On Tue, Jun 03, 2014 at 06:01:03PM +0200, Tomas Mraz via RT wrote: > openssl advertises ECC ciphersuites in SSLv2 client hello if ssl23 > method is used. This is incorrect because the TLS extensions that > indicate supported curves and point formats cannot be sent in SSLv2 > client hello. The attached patch ensures that no ECC ciphersuites are > sent in SSLv2 client hello.
This looks about right, where do you still use SSLv2? Nowadays, you should probably have SSLv2 disabled. > diff -up openssl-1.0.1e/ssl/s23_lib.c.ssl2noec openssl-1.0.1e/ssl/s23_lib.c > --- openssl-1.0.1e/ssl/s23_lib.c.ssl2noec 2013-02-11 16:26:04.000000000 > +0100 > +++ openssl-1.0.1e/ssl/s23_lib.c 2014-05-06 15:51:54.053293674 +0200 > @@ -107,6 +107,13 @@ int ssl23_put_cipher_by_char(const SSL_C > long l; > > /* We can write SSLv2 and SSLv3 ciphers */ > + /* but no ECC ciphers */ > + if (c->algorithm_mkey == SSL_kECDHr || > + c->algorithm_mkey == SSL_kECDHe || > + c->algorithm_mkey == SSL_kEECDH || > + c->algorithm_auth == SSL_aECDH || > + c->algorithm_auth == SSL_aECDSA) > + return 0; > if (p != NULL) > { > l=c->id; -- Viktor. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org