Fix default of openssl s_server
openssl s_server up to 1.0.2.a included uses a 512-bit prime for DH by default. Since we now require 1024 bit at least, make s_server use decent params. (1.0.2b and up use acceptable params by default.)
This commit is contained in:
parent
c0696c216b
commit
6195767554
2 changed files with 2 additions and 2 deletions
|
@ -749,7 +749,7 @@ setup_arguments()
|
|||
esac
|
||||
|
||||
P_SERVER_ARGS="server_port=$PORT server_addr=0.0.0.0 force_version=$MODE arc4=1"
|
||||
O_SERVER_ARGS="-accept $PORT -cipher NULL,ALL -$MODE"
|
||||
O_SERVER_ARGS="-accept $PORT -cipher NULL,ALL -$MODE -dhparam data_files/dhparams.pem"
|
||||
G_SERVER_ARGS="-p $PORT --http $G_MODE"
|
||||
G_SERVER_PRIO="NORMAL:+ARCFOUR-128:+NULL:+MD5:+PSK:+DHE-PSK:+ECDHE-PSK:+RSA-PSK:-VERS-TLS-ALL:$G_PRIO_MODE"
|
||||
|
||||
|
|
|
@ -517,7 +517,7 @@ unset PORT_BASE
|
|||
P_SRV="$P_SRV server_addr=127.0.0.1 server_port=$SRV_PORT"
|
||||
P_CLI="$P_CLI server_addr=127.0.0.1 server_port=+SRV_PORT"
|
||||
P_PXY="$P_PXY server_addr=127.0.0.1 server_port=$SRV_PORT listen_addr=127.0.0.1 listen_port=$PXY_PORT"
|
||||
O_SRV="$O_SRV -accept $SRV_PORT"
|
||||
O_SRV="$O_SRV -accept $SRV_PORT -dhparam data_files/dhparams.pem"
|
||||
O_CLI="$O_CLI -connect localhost:+SRV_PORT"
|
||||
G_SRV="$G_SRV -p $SRV_PORT"
|
||||
G_CLI="$G_CLI -p +SRV_PORT localhost"
|
||||
|
|
Loading…
Reference in a new issue