httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Yann Ylavic <ylavic....@gmail.com>
Subject Re: The show goes on - 2.4.16
Date Thu, 16 Jul 2015 16:30:32 GMT
On Thu, Jul 16, 2015 at 5:38 PM, Michael Felt <mamfelt@gmail.com> wrote:
>
> btw - I am much more interested in the ssl tests and whether it is a failed
> test (going back to MC4 128-bit) when the initial connection was much
> better. I assume this is not logjam (or some other horrible recent OpenSSL
> TLS renegotiate CVE) - but it is something we want to prevent (as far as I
> know LibreSSL has no support for RC4 as it is too weak - hence these will
> fail by definition if the test (client) is forcing a renegotiate to that
> level of cryptography (key exchange?).

The test framework does indeed use RC4-MD5 (vs RC4-SHA) on location
/require-md5-cgi (resp. /require-sha-cgi) for renegotiations based on
cipher change.

I have replace it with AES128 vs AES256 (-SHA) in r1691419, these
should be available with both libs.
Could you svn up your framework and check if it works now?

Mime
View raw message