Re^8: Net::SSLeay and secure renegotiation

Replies are listed 'Best First'.
Re^9: Net::SSLeay and secure renegotiation by noxxi (Pilgrim) on Dec 13, 2016 at 18:22 UTC
> The openssl version on my linux is 1.0.2j 26 Sep 2016 and i can send that TLS_EMPTY_RENEGOTIATION_INFO_SCSV if i use openssl commands. With openssl 1.02 I get 101 ciphers when using 'ALL' which is very different from the 38 you get. Could it be that the openssl binary you use and the libssl linked to Net::SSLeay have different OpenSSL versions? Please check the version used from Net::SSLeay with perl -MNet::SSLeay -e 'printf "%x\n",Net::SSLeay::OPENSSL_VERSION_NUMBER()'	[reply]
Re^10: Net::SSLeay and secure renegotiation by iThunder (Beadle) on Dec 13, 2016 at 18:26 UTC
Below is the output. Thanks root@host# perl -MNet::SSLeay -e 'printf "%x\n",Net::SSLeay::OPENSSL_VERSION_NUMBER()' 90807f	[reply]
Re^11: Net::SSLeay and secure renegotiation by noxxi (Pilgrim) on Dec 13, 2016 at 19:25 UTC
> 90807f That's what I suspected. While you might have installed OpenSSL 1.0.2 on your system the Perl/Net::SSleay you use is linked against a the very old OpenSSL version 0.9.8g. This version is from 2008 and has no support for this pseudo cipher. In fact, the RFC 5746 which defines this pseudo cipher was only published in 2010.	[reply]
Re^12: Net::SSLeay and secure renegotiation by iThunder (Beadle) on Dec 13, 2016 at 19:32 UTC
Re^13: Net::SSLeay and secure renegotiation by noxxi (Pilgrim) on Dec 13, 2016 at 19:59 UTC
Some notes below your chosen depth have not been shown here