Hello Steve,
Reverting the below commit is necessary but not sufficient. There are
also references to aSRP in s3_clnt.c and ssl_lib.c that must be deleted
to get OpenSSL to build. SRP functions correctly once that has been done.
Norm
On 8/7/14, 19:21, Dr. Stephen Henson wrote:
On Thu,
On 08/08/14 19:33, Norm Green wrote:
Hello Steve,
Reverting the below commit is necessary but not sufficient. There are
also references to aSRP in s3_clnt.c and ssl_lib.c that must be deleted
to get OpenSSL to build. SRP functions correctly once that has been done.
Those were introduced
Then what would you suggest? SRP is completely broken for us with 1.0.1i
Norm
On 8/8/14, 11:51, Matt Caswell wrote:
On 08/08/14 19:33, Norm Green wrote:
Hello Steve,
Reverting the below commit is necessary but not sufficient. There are
also references to aSRP in s3_clnt.c and ssl_lib.c
On Fri, Aug 08, 2014, Norm Green wrote:
Then what would you suggest? SRP is completely broken for us with 1.0.1i
Please try the attached patch against 1.0.1i.
[BTW removing the aSRP references is fine as long as you don't delete the kSRP
references too]
Steve.
--
Dr Stephen N. Henson.
Hi Steve,
That patch works! We will go with that one instead of rolling back the
commit mentioned in your previous message.
Thanks very much for your help!!!
Norm
On 8/8/14, 12:25, Dr. Stephen Henson wrote:
On Fri, Aug 08, 2014, Norm Green wrote:
Then what would you suggest? SRP is
I just upgraded our product to 1.0.1i and logins via SRP are now
broken. Shown below are the SSL calls made from both the client and
server. Everything worked perfectly under 1.0.1h.
Bot sides set the cipher list to 'SRP' via calls to
SSL_CTX_set_cipher_list(), so the no shared cipher
On Thu, Aug 07, 2014, Norm Green wrote:
I just upgraded our product to 1.0.1i and logins via SRP are now
broken. Shown below are the SSL calls made from both the client and
server. Everything worked perfectly under 1.0.1h.
Bot sides set the cipher list to 'SRP' via calls to
On Thu, Aug 07, 2014, Norm Green wrote:
I just upgraded our product to 1.0.1i and logins via SRP are now
broken. Shown below are the SSL calls made from both the client and
server. Everything worked perfectly under 1.0.1h.
Bot sides set the cipher list to 'SRP' via calls to
On Thu, Aug 07, 2014, Norm Green wrote:
Any idea where to begin debugging this? Any and all help is appreciated.
The cause is incorrect handling of new SRP authentication type which was added
to correct a bug where SRP authentication was incorrectly classified as NULL
authhentication.
A
Thanks for tracking it down so fast Steve. I will revert the mods in
that commit and try it again tomorrow.
Norm
On 8/7/2014 7:21 PM, Dr. Stephen Henson wrote:
On Thu, Aug 07, 2014, Norm Green wrote:
Any idea where to begin debugging this? Any and all help is appreciated.
The cause is
10 matches
Mail list logo
