John Allen's md5-in-perl?
http://www.cypherspace.org/adam/rsa/md5.html
#!/usr/bin/perl -iH9T4C`_-JXF8NMS^$#)4=@,$18%0X4!`L0%P8*#Q4``04``04#!P``
@A=unpack N4C24,unpack u,$^I;@K=map{int abs 2**32*sin$_}1..64;sub L{($x=pop)
($n=pop)|2**$n-1$x32-$n}sub M{($x=pop)-($m=1+~0)*int$x/$m}do{$l+=$r=read
It seems that if you enable ADH but disable MEDIUM ciphersuites, they
get left on anyway.
I guess not too many people enable ADH, but there are scenarios where
it is useful, and so this seems like a security bug.
What I did:
% openssl s_server -state -CApath certs -cipher 'ALL'
and
I tried to build without MONOLITH defined, to check the object size
for the subset of functions in one of the programs, and it seems that
the build system is broken if you undefine MONOLITH.
This was with openssl-0.9.6b.
Adam
On Sun, Oct 14, 2001 at 06:19:30PM +0200, Lutz Jaenicke wrote:
[...]
* If you have any patch to submit that will improve the behaviour of
s_client you are most welcome to post it to this list :-)
OK, here you go, someone please apply this:
diff -Naur apps/s_client.c apps/s_client.c
---
I mentioned this to Ulf a while back when I found it.
I tried parsing the output of s_client with some perl code I was
writing, and I found that the connection information (cipher
selection, certificate chain if you ask for it with -showcerts) gets
mixed up with the HTTP response.
I tracked it
Don't worry about the application -- it was a thow-away proof of
concept thing, already forgotten. You're probably right there are
otherways to do it. I did consider stunnel briefly but there was some
reason s_client fit better into the existing perl glue code I had.
Either way though
