Re: How can I disable authentication?

Wed, 26 May 2010 21:04:49 -0700 

I've figured this out.  Just needed to disable cert verification in
addition to using aNULL cipher.

SSL_CTX_set_verify( mpSslContext, SSL_VERIFY_NONE, NULL );

Sorry for the spam.

On Wed, May 26, 2010 at 7:20 PM, Dallas Clement
<dallas.a.clem...@gmail.com> wrote:
> One small piece of additional info:  I'm trying to avoid the use of
> any certificates.  Is that even possible with OpenSSL?
>
> On Wed, May 26, 2010 at 6:34 AM, Dallas Clement
> <dallas.a.clem...@gmail.com> wrote:
>> Hi Patrick,
>>
>> I had first tried doing it at run-time, and it didn't seem to work.
>>
>>   SSL_set_cipher_list( mpSsl, "aNULL" );
>>
>> I then modified ssl.h as follows:
>>
>>   #define SSL_DEFAULT_CIPHER_LIST      "aNULL:eNULL" /* low priority for RC4 
>> */
>>
>> In both cases, I'm getting this error on the server end:
>>
>>   SSL error code = 1, msg = SSL_ERROR_SSL, error:1408A0C1:SSL
>> routines:SSL3_GET_CLIENT_HELLO:no shared cipher
>>
>> And this error on the client end:
>>
>>   SSL error code = 1, msg = SSL_ERROR_SSL, error:14077410:SSL
>> routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
>>
>> Can you see anything I might be doing wrong?
>>
>> Thanks,
>> Dallas
>>
>> On Wed, May 26, 2010 at 2:45 AM, Eisenacher, Patrick
>> <patrick.eisenac...@bdr.de> wrote:
>>> Hi Dallas,
>>>
>>>> -----Original Message-----
>>>> From: Dallas Clement
>>>>
>>>> Just wondering what the best way to turn off authentication is.  I'm
>>>> wanting to do so for testing purposes.  Would someone please advise?
>>>
>>> just configure "aNULL" (see ssl.h) for your ciphersuites on both endpoints. 
>>> That way only ciphersuites without authentication get activated.
>>>
>>> HTH,
>>> Patrick
>>> ______________________________________________________________________
>>> OpenSSL Project                                 http://www.openssl.org
>>> User Support Mailing List                    openssl-us...@openssl.org
>>> Automated List Manager                           majord...@openssl.org
>>>
>>
>
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to