On Tue, Sep 03, 2013 at 01:40:29AM -0400, Dave Thompson wrote: > > From: owner-openssl-...@openssl.org On Behalf Of Kurt Roeckx via RT > > Sent: Saturday, 31 August, 2013 12:54 > > > It seems that s_server by default use 512 bit for the DHE if it's > > not specified, and s_client just accepts that. > > > > Is there a way to set a minimum size? I think think 512 really > > is too short and shouldn't be accepted by any client. I think > > we should have a minimum of 1024. > > OpenSSL deliberately continues to support (mostly older) > features like SSL2 and export suites that are known weak > or vulnerable (at least sometimes) for interoperability. > It might be reasonable to have an *optional* minimum, > similar to the way we can optionally limit verify depth. > > OTOH at least for now sess->sess_cert->peer_dh_tmp is > exposed and the app can just decide to abort the session. > Same as it can for RSA or DSA too short, or MD5 certs, > or if you're more ambitious things like RSA that appears > to be a Debian broken-random weak key.
The struct cert_st is in ssl_locl.h so you can't access it from an application. Kurt ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
