Failure using ECDH-RSA-AES256-SHA with ssl3 on Master Branch

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Mar 20, 2015 at 03:51:17PM +0000, Matt Caswell wrote:

> >> I am trying to use ECDH-RSA-AES256-SHA with ssl3 with s_client and s_server on
> >> the master branch. (cloned at commit
> >> f7683aaf36341dc65672ac2ccdbfd4a232e3626d) and then retested  with a more
> >> recent clone: (commit da27006df06853a33b132133699a7aa9d4277920).
> 
> Looks like a bug. Try the attached patch. Let me know how you get on.

> Subject: [PATCH] Don't check curves that haven't been sent
> 
> Don't check that the curve appears in the list of acceptable curves for the
> peer, if they didn't send us such a list (for example this will always be
> the case in SSL3)

Are you sure that's a bug.  I recall a recent discussion that
specifically pointed out that we should not negotiate ECDH when
the relevant extension is not sent.  We have no idea which curves
the client supports, and therefore can't choose any.

IIRC the current behaviour is a bug fix, and any prior use of ECDH
with SSLv3 was wrong.

-- 
	Viktor.


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux