From openssl-users  Thu Mar 18 09:48:04 2010
From: Vishal Rao <vishalrao () gmail ! com>
Date: Thu, 18 Mar 2010 09:48:04 +0000
To: openssl-users
Subject: Re: How to enable null cipher in openssl library build config?
Message-Id: <aacba7e1003180236u3dd3b191r40915f26bf5939be () mail ! gmail ! com>
X-MARC-Message: https://marc.info/?l=openssl-users&m=126890565317200

On 18 March 2010 10:09, Victor Duchovni
<Victor.Duchovni@morganstanley.com> wrote:
> It is always enabled, no special compilation flags required.
>
> Applications have to enable NULL ciphers explicitly at runtime. Do not
> recompile with a broken DEFAULT cipher list, just configure applications
> that know what they are doing to use NULL ciphers by specifying a
> suitable cipherlist.

Which version of OpenSSL are you talking about? An older one than
0.9.8g or the latest?

The one I tried (098g) the READMEs say "its disabled by default" and needs to be
enabled via a configuration flag while compiling it.

I'm using the ACE toolkit's ACE_SSL module (for SSL sockets support) which
depends on OpenSSL and it only "seems to work" when I do this manual
source edit.

I don't see any API/option in ACE_SSL to "enable NULL cipher" and the fact that
it "starts working" for me when I just rebuild the OpenSSL library
with my change
leads me to ask this question.

Any tips on how I might peek under the hood to see what ACE_SSL is doing that
does not work unless I change the OpenSSL build?

- Vishal
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majordomo@openssl.org