cURL / Mailing Lists / curl-library / Single Mail


Re: openssl srp patch

From: Peter Sylvester <>
Date: Sat, 19 Mar 2011 12:54:08 +0100

On 03/19/2011 12:39 PM, Peter Sylvester wrote:
> hi,
> given that the latest openssl now contains support for SRP,
> here a patch for openssl. since gnu-tls is already supported
> in curl, the patch is rather simple:
> adds some test to and some logic to ssluse.c
> I do not have tested whether the behaviour is like with gnu-tls
> potential issues:
> In case when the tlsauth is enabled:
> - what should be the default ssl version?
> I'll set TLSv1 if non was given.
> - The default ciphersuites in openssl do not include SRP
> if no ciphersuite is given by the user,
> SRP is set as the default.
I forgot: since the openssl srp is not documented (yet):

   touch verifiers
   openssl srp -srpvfile verifiers -add -gn 2048 theuser

   (ignore the error message about attr)

the resulting file can be used in openssl s_server for testing

List admin:
Received on 2011-03-19