On Thu, Mar 26, 2015 at 10:42:21AM +0530, Mukesh Yadav wrote:
HI,
I have a query for SSl cipher on Openssl-1.0.1h
Have an application which is using library compiled with openssl-1.0.1h.
Application is failing in func SSL_CTX_set_cipher_list() when input is
RC4-MD5+RC4-SHA and it gets
Thanks Marcus.
It worked when changed + to :.
I am wondering is this newly introduced?.
Application compiled with openssl-0.9.8d used to work when Cipher string
has '+'.or ':'
On 26 March 2015 at 15:23, Marcus Meissner meiss...@suse.de wrote:
On Thu, Mar 26, 2015 at 10:42:21AM +0530,
I am wondering is this newly introduced?.
No it's not new.
Application compiled with openssl-0.9.8d used to work when Cipher string has
'+'.or ':'
That release is nearly 10 years old (Sep 2006) And are you sure it worked? +
tended to mean add, so :+ worked...
--
Senior Architect,
On Thu, Mar 26, 2015 at 07:56:38PM +0530, Mukesh Yadav wrote:
:~/openssl-0.9.8d_install/usr/local/bin# ./openssl ciphers RC4-MD5+RC4-SHA
-v
RC4-MD5 SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
RC4-MD5 SSLv2 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
That's Right..
here is O/p
Openssl-0.9.8d:
:~/openssl-0.9.8d_install/usr/local/bin# ./openssl ciphers RC4-MD5:RC4-SHA
-v
RC4-MD5 SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
RC4-MD5 SSLv2 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
RC4-SHA
Thanks Viktor for clarification.
So in case we need to use SSL_CTX_set_cipher_list(), we should use : for
multiple Ciphers.
and + working in old releases for same scenario can be treated as bug..
Thanks
Mukesh
On 26 March 2015 at 20:24, Viktor Dukhovni openssl-us...@dukhovni.org
wrote:
On
HI,
I have a query for SSl cipher on Openssl-1.0.1h
Have an application which is using library compiled with openssl-1.0.1h.
Application is failing in func SSL_CTX_set_cipher_list() when input is
RC4-MD5+RC4-SHA and it gets succeed when input is RC4-SHA.
Not sure whether RC4-MD5 is disabled by