Thanks Viktor for clarification.
So in case we need to use SSL_CTX_set_cipher_list(), we should use : for
multiple Ciphers.
and + working in old releases for same scenario can be treated as bug..
Thanks
Mukesh
On 26 March 2015 at 20:24, Viktor Dukhovni
wrote:
> On Thu, Mar 26, 2015 at 07:56:38
On Thu, Mar 26, 2015 at 07:56:38PM +0530, Mukesh Yadav wrote:
> :~/openssl-0.9.8d_install/usr/local/bin# ./openssl ciphers RC4-MD5+RC4-SHA
> -v
>
> RC4-MD5 SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
>
> RC4-MD5 SSLv2 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
That's Right..
here is O/p
Openssl-0.9.8d:
:~/openssl-0.9.8d_install/usr/local/bin# ./openssl ciphers RC4-MD5:RC4-SHA
-v
RC4-MD5 SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
RC4-MD5 SSLv2 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
RC4-SHA SSL
> I am wondering is this newly introduced?.
No it's not new.
> Application compiled with openssl-0.9.8d used to work when Cipher string has
> '+'.or ':'
That release is nearly 10 years old (Sep 2006) And are you sure it worked? +
tended to mean add, so :+ worked...
--
Senior Architect
Thanks Marcus.
It worked when changed + to :.
I am wondering is this newly introduced?.
Application compiled with openssl-0.9.8d used to work when Cipher string
has '+'.or ':'
On 26 March 2015 at 15:23, Marcus Meissner wrote:
> On Thu, Mar 26, 2015 at 10:42:21AM +0530, Mukesh Yadav wrote:
On Thu, Mar 26, 2015 at 10:42:21AM +0530, Mukesh Yadav wrote:
> HI,
>
> I have a query for SSl cipher on Openssl-1.0.1h
> Have an application which is using library compiled with openssl-1.0.1h.
>
> Application is failing in func SSL_CTX_set_cipher_list() when input is "
> RC4-MD5+RC4-SHA" and it
HI,
I have a query for SSl cipher on Openssl-1.0.1h
Have an application which is using library compiled with openssl-1.0.1h.
Application is failing in func SSL_CTX_set_cipher_list() when input is "
RC4-MD5+RC4-SHA" and it gets succeed when input is "RC4-SHA".
Not sure whether "RC4-MD5" is disable