Hi Dave, Thanks for your reply. I got the steps I mentioned after some googling. But those steps are not working. I understand you must be very busy, but I am stuck into there from then on. Can you please manage some time to look into it. Or if you know someone who can help me in this regard. It would also be very helpful if you suggest some experiments that I can do in this.
Thanks in advance, Rajib -----Original Message----- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Dave Thompson Sent: Saturday, September 17, 2011 6:41 AM To: openssl-users@openssl.org Subject: RE: Cipher setting error: fixedDH and experiment EXP > From: owner-openssl-us...@openssl.org On Behalf Of Kanchan Kumar Shaw > Sent: Thursday, 15 September, 2011 08:22 > I have written a simple program to test available ciphers. And of course > I have a problem with some of them. I installed openssl--1.0.0e [normally] > My problem is that I am unable to set the following five cipher. > EXP-DH-RSA-DES-CBC-SHA > EXP1024-RC4-MD5 > EXP1024-RC2-CBC-MD5 That's three not five. The first one and apparently all other fixed-DH suites (in s3_lib.c) have valid=0, and the other places that reference fixed-DH (SSL_kDH*) mostly have comments saying "no such ciphersuites supported" and it appears the logic that would implement them isn't there. I never encountered this because I've never wanted to do fixed-DH, and maybe nobody else has. On the others, you seem to have the same problem as Rajab Karmaker also at alumnux.com had Sep. 08 and Sep. 13 (but I didn't have time to look at then). Maybe you should get together with him. These reportedly-expired-draft ciphers are under an EXPERIMENTAL macro, which it appears Configure can't enable- or even experimental- (not in %disabled AND not in form OPENSSL_{NO,EXPERIMENTAL}_x). It looks to me like patching tls1.h should get them to build, but he says it didn't, and I don't have time to, well, experiment. Even if you get them built, you're on your own whether they work. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
