[racket-dev] SSLv2 in collects

From: Asumu Takikawa (asumu at ccs.neu.edu)
Date: Fri Apr 22 12:06:10 EDT 2011

Apparently SSLv2 is considered dangerous and some Linux distributions
have started shipping OpenSSL libraries with SSLv2 removed. (e.g.
Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=589706)

Since collects/openssl/mzssl.rkt depends on SSLv2 (presumably for legacy
support?), this seems to cause a build failure on Debian testing and
newer using the system libraries.

Is there any reason to keep SSLv2 around or can this be removed?


Posted on the dev mailing list.