Bug 1057715
Summary: | s_client utility doesn't report the size of used DHE and ECDHE parameters selected by server | |||
---|---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Hubert Kario <hkario> | |
Component: | openssl | Assignee: | Tomas Mraz <tmraz> | |
Status: | CLOSED ERRATA | QA Contact: | Hubert Kario <hkario> | |
Severity: | medium | Docs Contact: | ||
Priority: | medium | |||
Version: | 6.5 | CC: | jherrman, rmainz | |
Target Milestone: | rc | Keywords: | FutureFeature | |
Target Release: | --- | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | openssl-1.0.1e-26.el6 | Doc Type: | Enhancement | |
Doc Text: |
When connecting to a server using ECDHE-based or DHE-based cipher suites, the s_client utility now reports the size of ECDHE and DHE parameters selected by the server. This allows for easy verification whether the used configuration set is secure.
|
Story Points: | --- | |
Clone Of: | ||||
: | 1057717 (view as bug list) | Environment: | ||
Last Closed: | 2014-10-14 07:19:38 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 1057717 |
Description
Hubert Kario
2014-01-24 16:27:00 UTC
I'm sorry but this is by no means a blocker. It should be at least submitted to upstream first for review. The DH parameter size and ECDHE curve is determined by the server. Needed changes are available upstream: http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=33a8de69dc092285fce9a3db4aae2b0df8852427 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2014-1525.html |