Back Midas Rome Roody Rootana
  Midas DAQ System  Not logged in ELOG logo
 Back  |  Find  |  Login  |  Help 
Entry  22 May 2015, Konstantin Olchanski, Info, mhttpd HTTPS/SSL server updated 
    Reply  07 Jul 2015, Konstantin Olchanski, Info, mhttpd HTTPS/SSL server updated 
       Reply  15 Jul 2015, Konstantin Olchanski, Info, mhttpd HTTPS/SSL server updated 
          Reply  12 Aug 2015, Konstantin Olchanski, Info, mhttpd HTTPS/SSL server updated 
             Reply  27 Aug 2015, Konstantin Olchanski, Info, mhttpd HTTPS/SSL server updated 
                Reply  31 Aug 2015, Konstantin Olchanski, Info, mhttpd HTTPS/SSL server updated 
    Reply  21 Aug 2015, Thomas Lindner, Info, mhttpd HTTPS/SSL server updated 
       Reply  27 Aug 2015, Konstantin Olchanski, Info, mhttpd HTTPS/SSL server updated 
          Reply  09 Sep 2015, Thomas Lindner, Info, mhttpd HTTPS/SSL server updated 
             Reply  11 Sep 2015, Konstantin Olchanski, Info, mhttpd HTTPS/SSL server updated 
Message ID: 1091     Entry time: 12 Aug 2015     In reply to: 1069     Reply to this: 1102
Author: Konstantin Olchanski 
Topic: Info 
Subject: mhttpd HTTPS/SSL server updated  
> > > mhttpd uses the latest release of mongoose 4.2

HTTPS support is completely broken in mongoose.c between July 28th (1bc9d8eae48f51ceb73ffd918046cfe74d286909)
and August 12th 2015 (fdc5a80a0a9ca54cba794d7c1131add7f55f112f).

I accidentally broke it by a wrong check against absence of EC_KEY in prehistoric openssl shipped with SL4.

As result, the ECDHE ciphers were enabled but did not work - google chrome complained about "obsolete cryptography",
firefox failed to connect at all.

Please update src/mongoose.c to the latest version if you are using https in mhttpd. (as you should)

Sorry about this problem.

K.O.
ELOG V3.1.4-2e1708b5