[cl-plus-ssl-devel] [CL-PLUS-SSL-DEVEL][PATCH] call SSL_CTX_set_tmp_rsa_callback to support ephemeral ciphers
Kari Lentz
kari.k.lentz at gmail.com
Thu Feb 6 01:18:56 UTC 2014
This was just run on a Hunchentoot web server running Linux
3.2.0.54-generic kernel using SBCL 1.1.0. A Windows NT machine with only
standard export ciphers was used as the client. With the COND error, there
was communication with the Hunchentoot web server but the negotiated key
length was always 1024 characters. After the fix of the COND error, there
was now communication using a key length 512 characters. It looks like 512
character key length communication had always been available with the above
setup but the error caused only 1024 length keys to be used.
Thanks,
Kari
On Wed, Feb 5, 2014 at 6:51 AM, Anton Vodonosov <avodonosov at yandex.ru>wrote:
> I have committed the patch.
>
> Could you please test it?
>
> There was an error in COND,
> so that it always produced and returned 1024 length key.
> I fixed that:
>
> https://gitorious.org/cl-plus-ssl/cl-plus-ssl/commit/ad981bd18dd754325ba41dbd1d6c340b9f2773c0
>
> Best regards,
> - Anton
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mailman.common-lisp.net/pipermail/cl-plus-ssl-devel/attachments/20140205/9b96bb86/attachment.html>
More information about the cl-plus-ssl-devel
mailing list