> What I tried was to remove all the AES 128 options from ssl/s3_lib.c. > That seemed to do the trick. I do not know if it has any bad side > effects though. > > Of course, this will only work if you don't need AES 128 at all.
In my case I have a configuration program which allows users to select ciphers and the minimum/maximum strengths, so I have not found any solution to the problem. It's been close to two months now, so I'm currently considering switching to an older version of OpenSSL which does not have the bug. -Chris ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
