You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The cipher suites requested by the client should be used in the connection towards the server, as long as they can be handled by sslsplit and the version of OpenSSL that is in use. This idea came up in #126. This is a bit complex because we need to manually parse the cipher suites from the Client Hello message before creating the source SSL bufferevent in order to correctly configure the destination SSL bufferevent.
Support for anonymous cipher suites is currently untested and may or may not work. This should be tested (both ssl and autossl proxyspecs) and necessary fixes implemented so that when a client requests anonymous cipher suites, they are actually used.
The text was updated successfully, but these errors were encountered:
I research the API of openssl, do not find the appropriate function to set cipher list.
Only get this:
SSL_CTX_set_cipher_list
SSL_set_cipher_list
But they only set the whole cipher suites, not list.
The cipher suites requested by the client should be used in the connection towards the server, as long as they can be handled by sslsplit and the version of OpenSSL that is in use. This idea came up in #126. This is a bit complex because we need to manually parse the cipher suites from the Client Hello message before creating the source SSL bufferevent in order to correctly configure the destination SSL bufferevent.
Support for anonymous cipher suites is currently untested and may or may not work. This should be tested (both ssl and autossl proxyspecs) and necessary fixes implemented so that when a client requests anonymous cipher suites, they are actually used.
The text was updated successfully, but these errors were encountered: