On Mon, Jul 10, 2000 at 09:28:39AM -0500, Taral wrote:
> We are trying to provide backward compatability with OpenSSL 0.9.4 for
> those users who like the debian package for it (apparently no 0.9.5 deb
> package is available). However, we are getting a lockup at:
>
> SSL_CTX_set_cipher_list(gSSL_CTX, "ADH:@STRENGTH")
>
> Is this a known bug in OpenSSL 0.9.4?
Yes, this is a known bug. If you submit an unknown character ("@" was
only introduced in 0.9.5) at the begin of a cipher, you will be stuck
in an endless loop.
For 0.9.4, @STRENGTH is not supported. Even if it would not lock up,
it would be silently ignored; you must use a preprocessor construct
evaluating the OPENSSL_VERSION_NUMBER.
BTW, if memory servers me right, ADH ciphers were not compiled into
openssl by default before 0.9.5, so your cipher_list is bound to
fail anyway (if the debian package was not specially compiled).
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
