On Thu, Oct 14, 1999 at 10:32:20AM +0200, Lutz Jaenicke wrote:
> From the source code I think, part of the problem is the "exportable" check
> with SSL_IS_EXPORT (and derivatives of this macro), since there is a
> EXPORT56 check macro available, but I don't see it actually used.
> And to be fair, the OpenSSL source code is not really readable (please compare
> to let's say postfix), so that I didn't manage to figure out from
> ssl/ssl_ciph.c, how the list of ciphers is collected.
> Is there any explanation availab.e?
Forgot the output of openssl ciphers with the 56-bit ciphers enabled:
DHE-DSS-RC4-SHA:EXP1024-DHE-DSS-RC4-SHA:EXP1024-RC4-SHA:EXP1024-DHE-DSS-DES-CBC-SHA:EXP1024-DES-CBC-SHA:EXP1024-RC2-CBC-MD5:EXP1024-RC4-MD5:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:IDEA-CBC-SHA:RC4-SHA:RC4-MD5:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:DES-CBC3-MD5:IDEA-CBC-MD5:RC2-CBC-MD5:RC4-MD5:RC4-64-MD5:DES-CBC-MD5:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC4-MD5:EXP-RC2-CBC-MD5:EXP-RC4-MD5
shouldn't the EXP1024 ciphers be moved to a later part in the list (let's
say just befor the 40bit EXP ciphers and then it should work as expected?
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
