> On May 26, 2016, at 9:44 AM, Angus Robertson - Magenta Systems Ltd
> wrote:
>
> I have two custom Windows web sites, running released and beta versions
> of OpenSSL. The beta version only gets an A- score with SSL Labs,
> whereas the release version gets A+.
>
>
On Thu, May 26, 2016, at 14:52, Matt Caswell wrote:
> > One of the modules maintains the server-side SSL session cache,
> > comprised of SSL_SESSION objects. For debugging purposes, there's a
> > tool to dump out the sessions in the cache. I had initially used
> > SSL_SESSION_print() for this
On Thu, May 26, 2016 at 09:58:09PM +, Viktor Dukhovni wrote:
> The following should work:
>
> const char *get_session_protocol(SSL_CTX *ctx, SSL_SESSION *session)
> {
> const char *protocol;
> SSL_CTX *tmp_ctx = NULL;
>
> /* Typically you'd pass in a suitable
On Thu, May 26, 2016 at 10:45:54PM +0100, Matt Caswell wrote:
> > Using OpenSSL-1.0.x, I currently use:
> >
> > ssl_version = sess->ssl_version;
> >
> > However, I don't see an equivalent accessor in the 1.1.x APIs. Have I
> > missed something, or does such a thing not exist yet?
>
> I
On 26/05/16 22:48, TJ Saunders wrote:
>
>
>>> I'm currently working on updating proftpd and its various modules to
>>> work with the changed APIs in OpenSSL-1.1.x. My current obstacle(?) is
>>> to determine the SSL protocol version, given an SSL_SESSION pointer.
>>>
>>> Using OpenSSL-1.0.x, I
> > I'm currently working on updating proftpd and its various modules to
> > work with the changed APIs in OpenSSL-1.1.x. My current obstacle(?) is
> > to determine the SSL protocol version, given an SSL_SESSION pointer.
> >
> > Using OpenSSL-1.0.x, I currently use:
> >
> > ssl_version =
On 26/05/16 22:27, TJ Saunders wrote:
>
> I'm currently working on updating proftpd and its various modules to
> work with the changed APIs in OpenSSL-1.1.x. My current obstacle(?) is
> to determine the SSL protocol version, given an SSL_SESSION pointer.
>
> Using OpenSSL-1.0.x, I currently
I'm currently working on updating proftpd and its various modules to
work with the changed APIs in OpenSSL-1.1.x. My current obstacle(?) is
to determine the SSL protocol version, given an SSL_SESSION pointer.
Using OpenSSL-1.0.x, I currently use:
ssl_version = sess->ssl_version;
However, I
> 1. Please
> see
> https://boringssl.googlesource.com/boringssl/+/75b833cc819a9d189adb0fdd56327bee600ff9e9.
>
> I think it would be good for OpenSSL to work with Google to integrate
> this patch.
Will be looked into...
> 2. Is the `__chkstk` code that was added [1] to `bn_mul_mont` really
>
> See
> https://github.com/openssl/openssl/commit/d6482a82bc2228327aa4ba98aeeecd9979542a31#diff-3aca3afd18ad75a8f6a09a9860bc6ef5R631
>
> + volatile BN_ULONG *table = (volatile BN_ULONG *)buf;
>
> Why is `volatile` used here? Is it to work around the effective type
> (strict aliasing) violations
> > Cortex-M platforms are so limited that every bit of performance and
> > space savings matters. So, I think it is definitely worthwhile to
> > support the non-NEON ARMv7-M configuration. One easy way to do this
> > would be to avoid building NEON code when __TARGET_PROFILE_M is
You don't say what version of OpenSSL you were testing. It seems to be either
1.0.2 or 1.0.1 (not master). Anyway, comments inserted.
On Mon Dec 14 13:45:20 2015, skoripe...@juniper.net wrote:
> Issue 1)
> We could have failed to allocate the ctx->cipher_data in
> EVP_CipherInit_ex
>
>
I have two custom Windows web sites, running released and beta versions
of OpenSSL. The beta version only gets an A- score with SSL Labs,
whereas the release version gets A+.
https://www1.telecom-tariffs.co.uk/serverinfo.htm
shows server status, and that it's running OpenSSL 1.1.0-pre5 (beta)
13 matches
Mail list logo