On Tue, Sep 12, 2006 at 03:41:14PM +0300, Vlad W. wrote: > On 9/12/06, Bodo Moeller <[EMAIL PROTECTED]> wrote:
>> Hm. I've tried this again in the 0.9.7 branch, using the ssl_ciph.c >> version from 0.9.7d, and found that "openssl ciphers -v RC4-MD5" >> correctly gets two ciphersuites (SSLv3 and SSLv2) and that "openssl >> ciphers -v AES128-SHA" incorrectly gets the two ciphersuites >> AES256-SHA and AES128-SHA. However, you reported that "openssl >> ciphers -v AES128-SHA" returns the single cipher in 0.9.7[d], and I >> don't see how this can be true for the 0.9.7 branch without additional >> patches. > UPDATE: I've just downloaded several tar files from the openssl.org > and compiled them. > > "openssl ciphers -v AES128-SHA" changed its behaviour between 0.9.7g > (single ciphersuite) and 0.9.7h (AES256-SHA added). > > Regression test is good, isn't it? :) Thanks! Comparing the behavior of 0.9.7g and 0.9.7h, I finally found out what is going on here: In versions up to 0.9.7g, the AES128-SHA and AES256-SHA ciphersuites *did* have different bitmap descriptions and thus were treated differently in ciphersuite processing, because the AES128 ciphersuites were classified as having "MEDIUM" strength whereas AES256 went under "HIGH". With 0.9.7h, the AES128 classification was changed into "HIGH" (3DES is called "HIGH", so it makes sense to call AES128 "HIGH" as well, even though AES256 has higher strength). Well, this meant that there was no longer a difference between the bitmaps for AES128-SHA and AES256-SHA, so now both show up when you intend to select just one of them. The first attempted fix to this (in the 0.9.8 and 0.9.9 branches only) caused the SSLv2/SSLv3 problem that you reported, and which will be corrected in the next releases. The combined patch will also go into the next release for the 0.9.7 branch. Bodo ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
