On Mon, Aug 11, 2014 at 11:09:51PM +0200, John Foley via RT wrote: > The fix discussed in this thread appears to be incomplete: > > http://marc.info/?l=openssl-users&m=140752401023837&w=2 > > This fix works for SRP cipher suites that uses RSA for DSA, which > includes 6 of the 9 supported SRP cipher suites. But the three SRP > cipher suites that don't rely on a server-side certificate are still > broken. This problem can be recreated using these commands:
I believe this is already in master in commit 9e72d496d4f9880ec98f0ed9168246e35c1c3059 Kurt ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org