On Thu, Mar 13, 2014, Kurt Roeckx wrote: > On Thu, Mar 13, 2014 at 03:13:01PM -0400, Daniel Kahn Gillmor wrote: > > In theory, users of OpenSSL as a TLS client are already able to query > > the size of the DH key exchange for any given connection, and can choose > > to terminate it if they object to the size of the group (or any other > > properties of the group). > > Last time I looked this information is in an internal structure > not exposed to the client. >
It can be accessed with an API call but only in OpenSSL 1.0.2. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
