On 07/12/2020 14:26, Jakob Bohm via openssl-users wrote: >>> error: 'SSL_R_PEER_ERROR_NO_CIPHER' was not declared in this scope >> This one was only ever used in the SSLv2 implementation. Since no one >> uses SSLv2 any more and it is considered highly insecure its >> implementation was removed some while ago. So the reason code was also >> deleted. > So what error is returned by SSL3/TLS1.x when the client (erroneously) > offers an empty cipher list? Offering no ciphers at all would actually be a protocol error (since the RFCs require at least one ciphersuite to be sent). We actually treat it the same way as if none of the clients offered ciphersuites match with the server's list. The error in this case is SSL_R_NO_SHARED_CIPHER. Matt
