Allow to redefine ciphers list for OpenSSL

From: Tomas Hozza
Subject: Re: [Bug-wget] [PATCH] Allow to redefine ciphers list for OpenSSL
Date: Wed, 9 Jul 2014 03:36:13 -0400 (EDT)

----- Original Message -----
> Tomas Hozza <address@hidden> writes:
> >> What do you think about extending --secure-protocol and having a runtime
> >> option instead of a compile time option ? Users could set the system wide
> >> default value in /etc/wgetrc and people are able to override it through
> >> ~/.wgetrc or --secure-protocol.
> >
> > Hi Tim.
> >
> > I'm afraid this is not suitable for us. We need to be able to define the
> > policy somewhere in /etc, where the user is not able to change it (only
> > the system administrator).
> >
> > Also the main intention to have a single place to set the policy for all
> > system components, therefore wgetrc is not the right place for us.
> >
> > Regards,
> how would the policy defined in /etc be used by wget?  Is wget going to
> be recompiled if the policy is changed by root?

Hi Giuseppe.

It will be used by OpenSSL. So there will be no need to recompile wget.
Wget will be compiled with ciphers list string saying to OpenSSL, that
it should use system-defined ciphers.

I'm CC-ing the Fedora change owner to clarify the approach further if needed.

Tomas Hozza
Software Engineer - EMEA ENG Developer Experience

Red Hat Inc.                               http://cz.redhat.com

reply via email to

[Prev in Thread] Current Thread [Next in Thread]