[Date Prev] [Date Index] [Date Next] [Thread Prev] [Thread Index] [Thread Next]
Chris Ross cross+conserver@distal.com
Tue, 11 Oct 2005 14:50:27 -0700 (PDT)
on my box, i do "strings /usr/local/lib/libssl.a |grep -i ADH" and get:
EXP-ADH-RC4-MD5 ADH-RC4-MD5 EXP-ADH-DES-CBC-SHA ADH-DES-CBC-SHA ADH-DES-CBC3-SHA ADH-AES128-SHA ADH-AES256-SHA ALL:!ADH:+RC4:@STRENGTH ALL:!ADH:+RC4:@STRENGTH
i'm not sure if those disappear if you compile openssl without the anonymous ciphers. but if the library doesn't have references to them, that's probably it.
% strings /usr/sfw/lib/libssl.so.0.9.7 |grep -i ADH EXP-ADH-RC4-MD5 ADH-RC4-MD5 EXP-ADH-DES-CBC-SHA ADH-DES-CBC-SHA ADH-DES-CBC3-SHA ADH-AES128-SHA ADH-AES256-SHA ALL:!DHE-RSA-AES256-SHA:!DHE-DSS-AES256-SHA:!AES256-SHA:!ADH:+RC4:@STRENGTH ALL:!DHE-RSA-AES256-SHA:!DHE-DSS-AES256-SHA:!AES256-SHA:!ADH:+RC4:@STRENGTH ALL:!DHE-RSA-AES256-SHA:!DHE-DSS-AES256-SHA:!AES256-SHA:!ADH:+RC4:@STRENGTH %
Anyone have any idea if I can compile a program against the libraries to confirm or debate the suspicion that my conserver SSL problems are based on the way OpenSSL was modified and/or built? Or a suggestion as to what calls I would use to write one myself...