Re: put me out of my misery please

Wed, 01 Nov 2000 11:53:32 -0800 

On Wed, Nov 01, 2000 at 02:01:01PM -0500, Gregory Nicholls wrote:
>   Umm no it doesn't. At least not on my system. I get an error while it's trying to
> execute a load_dh_param() function (at line 652 in s_server.c ... trying to fopen() 
>a NULL
> file). That's why I put in the no_dhe.

Hmm. First: it does work. I have tried it myself before posting :-)
Having this said, if you don't specify any file with dh-parameters (and there
is no server.pem=s_cert_file), s_server uses the compiled in default
parameters, see line 660.

Server-output=
lutzpc 37: /usr/local/ssl/bin/openssl s_server -nocert -cipher ADH-RC4-MD5
Using default temp DH parameters
ACCEPT
-----BEGIN SSL SESSION PARAMETERS-----
MHUCAQECAgMBBAIAGAQgo15AlCo4PyRACx1vmLt6AnPwazDMVz9RgEgcOzINL88E
MMUt+h43t5I9hC5XlQFalJYvDF2KWUGcBx6EpUHNsAi5Dche7TuDx2btOdTOcw6X
F6EGAgQ6AHUyogQCAgEspAYEBAEAAAA=
-----END SSL SESSION PARAMETERS-----
Shared ciphers:ADH-RC4-MD5
CIPHER is ADH-RC4-MD5
ERROR
shutting down SSL
CONNECTION CLOSED

Client-output=
lutzpc 29: openssl s_client -cipher ADH-RC4-MD5
CONNECTED(00000003)
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 275 bytes and written 164 bytes
---
New, TLSv1/SSLv3, Cipher is ADH-RC4-MD5
SSL-Session:
    Protocol  : TLSv1
    Cipher    : ADH-RC4-MD5
    Session-ID: A35E40942A383F24400B1D6F98BB7A0273F06B30CC573F5180481C3B320D2FCF    
Session-ID-ctx: 
    Master-Key: 
C52DFA1E37B7923D842E5795015A94962F0C5D8A59419C071E84A541CDB008B90DC85EED3B83C766ED39D4CE730E9717
    Key-Arg   : None
    Start Time: 973108530
    Timeout   : 300 (sec)
    Verify return code 0 (ok)
---

Oh, I am talking about OpenSSL 0.9.6.

To use ADH ciphers, the PRNG must be seeded. The examples I have just
listed were from my Linux-box at home (has /dev/urandom).

Best regards,
        Lutz
-- 
Lutz Jaenicke                             [EMAIL PROTECTED]
BTU Cottbus               http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik                  Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus              Fax. +49 355 69-4153
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to