search for: dh_builtin_genparams

Displaying 1 result from an estimated 1 matches for "dh_builtin_genparams".

2013 Oct 01
1
[bug] ssl-params hangs when FIPS is enabled
Hi, we found a bug in ssl-params. It calls openssl DH generator for 512 and 1024 bits, but in FIPS mode, openssl won't generate anything for less than 1024, so it fails with: error:0506A06E:Diffie-Hellman routines:DH_BUILTIN_GENPARAMS:key size too small but when DH generator fails, ssl-params hangs forever in io_loop_run: __epoll_wait_nocancel() io_loop_handler_run(..) at ioloop-epoll.c:176 io_loop_run(..) at ioloop.c:406 master_service_run(..) at master-service.c:566 main(..) at main.c:156 Getting system in FIPS mode can be...