Bug #11739: OpenSSL::SSL::SSLServer doesn't negotiate ECDHE-* ciphersuites - Ruby master - Ruby Issue Tracking System

Actions

Copy link

Bug #11739

closed

OpenSSL::SSL::SSLServer doesn't negotiate ECDHE-* ciphersuites

Added by weeks (Branodn Weeks) almost 9 years ago. Updated over 8 years ago.

Status:

Rejected

Assignee:

Target version:

ruby -v:

Backport:

2.0.0: UNKNOWN, 2.1: UNKNOWN, 2.2: UNKNOWN

[ruby-core:71678]

Description

I'm trying to configure an instance of OpenSSL::SSL::SSLServer that supports Elliptic curve Diffie–Hellman. No matter what combination of Ruby and OpenSSL versions I try the negotiation with the client fails.

Proof of concept:
https://gist.github.com/brandonweeks/e26414cc1e9eea9453a8

Then run:

openssl s_client -connect localhost:8443

Also attaching a pcap file of the failed handshake.

Files

tls_handshake.pcap (4.93 KB) tls_handshake.pcap

weeks (Branodn Weeks), 11/25/2015 06:39 AM

Related issues 2 (0 open — 2 closed)

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Like0

Like0Like0Like0Like0Like0

	Related to Ruby master - Bug #10497: OpenSSL Servers Do Not Support EC Certificates	Closed					Actions
	Related to Ruby master - Feature #11356: Add ECDH support to OpenSSL wrapper	Closed					Actions

Project

General

Profile

Ruby » Ruby master

Custom queries

Bug #11739

OpenSSL::SSL::SSLServer doesn't negotiate ECDHE-* ciphersuites

Updated by ko1 (Koichi Sasada) almost 9 years ago

Updated by rhenium (Kazuki Yamaguchi) over 8 years ago

Updated by rhenium (Kazuki Yamaguchi) over 8 years ago

Updated by rhenium (Kazuki Yamaguchi) over 8 years ago

Updated by usa (Usaku NAKAMURA) over 8 years ago