這是openssl-1.0.1h.tar.gz下載，openssh從6.5版本開(kāi)始，使用openssl 源碼編譯的時(shí)候，必須使用動(dòng)態(tài)庫(kù)（在openssh 6.4之前的版本中沒(méi)這種情況）；一直沒(méi)找到具體的說(shuō)明，但是經(jīng)過(guò)無(wú)數(shù)次編譯嘗試，終于驗(yàn)證這種事實(shí)。mtE紅軟基地

軟件介紹

openssl-1.0.1h.tar.gz密碼庫(kù)的維護(hù)人員發(fā)布了一個(gè)高危安全漏洞的補(bǔ)�。–VE-2016-2107），這個(gè)漏洞可以讓攻擊者在web服務(wù)器上解密登錄證書(shū)或者執(zhí)行惡意代碼。mtE紅軟基地

軟件說(shuō)明

1.) configure: error: *** Can't find recent OpenSSL libcrypto (see config.log for details) ***mtE紅軟基地
2.) OpenSSL version mismatch. mtE紅軟基地
3.) checking OpenSSL header version... not foundmtE紅軟基地

相關(guān)更新

Windows command-line tool supports UTF-8 opt-in option for arguments and console input. Setting OPENSSL_WIN32_UTF8 environment variable (to any value) allows Windows user to access PKCS#12 file generated with Windows CryptoAPI and protected with non-ASCII password， as well as files generated under UTF-8 locale on Linux also protected with non-ASCII password. [Andy Polyakov]mtE紅軟基地
To mitigate the SWEET32 attack (CVE-2016-2183)， 3DES cipher suites have been disabled by default and removed from DEFAULT， just like RC4. See the RC4 item below to re-enable both.[Rich Salz]mtE紅軟基地
The method for finding the storage location for the Windows RAND seed file has changed. First we check %RANDFILE%. If that is not set then we check the directories %HOME%， %USERPROFILE% and %SYSTEMROOT% in that order. If all else fails we fall back to C:\. [Matt Caswell]mtE紅軟基地
The EVP_EncryptUpdate() function has had its return type changed from void to int. A return of 0 indicates and error while a return of 1 indicates success. [Matt Caswell]mtE紅軟基地

軟件截圖

 mtE紅軟基地