There appears to be a problem when using s_server with ECDHE cipher suites in OpenSSL_1_0_1-stable. Due to an uninitialized variable, SSL_CTX_set_tmp_ecdh() is not always invoked within s_server. The following patch resolves the issue. This bug appears to have been introduced by 059907771b89549cbd07a81df1a5bdf51e062066.
diff --git a/apps/s_server.c b/apps/s_server.c index caba5b3..2a44223 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -998,7 +998,7 @@ int MAIN(int argc, char *argv[]) int off = 0; int no_tmp_rsa = 0, no_dhe = 0, nocert = 0; #ifndef OPENSSL_NO_ECDH - int no_ecdhe; + int no_ecdhe = 0; #endif int state = 0; const SSL_METHOD *meth = NULL; _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev