Just a few weeks after the last release the OpenSSL team released important updates to fix issues in both source branches. Again…
Direct links for the updated versions:
http://indy.fulgan.com/SSL/openssl-0.9.8t-i386-win32.zip
http://indy.fulgan.com/SSL/openssl-0.9.8t-x64_86-win64.zip
http://indy.fulgan.com/SSL/openssl-1.0.0g-i386-win32.zip
http://indy.fulgan.com/SSL/openssl-1.0.0g-x64_86-win64.zip
The update fixes a possible DTLS DoS attack. This is related to encrypted Datagrams, e.g. encrypted VoIP or Audio/Video Streams (and encrypted UDP in general).
- Arvid
P.S.: Update has been on the server for a few days, forget to publish this post. Sorry about.
Where can I get the source of the Indy specific OpenSSL libs? I found it once before, but can’t seem to find this version.
Thanks.
Never mind I think.. I had understood that there were changes for Indy but just noticed no mention of Indy here. So I guess I can just build them myself from the openssl.org source.
Brenden -
Yes, you can build them directly from the sources from openssl.org.
That’s what I do, too.
Just that we pay attention which c/asm compiler is used to provide best support for all platforms (i.e. Win 2000+) without any dependencies in contrast to the famous SlProWeb OpenSSL dlls.
Special Indy adjustments are not needed anymore, that’s valid since Indy 10.5.5 (= Delphi 2009) and newer.
Cheers,
Arvid