According to that, your client cert isn't self-signed.
It is apparently signed by the same company, which isn't
the same thing; in X.509 and SSL, self-signed means that
the cert Subject and Issuer,and specifically the subject
KEY and the issuing/signing KEY, are EXACTLY the same.
What
Hi List,
I have problem with SSL_shutdown. Advice seems to be to call it again, if the
return value is 0.
However, this means that shutdown can hang forever. Can I just call
SSL_shutdown and go on ?
regards aarno
__
OpenSSL
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL version 1.0.0c released
===
OpenSSL - The Open Source toolkit for SSL/TLS
http://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 1.0.0c of our open source
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL Security Advisory [2 December 2010]
OpenSSL Ciphersuite Downgrade Attack
=
A flaw has been found in the OpenSSL SSL/TLS server code where an old bug
workaround allows malicous clients to modify the stored
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL version 0.9.8q released
===
OpenSSL - The Open Source toolkit for SSL/TLS
http://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 0.9.8q of our open source
Can someone point to details on CVE-2010-4180 and CVE-2010-4252? CVE-2010-3864
was the reason 1.0.0b was released, but I cannot find any references to the
other two.
Erik Tkal
Juniper OAC/UAC/Pulse Development
-Original Message-
From:
On Thu, Dec 02, 2010, Erik Tkal wrote:
Can someone point to details on CVE-2010-4180 and CVE-2010-4252?
CVE-2010-3864 was the reason 1.0.0b was released, but I cannot find any
references to the other two.
http://www.openssl.org/news/secadv_20101202.txt
Steve.
--
Dr Stephen N. Henson.
http://www.openssl.org/news/secadv_20101202.txt
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
On 12/2/2010 9:03 PM, Erik Tkal wrote:
Can someone point to details on CVE-2010-4180 and CVE-2010-4252? CVE-2010-3864
was the reason 1.0.0b was released, but I cannot find any references to the
On Thu, Dec 02, 2010 at 03:03:02PM -0500, Erik Tkal wrote:
Can someone point to details on CVE-2010-4180 and CVE-2010-4252?
CVE-2010-3864 was the reason 1.0.0b was released, but I cannot find any
references to the other two.
1.0.0c contains important non-security bug fixes for 1.0.0b, so you
On 12/2/2010 2:36 AM, Aarno Syvänen wrote:
Hi List,
I have problem with SSL_shutdown. Advice seems to be to call it again, if the
return value is 0.
However, this means that shutdown can hang forever. Can I just call
SSL_shutdown and go on ?
You can go do other things and try to shut the
10 matches
Mail list logo