> Try the next 0.9.8 snapshot.
Thanks Dr. Steve!
-Chris
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager
On Fri, Apr 14, 2006, Chris Clark wrote:
> > What I tried was to remove all the AES 128 options from ssl/s3_lib.c.
> > That seemed to do the trick. I do not know if it has any bad side
> > effects though.
> >
> > Of course, this will only work if you don't need AES 128 at all.
>
> In my case I ha
> What I tried was to remove all the AES 128 options from ssl/s3_lib.c.
> That seemed to do the trick. I do not know if it has any bad side
> effects though.
>
> Of course, this will only work if you don't need AES 128 at all.
In my case I have a configuration program which allows users to select
Sorry, I somehow overlooked that previous thread. Note that in my
scenario, a weaker cipher is implicitly added to the supported cipher
list, so the bug is somewhat more severe IMHO.
What I tried was to remove all the AES 128 options from ssl/s3_lib.c.
That seemed to do the trick. I do not know if
Hi Roy,
> In 0.9.8a, it looks like AES 128 will be accepted by the server even if it
> is supposed to accept only AES 256.
I reported this same bug on February 17th, and Dr. Steven Henson has
confirmed it is a bug so hopefully it will be fixed.
If you find any work around please let me know.
-C
In 0.9.8a, it looks like AES 128 will be accepted by the server even if it is supposed to accept only AES 256.
To reproduce this behavior, on the server run:
openssl s_server -accept 4433 -cipher AES256-SHA –state
On the client, run:
openssl s_client -connect PISA_SERVER:4433 -cipher AES128-SHA
