still trying to get EXP-RC4-MD5 working..

Tarik Miller Mon, 23 Oct 2000 13:04:40 -0700

when my server displays its list of supported ciphers I get a large list,
the last 3 entries are:
EXP-RC4-MD5             SSLv3 Kx=RSA(512) Au=RSA  Enc=RC4(40)   Mac=MD5 export
EXP-RC2-CBC-MD5         SSLv2 Kx=RSA(512) Au=RSA  Enc=RC2(40)   Mac=MD5 export
EXP-RC4-MD5             SSLv2 Kx=RSA(512) Au=RSA  Enc=RC4(40)   Mac=MD5 export

trying to connect with s_client in debug mode results in:
# openssl s_client -connect 172.16.14.157:443 -debug -cipher EXP-RC4-MD5 -ssl3

  Electric Fence 2.0.5 Copyright (C) 1987-1998 Bruce Perens.
CONNECTED(00000003)
write to 42F4BFC0 [431247F8] (50 bytes => 50 (0x32))
0000 - 16 03 00 00 2d 01 00 00-29 03 00 39 f4 97 32 6d   ....-...)..9..2m
0010 - 91 86 b1 b0 3f 5a d3 d1-ba 71 8a 59 3f 25 d5 da   ....?Z...q.Y?%..
0020 - ad e9 e4 ae a3 32 f5 6e-18 18 2c 00 00 02 00 03   .....2.n..,.....
0030 - 01                                                .
0032 - <SPACES/NULS>
read from 42F4BFC0 [4311A7F8] (5 bytes => 5 (0x5))
0000 - 15 03 00 00 02                                    .....
read from 42F4BFC0 [4311A7FD] (2 bytes => 2 (0x2))
0000 - 02 28                                             .(
21179:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake 
failure:s3_pkt.c:956:SSL alert number 40
21179:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:490:

and on the server side:
read from 08159330 [0815EA28] (11 bytes => 11 (0xB))
0000 - 16 03 00 00 2d 01 00 00-29 03                     ....-...).
000b - <SPACES/NULS>
read from 08159330 [0815EA33] (39 bytes => 39 (0x27))
0000 - 39 f4 97 32 6d 91 86 b1-b0 3f 5a d3 d1 ba 71 8a   9..2m....?Z...q.
0010 - 59 3f 25 d5 da ad e9 e4-ae a3 32 f5 6e 18 18 2c   Y?%.......2.n..,
0020 - 00 00 02 00 03 01                                 ......
0027 - <SPACES/NULS>
write to 08159330 [08167E98] (7 bytes => 7 (0x7))
0000 - 15 03 00 00 02 02 28                              ......(
21140:error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher:s3_srvr.c:769:

connecting with ssl2 works fine.. I'm using sslv23_server_method in the
server.. 

the general sequence of ssl calls in the server is:
SSL_load_error_strings();
ERR_load_crypto_strings();
OpenSSL_add_ssl_algorithms();
 ..
SSL_METHOD *ssl_meth = SSLv23_server_method();
m_ctx = SSL_CTX_new (ssl_meth);
SSL_CTX_use_certificate_file();
SSL_CTX_use_PrivateKey_file();
SSL_CTX_set_quiet_shutdown(m_ctx, 1);
SSL_CTX_set_options(m_ctx, 0);
..
SSL_new();
SSL_clear();
SSL_set_fd();
SSL_accept();

Any ideas about what I'm missing? any help would be appreciated.. thanx!

-T

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]
still trying to get EXP-RC4-MD5 working..

Reply via email to
