Re: [exim-dev] Preliminary testing of a new Exim test suite

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Daniel Tiefnig
Date:  
À: exim-dev
Sujet: Re: [exim-dev] Preliminary testing of a new Exim test suite
Philip Hazel wrote:
> On Tue, 29 Nov 2005, Daniel Tiefnig wrote:
>> {DHE-RSA-AES256-SHA}{!DHE-RSA-AES256-SHA:DES-CBC3-SHA}}
>
> Well, that works for me too, so maybe we should go with it. I don't
> think it's an underscore vs hyphen thing, because it works for me
> with both.


Of course I tried everything with underscores too... :o)

> I don't know much about this either, but the partial cipher suite
> names should be legal, according to the OpenSSL documentation that I
> quote in the reference manual (section 38.4 in the 4.60 edition). I
> wonder if something has changed in OpenSSL? Can you easily check the
> documentation for your version to see if it says anything about
> cipher suite names?


Sure. The changelog doesn't seem to contain anything relating to this,
and the documentation snippet you mentioned remained unchanged so far. I
think you can try whether there was a change with the s_client command.
For me, with openssl 0.9.8, it says:

tiefnig@orion:~$ openssl s_client -cipher RSA-AES256
error setting cipher list
tiefnig@orion:~$ openssl s_client -cipher DHE-RSA-AES256-SHA
connect: Connection refused

But also:

tiefnig@orion:~$ openssl s_client -cipher RSA
connect: Connection refused
tiefnig@orion:~$ openssl s_client -cipher SHA
connect: Connection refused
tiefnig@orion:~$ openssl s_client -cipher AES256-SHA
connect: Connection refused


lg,
daniel