On Fri, Aug 29, 2014 at 04:19:43PM +0200, Frank Meier wrote:
> While testing different ciphersuites I found a quite drastic change in the
> behavior between openssl version 1.0.1h to 1.0.1i. While using a cipherlist
> like "ECDHE-RSA-AES128-SHA256:RC4" with 1.0.1h the "ECDHE-RSA-AES128-SHA256"
> cipher is used. With 1.0.1i uses "RC4-SHA".
>
> example:
> $ openssl s_server -cert server.pem
> ....
> $ openssl s_client -cipher "ECDHE-RSA-AES128-SHA256:RC4" -connect
Run the 1.0.1i client with "-msg" and report the version of the
client Hello and resulting cipher. Then add "-no_ssl2" and report
again. Applications should these days employ "SSL_OP_NO_SSLv2",
rather than rely on "!SSLv2" in the DEFAULT cipherlist.
Not employing EC ciphersuites with SSLv2 HELLO is correct, since
the client's list of supported curves is unknown.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
