On 20/03/15 12:44, Linsell, StevenX wrote: > On Thu, Mar 19, 2015, Steve Linsell wrote: >> >> I am trying to use ECDH-RSA-AES256-SHA with ssl3 with s_client and s_server on >> the master branch. (cloned at commit >> f7683aaf36341dc65672ac2ccdbfd4a232e3626d) and then retested with a more >> recent clone: (commit da27006df06853a33b132133699a7aa9d4277920). > > Following further testing I see identical failures in the master branch using the following cipher/protocol combinations: > > ECDH-ECDSA-AES128-SHA ssl3 > ECDH-ECDSA-AES256-SHA ssl3 > ECDH-ECDSA-DES-CBC3-SHA ssl3 > ECDH-ECDSA-RC4-SHA ssl3 > ECDH-RSA-AES128-SHA ssl3 > ECDH-RSA-AES256-SHA ssl3 > ECDH-RSA-DES-CBC3-SHA ssl3 > ECDH-RSA-RC4-SHA ssl3 > ECDHE-ECDSA-AES128-SHA ssl3 > ECDHE-ECDSA-AES256-SHA ssl3 > ECDHE-ECDSA-DES-CBC3-SHA ssl3 > ECDHE-ECDSA-RC4-SHA ssl3 > Hi Steve Looks like a bug. Try the attached patch. Let me know how you get on. Thanks Matt -------------- next part -------------- A non-text attachment was scrubbed... Name: curves-check.patch Type: text/x-patch Size: 1034 bytes Desc: not available URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150320/1f4d3664/attachment.bin>
