On Tue, Aug 12, 2014 at 01:26:30AM +0200, John Foley via RT wrote: > The commit into 1.0.1 didn't include the changes to s3_lib.c. SRP is still > broken on this branch. Are there any plans to fix this?
Can you confirm that that commit from master fixes things for you? > > > On Aug 11, 2014, at 6:41 PM, "Kurt Roeckx via RT" <r...@openssl.org> wrote: > > > >> On Mon, Aug 11, 2014 at 11:09:51PM +0200, John Foley via RT wrote: > >> The fix discussed in this thread appears to be incomplete: > >> > >> http://marc.info/?l=openssl-users&m=140752401023837&w=2 > >> > >> This fix works for SRP cipher suites that uses RSA for DSA, which > >> includes 6 of the 9 supported SRP cipher suites. But the three SRP > >> cipher suites that don't rely on a server-side certificate are still > >> broken. This problem can be recreated using these commands: > > > > I believe this is already in master in commit > > 9e72d496d4f9880ec98f0ed9168246e35c1c3059 > > > > > > Kurt > > > > > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List openssl-dev@openssl.org > Automated List Manager majord...@openssl.org > ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org