openssl s_server "-legacy_renegotiation" option was present in version 1.0.1u but removed in version 1.0.2a

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

openssl s_server "-legacy_renegotiation" option was present in version 1.0.1u but removed in version 1.0.2a

slon v sobstvennom palto
Hi,
openssl command line utility "s_server" command "-legacy_renegotiation" option was present in version 1.0.1u but removed in version 1.0.2a. In the source code of 1.0.2a the option is still present in the on screen help but not parsed and handled in the source code.

The source code file is apps/s_server.c

I want to fix this and to return back the processing code so the option can be used in the latest openssl, if no objections.

Thanks
Oleg

--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: openssl s_server "-legacy_renegotiation" option was present in version 1.0.1u but removed in version 1.0.2a

OpenSSL - Dev mailing list

You might find that the SSL library doesn’t have the code to do the old-style insecure renegotiation.

 

If it does, then it probably makes sense to support this as a debugging option.


--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: openssl s_server "-legacy_renegotiation" option was present in version 1.0.1u but removed in version 1.0.2a

Matt Caswell-2
In reply to this post by slon v sobstvennom palto


On 05/07/17 13:16, slon v sobstvennom palto wrote:
> Hi,
> openssl command line utility "s_server" command "-legacy_renegotiation"
> option was present in version 1.0.1u but removed in version 1.0.2a. In
> the source code of 1.0.2a the option is still present in the on screen
> help but not parsed and handled in the source code.
>
> The source code file is apps/s_server.c

This is not correct. The command is still processed in 1.0.2. It is
handled by this line in s_server.c:

https://github.com/openssl/openssl/blob/OpenSSL_1_0_2-stable/apps/s_server.c#L1300


Matt
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Loading...