It appears there is a major regression with OpenSSL 1.0.1d over
1.0.1c. I've narrowed it down to setting a custom cipher
list I think as if I do not set a cipher list, the issue does
not occur.
I have reproduced the issue with the openssl s_server/s_client
command line utility. You can see my
On 02/06/2013 12:30 PM, Brad House wrote:
...snip...
I should also note that currently I am using
OpenSSL 1.0.1d-fips 5 Feb 2013
On an Intel(R) Core(TM) i7-3770S CPU @ 3.10GHz running Ubuntu 12.04 64bit
(so presumably I'm using AES-NI ... noticed changes to that in the
changelog).
I have not
On Wed, Feb 06, 2013, Brad House wrote:
On 02/06/2013 12:30 PM, Brad House wrote:
...snip...
I should also note that currently I am using
OpenSSL 1.0.1d-fips 5 Feb 2013
On an Intel(R) Core(TM) i7-3770S CPU @ 3.10GHz running Ubuntu 12.04 64bit
(so presumably I'm using AES-NI ... noticed
On 02/06/2013 01:37 PM, Dr. Stephen Henson wrote:
A possibility is the AESNI+SHA1 stitched code which is handled as a special
case. You'd only see that with AES+SHA1 ciphersuites on AES-NI supporting
processors.
DHE-RSA-CAMELLIA256-SHA also has the same issue. I'm thinking it may be
a -SHA
On Wed, Feb 06, 2013, Brad House wrote:
On 02/06/2013 01:37 PM, Dr. Stephen Henson wrote:
A possibility is the AESNI+SHA1 stitched code which is handled as a special
case. You'd only see that with AES+SHA1 ciphersuites on AES-NI supporting
processors.
DHE-RSA-CAMELLIA256-SHA also has the
* Dr. Stephen Henson st...@openssl.org [2013-02-06 20:14]:
On Wed, Feb 06, 2013, Brad House wrote:
DHE-RSA-CAMELLIA256-SHA also has the same issue. I'm thinking it may be
a -SHA issue as the only -SHA cipher I've gotten to work so far is RC4-SHA.
Note though the TLSv1.2+HIGH ciphers that
On 02/06/2013 02:14 PM, Dr. Stephen Henson wrote:
On Wed, Feb 06, 2013, Brad House wrote:
On 02/06/2013 01:37 PM, Dr. Stephen Henson wrote:
A possibility is the AESNI+SHA1 stitched code which is handled as a special
case. You'd only see that with AES+SHA1 ciphersuites on AES-NI supporting
On 02/06/2013 03:07 PM, Holger Weiß wrote:
* Dr. Stephen Henson st...@openssl.org [2013-02-06 20:14]:
On Wed, Feb 06, 2013, Brad House wrote:
DHE-RSA-CAMELLIA256-SHA also has the same issue. I'm thinking it may be
a -SHA issue as the only -SHA cipher I've gotten to work so far is RC4-SHA.
On 02/06/2013 03:21 PM, Brad House wrote:
On 02/06/2013 03:07 PM, Holger Weiß wrote:
* Dr. Stephen Henson st...@openssl.org [2013-02-06 20:14]:
On Wed, Feb 06, 2013, Brad House wrote:
DHE-RSA-CAMELLIA256-SHA also has the same issue. I'm thinking it may be
a -SHA issue as the only -SHA cipher
Hi,
FIPS enabled build fail at same line.
Brad House wrote:
It appears there is a major regression with OpenSSL 1.0.1d over
1.0.1c. I've narrowed it down to setting a custom cipher
list I think as if I do not set a cipher list, the issue does
not occur.
I have reproduced the issue with the
On Wed, Feb 06, 2013, Dr. Stephen Henson wrote:
On Wed, Feb 06, 2013, Brad House wrote:
In ssl/s3_cbc.c and the function ssl3_cbc_record_digest_supported try
setting it to return 0 when NID_sha1 is passed.
Have you not been able to reproduce this issue? I've seen it on more than
11 matches
Mail list logo
