<grumble> must be NT's bloody runtime then. If I try to fopen a NULL filename it
blows up. I changed s_server.c so
that it only calls load_dh_param() if there's a real file. Guess what. Now it works ..
. .
Thanks,
G.
Lutz Jaenicke wrote:
> On Wed, Nov 01, 2000 at 02:01:01PM -0500, Gregory Nicholls wrote:
> > Umm no it doesn't. At least not on my system. I get an error while it's trying to
> > execute a load_dh_param() function (at line 652 in s_server.c ... trying to
>fopen() a NULL
> > file). That's why I put in the no_dhe.
>
> Hmm. First: it does work. I have tried it myself before posting :-)
> Having this said, if you don't specify any file with dh-parameters (and there
> is no server.pem=s_cert_file), s_server uses the compiled in default
> parameters, see line 660.
>
> Server-output=
> lutzpc 37: /usr/local/ssl/bin/openssl s_server -nocert -cipher ADH-RC4-MD5
> Using default temp DH parameters
> ACCEPT
> -----BEGIN SSL SESSION PARAMETERS-----
> MHUCAQECAgMBBAIAGAQgo15AlCo4PyRACx1vmLt6AnPwazDMVz9RgEgcOzINL88E
> MMUt+h43t5I9hC5XlQFalJYvDF2KWUGcBx6EpUHNsAi5Dche7TuDx2btOdTOcw6X
> F6EGAgQ6AHUyogQCAgEspAYEBAEAAAA=
> -----END SSL SESSION PARAMETERS-----
> Shared ciphers:ADH-RC4-MD5
> CIPHER is ADH-RC4-MD5
> ERROR
> shutting down SSL
> CONNECTION CLOSED
>
> Client-output=
> lutzpc 29: openssl s_client -cipher ADH-RC4-MD5
> CONNECTED(00000003)
> ---
> no peer certificate available
> ---
> No client certificate CA names sent
> ---
> SSL handshake has read 275 bytes and written 164 bytes
> ---
> New, TLSv1/SSLv3, Cipher is ADH-RC4-MD5
> SSL-Session:
> Protocol : TLSv1
> Cipher : ADH-RC4-MD5
> Session-ID: A35E40942A383F24400B1D6F98BB7A0273F06B30CC573F5180481C3B320D2FCF
>Session-ID-ctx:
> Master-Key:
>C52DFA1E37B7923D842E5795015A94962F0C5D8A59419C071E84A541CDB008B90DC85EED3B83C766ED39D4CE730E9717
> Key-Arg : None
> Start Time: 973108530
> Timeout : 300 (sec)
> Verify return code 0 (ok)
> ---
>
> Oh, I am talking about OpenSSL 0.9.6.
>
> To use ADH ciphers, the PRNG must be seeded. The examples I have just
> listed were from my Linux-box at home (has /dev/urandom).
>
> Best regards,
> Lutz
> --
> Lutz Jaenicke [EMAIL PROTECTED]
> BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
> Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
> Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
