On 18 March 2010 10:09, Victor Duchovni <victor.ducho...@morganstanley.com> wrote: > It is always enabled, no special compilation flags required. > > Applications have to enable NULL ciphers explicitly at runtime. Do not > recompile with a broken DEFAULT cipher list, just configure applications > that know what they are doing to use NULL ciphers by specifying a > suitable cipherlist.
Which version of OpenSSL are you talking about? An older one than 0.9.8g or the latest? The one I tried (098g) the READMEs say "its disabled by default" and needs to be enabled via a configuration flag while compiling it. I'm using the ACE toolkit's ACE_SSL module (for SSL sockets support) which depends on OpenSSL and it only "seems to work" when I do this manual source edit. I don't see any API/option in ACE_SSL to "enable NULL cipher" and the fact that it "starts working" for me when I just rebuild the OpenSSL library with my change leads me to ask this question. Any tips on how I might peek under the hood to see what ACE_SSL is doing that does not work unless I change the OpenSSL build? - Vishal ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
