Re: Enabling RC4 from command line tools in OpenSSL 3.1

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



SECLEVEL=0?

On Fri, Sep 6, 2024 at 8:56 PM Ladd, Watson <wladd@xxxxxxxxxx> wrote:
>
>
> That was a very good idea, but sadly still doesn't work
>
>
> DYLD_LIBRARY_PATH=`cd .. && pwd` ./openssl s_client -tls1 -cipher RC4  -provider-path /Users/wladd/code/openssl/providers/ -provider legacy
>
> 004CA1EE01000000:error:0A0000A1:SSL routines:SSL_CTX_new_ex:library has no ciphers:ssl/ssl_lib.c:3474
>
>
> Suspect something went awry in configuring compiling that.
>
>
> ________________________________
> From: Dmitry Belyavsky <beldmit@xxxxxxxxx>
> Sent: Friday, September 6, 2024 11:25:46 AM
> To: Ladd, Watson
> Cc: openssl-users@xxxxxxxxxxx
> Subject: Re: Enabling RC4 from command line tools in OpenSSL 3.1
>
> !-------------------------------------------------------------------|
>   This Message Is From an Untrusted Sender
>   You have not previously corresponded with this sender.
> |-------------------------------------------------------------------!
>
> I think you should load the legacy provider. The default provider
> doesn't implement RC4.
>
> On Fri, Sep 6, 2024 at 8:04 PM 'Ladd, Watson' via openssl-users
> <openssl-users@xxxxxxxxxxx> wrote:
> >
> > Dear users,
> >
> >
> > I have been struggling to sort out what compile flags and arguments are required to get s_client from OpenSSL 3.1.7 to connect to a server with only RC4 enabled. I thought ./Configure enable-rc4 enable-weak-ssl-ciphers would be enough, and then  ./openssl s_client -tls1 -cipher RC4. However this results in
> >
> > Call to SSL_CONF_cmd(-cipher, RC4) failed
> >
> > 004CA1EE01000000:error:0A0000B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match:ssl/ssl_lib.c:2909
> >
> >
> > which surprises me.
> >
> >
> > What am I missing?
> >
> >
> > Sincerely,
> >
> > Watson Ladd
> >
> > --
> > You received this message because you are subscribed to the Google Groups "openssl-users" group.
> > To unsubscribe from this group and stop receiving emails from it, send an email to openssl-users+unsubscribe@xxxxxxxxxxx.
> > To view this discussion on the web visit https://urldefense.com/v3/__https://groups.google.com/a/openssl.org/d/msgid/openssl-users/1ee7e3f49d3f45d8a303722cd4967c16*40akamai.com__;JQ!!GjvTz_vk!R5hKSU2uh2SDcVexUNOyYLTwaFFhgNo5xij19sbloiZEuvEJIUlJNcd609a4vU0Yr17jVeRbK5fB$ .
>
>
>
> --
> SY, Dmitry Belyavsky



-- 
SY, Dmitry Belyavsky

-- 
You received this message because you are subscribed to the Google Groups "openssl-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to openssl-users+unsubscribe@xxxxxxxxxxx.
To view this discussion on the web visit https://groups.google.com/a/openssl.org/d/msgid/openssl-users/CADqLbzLhht2eMOtx9vS6iZD_Ysqp1FgfhTnUn3ApTeOUkYpZCQ%40mail.gmail.com.




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux