Hi,
I'm experimenting with the various cipher suites that OpenSSL 0.9.4
supports, and am having some problems understanding DH, EDH and ADH and how
to use them. I need someone to point me towards the light :-)
So far, using some simple home-brewed test programs, I've successfully
managed to establish connections using EDH ciphers such as
EDH-RSA-DES-CBC-SHA by using the appropriate cert/key files and setting up
temp DH params using SSL_CTX_set_tmp_dh().
My first question is about the ADH cipher suites. Try as I might, I cannot
get a successful connection using any ADH cipher, e.g. ADH-DES-CBC-SHA. The
server always fails in SSL_accept() and gives the following output from
ERR_print_errors_fp():
420:error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared
cipher:.\ssl\s3_srvr.c:714:
Is there anything special I should be doing to allow ADH to work?
My second question concerns plain DH. OpenSSL seems to know about DH, since
cipher suites such as DH-DSS-DES-CBC-SHA are mentioned in ssl\s3_lib.c, but
they're marked as invalid. What does this mean? Are they not supported, or
can I get equivalent functionality some other way?
Many thanks in advance
Ollie King
Data Connection Ltd
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
