build.
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense. www.websense.com
__
OpenSSL Project http://www.openssl.org
User Support Mailing
://wiki.wireshark.org/SSL to
start; the wireshark.org search function finds a lot more information about
SSL/TLS dissection.
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense. www.websense.com
-ctx
http://www.openssl.org/docs/ssl/SSL_CTX_set_cert_store.html
This may also be useful:
http://stackoverflow.com/questions/16291809/openssl-programatically-verify-certificate-chain-in-c-in-memory-certs
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned
.
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense. www.websense.com
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
in certificate signature algorithms.
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense. www.websense.com
:��IϮ��r�m
(Z+�K�+1���x��h[�z�(Z+���f�y���f���h��)z{,���
, but it appears to be
what you're looking for.
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense. www.websense.com
__
OpenSSL Project http
SHOULD use "HTTP/1.1" as its HTTP-Version, and MUST use "HTTP/1.1" if it
uses any features not compatible with HTTP/1.0 - such as persistent
connections.
Michael Wojcik [EMAIL PROTECTED]
MERANT
Department of English, Miami University
__
se if the client did not include a valid Keep-alive header
requesting a persistent connection. (The server MAY close the connection
after returning the response even if the client did request a persistent
connection; it's not bound by the client's request.)
This isn't a OpenSSL problem.
Mic
o vet
your application.
Michael Wojcik [EMAIL PROTECTED]
MERANT
Department of English, Miami University
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
amespace. It's probably too
late to fix OpenSSL now, though.)
Michael Wojcik [EMAIL PROTECTED]
MERANT
Department of English, Miami University
__
OpenSSL Project http://w
(or by me to someone else).
Michael Wojcik [EMAIL PROTECTED]
MERANT
Department of English, Miami University
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
arget* is a DLL.)
I believe people have reported running into this in the past on
openssl-users.
Michael Wojcik [EMAIL PROTECTED]
MERANT
Department of English, Miami University
__
OpenSSL Project
DLL hygiene, like the grown-up operating systems do.)
Michael Wojcik [EMAIL PROTECTED]
MERANT
Department of English, Miami University
__
OpenSSL Project http://www.openssl.org
User Support
submit arbitrary SQL queries against web front-ended databases. That's a
hell of a lot easier than breaking an SSL session by trying to predict the
PRNG.)
Gather ye entropy while ye may, but don't make it an obsession. You may
overlook something else.
Michael Wojcik [EMAIL PROTEC
ontrol whether slow system calls restart (rather than
failing with EINTR) when particular signals are raised, using flags to
sigaction. I don't recall offhand whether UW is one.
Personally, I prefer the EINTR loop, since it's more portable than relying
on slow call restart.
Michael Wojcik
But note in general that small signatures aren't going to be very secure.
Michael Wojcik [EMAIL PROTECTED]
MERANT
Department of English, Miami University
__
OpenSSL Project http://www.op
that lack it.
Michael Wojcik [EMAIL PROTECTED]
MERANT
Department of English, Miami University
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL
secure session from any
Java-equipped browser, SSH, and Kermit, and the infrastructure necessary to
support public authentication. Give the users some options and gradually
transition them away from the unsafe ones.
Michael Wojcik [EMAIL PROTECTED]
MERANT
Department of Engli
. The Unix
Programming FAQ from comp.unix.programmer documents using O_RDWR with no
special cautions.
Michael Wojcik [EMAIL PROTECTED]
MERANT
Department of English, Miami University
__
OpenSSL Project
import/export files.)
Try
dump -nv *.a | awk '/ EXP / {print $NF}'
to see a list of symbols exported by shared objects in your archives.
Michael Wojcik
Principal Software Systems Developer, Micro Focus
Department of English, Miami University
-Original Message-
From: Jason Jesso
information one way or another.
(By the way, first and second are already adverbs. No need to suffix them with ly.)
Michael Wojcik
Principal Software Systems Developer, Micro Focus
Department of English, Miami University
-Original Message-
From: Jason Jesso [mailto:[EMAIL PROTECTED
.
However, typically ld's -L option appends the specified directory to the search path, which means .. is the *last* directory to be searched for libcrypto.a.
Does your system have another libcrypto.a, or shared object equivalent, that ld might be finding?
Michael Wojcik
Principal Software Systems
of course, a good HTTP/1.1 application should be paying attention to
the Content-length header if present, or the Transfer Encoding, or
whatever's applicable to that particular flow. (Content-length isn't
present if the "chunked" Transfer Encoding is being used. See RFC 26
lementation
sufficient to pass all the BN tests? I don't know.
Michael Wojcik [EMAIL PROTECTED]
MERANT
Department of English, Miami University
__
OpenSSL Project http://www.openssl
pto is Schneier's _Applied
Cryptography_.
Michael Wojcik [EMAIL PROTECTED]
MERANT
Department of English, Miami University
__
OpenSSL Project http://www.openssl.org
User Support Mailing
ed attacker in the right
place.
With crypto PRNGs, you have two choices: use a complete implementation (from
seeding on up) designed for the purpose from a source you trust, or study
the subject in some depth before putting any trust in it whatsoever.
Michael Wojcik [EMAIL PROTECTED]
MERAN
not a significant risk under my
threat model.)
A CA oversight or governing body might marginally increase safety, but there
are much bigger risks that ought to be addressed first.
Michael Wojcik [EMAIL PROTECTED]
MERANT
Department of English, Miami University
t be taken from the output of a cryptographically strong PRNG, for
example.)
(By the way, DES doesn't have a 24-byte key. It has a nominal 64-bit key
with 56 effective bits. 3DES with three distinct keys has a nominal key
length of 192 bits or 24 bytes, but its effective key length is 168 bits.
candidate - but on-line businesses typically aren't interested in
taking that chance. If you are, fine.
Michael Wojcik [EMAIL PROTECTED]
MERANT
Department of English, Miami University
__
OpenS
oader work.)
Michael Wojcik [EMAIL PROTECTED]
MERANT
Department of English, Miami University
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL
ompression functions used to reduce bias in seed material, etc. Should be
easy to find from one of the online RFC sources.
Michael Wojcik [EMAIL PROTECTED]
MERANT
Department of English, Miami University
__
OpenSSL Proj
to me whether Scott was looking for HTTP protocol
information, though, or OpenSSL API help. Scott?
Michael Wojcik
Principal Software Systems Developer, Micro Focus
Department of English, Miami University
-Original Message-
From: Neff Robert A [mailto:[EMAIL PROTECTED]]
Sent: Thursday
?
Michael Wojcik402 438-7842
Software Systems DeveloperMicro Focus
From: Mohan Atreya [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 30, 2002 8:03 AM
I am having trouble sending Base64 data over HTTPS POST. Does
anybody have
any sample code that can encode the Base64
/ #endif is unnecessary and clutters the source.
As of at least C90 #undef with a name that is not currently defined is
ignored. See ISO 9899-1990 6.8.3.5.
[And wouldn't openssl-dev be the more appropriate forum?]
Michael Wojcik
Principal Software Systems Developer, Micro Focus
Department
standard, unfortunately) and
it's too much effort.
Michael Wojcik
Principal Software Systems Developer, Micro Focus
Department of English, Miami University
-Original Message-
From: Andrew T. Finnell [mailto:[EMAIL PROTECTED]]
Sent: Monday, March 18, 2002 7:51 AM
To: [EMAIL PROTECTED
everyone has good intentions.
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense. www.websense.com
__
OpenSSL Project http
two quite different languages
apart.
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense. www.websense.com
compiler options list.
Michael Wojcik
Technology Specialist
Micro Focus
michael.woj...@microfocus.commailto:michael.woj...@microfocus.com
519 West Ash Street
Mason, MI 48854-1553
Direct:+1 517 639 0892
Mobile : +1 517 862 9464
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us
declared:
// string certificate (pp, length);
BIO_free (memoryBio);
(Untested.)
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense. www.websense.com
:��IϮ��r�m
(Z+�K�+1���x��h[�z�(Z+���f�y���f���h
implementation, and the OpenSSL developers have, so that's hardly a compelling
critique. They do the work; they get to make the decisions.
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense. www.websense.com
it, under your threat model. SSL/TLS raises that cost over unencrypted
communications. But it doesn't raise it nearly as much as it ought to, thanks
to broken protocols, broken implementations, broken PKI, mismanagement, and
user error.
--
Michael Wojcik
Technology Specialist, Micro Focus
, incrementing serials. Whether that's a risk depends on your
threat model.
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense. www.websense.com
and does not carry hidden data around) thus cannot
know about any sockets?
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense. www.websense.com
__
OpenSSL Project
. On Linux, UNIX, and iOS, use uuidgen (you
may have to grab the source and build it). uuidgen is also available for
Windows, e.g. as part of Cygwin.
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense. www.websense.com
of the other proposals.
Michael Wojcik
Technology Specialist, Micro Focus
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Tim Hudson
Sent: Tuesday, 29 April, 2014 16:32
To: openssl-users@openssl.org
Subject: Re: Increment certificate serial numbers randomly
certificate - why isn't it v3?
I admit I don't understand the problem description from the original note, but
it doesn't seem to match what we have with these three certificates.
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense
. Are you using a
client certificate in the browser? Is it configured to send the certificate
automatically, or to prompt you? Where did the client certificate come from?
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense
, a better approach would probably be a
generic SSL/TLS tunnel utility like STunnel, or a VPN.
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense. www.websense.com
:��IϮ��r�m
(Z+�K�+1���x��h[�z�(Z+���f�y���f���h
and hairstyles that aren't identical to my hairstyle...
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense. www.websense.com
__
OpenSSL Project http
any later than the indicated date.
So yes, you can issue a new CRL before the date in the Next Update field.
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense. www.websense.com
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
us...@openssl.org] On Behalf Of Tilman Sauerbeck
Sent: Friday, 09 May, 2014 18:57
Michael Wojcik [2014-05-09 21:12]:
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
us...@openssl.org] On Behalf Of Tilman
the reserved names
elsewhere in the source.
I suppose it's a bit quixotic to talk about the proper use of C in an OpenSSL
forum, but trying to follow the rules (even in code that's not part of the
library itself) would be a step in the right direction.
--
Michael Wojcik
Technology Specialist, Micro
. So do what
you like.
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense. www.websense.com
__
OpenSSL Project http://www.openssl.org
User
to your technical question is use cipher suites
that support anonymous key exchange. This is quite likely the Wrong Thing for
most real-world applications that have some perceived need for communications
security.
Michael Wojcik
Technology Specialist, Micro Focus
From: owner-openssl-us
(conn, get_index(), my_data_ptr);
...
/* In the verify callback, or wherever */
my_data_ptr = SSL_get_ex_data(conn, get_index());
But if all you need in the callback is the SSL object, you needn't worry about
all that.
--
Michael Wojcik
Technology Specialist, Micro Focus
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
us...@openssl.org] On Behalf Of Jens Maus
Sent: Wednesday, 25 June, 2014 14:07
Am 25.06.2014 um 18:22 schrieb Michael Wojcik
michael.woj...@microfocus.com:
[...]
Now, if you need additional application-specific information
others. It is not an unalloyed Good Thing.
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense. www.websense.com
with sub-allocators.
In this case, the first two are probably the most likely.
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense. www.websense.com
__
OpenSSL Project
infrequently
enough that we're unlikely to forget it - it's part of our documented process
for updating to a new release.
We've found that to be simpler than trying to override aspects of the existing
configurations when none of them match our build settings.
--
Michael Wojcik
Technology
is SSL_CTX_load_client_CA_file:
SSL_CTX_set_client_CA_list(CTX,
SSL_CTX_load_client_CA_file(/path/to/CAcerts.pem));
(or with, you know, error handling, if you want to be fancy). See
http://www.openssl.org/docs/ssl/SSL_load_client_CA_file.html.
Michael Wojcik
Technology Specialist
server certificate signed directly by the root, if you don't need an
intermediate for some reason.
Michael Wojcik
Technology Specialist, Micro Focus
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Marco Bambini
Sent: Saturday, 26 July, 2014 04:26
] This assumes the application, if it's running in a POSIX environment, has
set the disposition of the SIGPIPE signal to ignore. SIGPIPE is a kluge for
applications that don't check the result of the write/send family of system
calls. Any well-written application should ignore it.
--
Michael
to my last command. I don't remember off
the top of my head whether there's a straightforward FTP API on zOS.
--
Michael Wojcik
Technology Specialist, Micro Focus
-Original Message-
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
us...@openssl.org] On Behalf Of Donald J
with the
Reset. When we receive the Reset, we clean up the connection
without any further communication.
--
Donald J.
dona...@4email.net
On Sat, Aug 9, 2014, at 09:44 AM, Michael Wojcik wrote:
Well, it sounds like someone needs to modify the client, then, if you
want to use SSL/TLS
, but I'd say yes, it's probably
good to drain the error queue each time a thread picks up a new piece of work.
This hadn't occurred to me before your note - I'll have to investigate whether
any of my code needs to do this as well.
Michael Wojcik
Technology Specialist, Micro Focus
From: owner
;
if (l2 l1) return 1;
us1++, us2++;
}
return 0;
}
(Untested, but copied with some modifications from an existing implementation.)
That said, I agree that case-insensitive comparison would be a good idea here.
--
Michael Wojcik
Technology Specialist, Micro Focus
Reading the OpenSSL source code in an effort to learn how the SSL and TLS
protocols work is not a good idea. OpenSSL is an implementation, not a tutorial.
I suggest you get an actual description of how SSL/TLS works, such as Eric
Rescorla's book SSL and TLS.
(I believe Rich already suggested
, or an application developer did something wrong, or a
system administrator did something wrong.
I'm not in the business of issuing certificates and keys myself, so I don't
have any policies to share, I'm afraid.
Michael Wojcik
Technology Specialist, Micro Focus
From: owner-openssl-us...@openssl.org
password-rest
requests and the like).
Michael Wojcik
Technology Specialist, Micro Focus
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of dave paxton
Sent: Friday, 05 September, 2014 15:34
To: openssl-users@openssl.org
Subject: Re: Certificate pass
, of OpenSSL's public functionality directly anyway.
Michael Wojcik
Technology Specialist, Micro Focus
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Kyle Hamilton
Sent: Sunday, 07 September, 2014 18:04
To: openssl-users@openssl.org; Iñaki Baz Castillo
Subject
any of those figures.
Does that help?
Michael Wojcik
Technology Specialist, Micro Focus
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Gregory Sloop
Sent: Friday, 05 September, 2014 16:32
To: Salz, Rich
Subject: Re: Certificate pass phrase brute force
declaration.
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense. www.websense.com
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
chance that an OpenSSL-based application
using the default suite list will encounter a peer that only supports RC4.
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense. www.websense.com
one.
You can also do what you describe below, but not encrypt the private key the
first time, by using the -nodes option with openssl req; that saves decrypting
it before encrypting it with your preferred cipher.
Michael Wojcik
Technology Specialist, Micro Focus
From: owner-openssl-us
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
us...@openssl.org] On Behalf Of Iñaki Baz Castillo
Sent: Tuesday, 09 September, 2014 09:10
To: openssl-users@openssl.org
Subject: Re: Why does OpenSSL own all the prefixes in the world?
2014-09-09 13:14 GMT+02:00 Michael Wojcik
,
which are NOT standards.
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense. www.websense.com
__
OpenSSL Project http://www.openssl.org
User
by
openssl_c_hdrs.h will preempt their inclusion within the namespace by the
OpenSSL headers.
Of course, for C++ code you normally wouldn't include the C standard headers;
you'd use their C++ versions (cstdlib, etc). But this sort of thing is a
special case.
--
Michael Wojcik
Technology Specialist
to submit a patch.
Michael Wojcik
Technology Specialist, Micro Focus
From: Kyle Hamilton [mailto:aerow...@gmail.com]
Sent: Tuesday, 09 September, 2014 13:43
To: openssl-users@openssl.org; Michael Wojcik
Subject: RE: Certificate pass phrase brute force...
At least 3DES is *some* encryption
. It has different semantics
for void* pointers. It has different rules for numeric-parameter promotions.
And so on.
People who think C++ is a superset of C are sadly mistaken, and programmers who
act on that assumption are dangerous.
Michael Wojcik
Technology Specialist, Micro Focus
actually
understand the C language.
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense. www.websense.com
does a good job of covering both design and
implementation details. And he knows his stuff - he's one of the authors of the
TLS RFCs.
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense. www.websense.com
releasing the conversation.
Michael Wojcik
Technology Specialist, Micro Focus
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of S P, Swaroop (NSN - IN/Bangalore)
Sent: Tuesday, 30 September, 2014 09:46
To: openssl-users@openssl.org
Subject: Thread Safety
returns
preverifyOk.
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense. www.websense.com
__
OpenSSL Project http://www.openssl.org
User
existing platforms that aren't fully
C99-compliant) for a possible small performance improvement. The OpenSSL
sources hadn't previously used any C99-only keywords, as far as I know.
Michael Wojcik
Technology Specialist, Micro Focus
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us
You have SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv2 there. I assume v2 ... v2 is a
typo, but if that's what your code actually has, then that's the problem.
(Assuming there isn't some other problem, of course.)
Michael Wojcik
Technology Specialist, Micro Focus
From: owner-openssl-us...@openssl.org
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
us...@openssl.org] On Behalf Of Jeffrey Walton
Sent: Friday, 24 October, 2014 09:42
To: OpenSSL Users List
Subject: Re: openssl SSL3 vulnerability
On Fri, Oct 24, 2014 at 9:30 AM, Michael Wojcik
michael.woj...@microfocus.com
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
us...@openssl.org] On Behalf Of Jeffrey Walton
Sent: Friday, 24 October, 2014 10:26
To: OpenSSL Users List
Subject: Re: openssl SSL3 vulnerability
On Fri, Oct 24, 2014 at 9:53 AM, Michael Wojcik
michael.woj...@microfocus.com
are, if your threat model requires SSL-style communications security,
it now requires TLS. The application protocol is largely irrelevant; even if
there's no published attack now, there may be one tomorrow.
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned
process. I've also seen this
happen with the OpenLDAP client library, for example.
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense. www.websense.com
__
OpenSSL
).
Michael Wojcik
Technology Specialist, Micro Focus
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Derek Cole
Sent: Friday, 14 November, 2014 17:39
To: openssl-users@openssl.org
Subject: Re: Compile 1.0.1j on Win8.1 with capi
Just to add some more
CRYPTO_set_id_callback, I'm
not sure off the top of my head what OpenSSL uses for the thread ID.
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense. www.websense.com
__
OpenSSL Project
to the application protocol,
and that is often quite a complicated process.
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense. www.websense.com
___
openssl-users mailing list
openssl-users
A quick look at apps/s_client.c in the 1.0.1j sources suggests that it does
EBCDIC-ASCII translation if it was compiled with CHARSET_EBCDIC.
What version are you using? Was it built with CHARSET_EBCDIC defined?
Michael Wojcik
Technology Specialist, Micro Focus
From: openssl-users
, and so on).
Protocol-specific DoS attacks are more sophisticated and in general more
difficult to defend against, so they merit separate discussion.
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense. www.websense.com
/Diffie_Hellman
https://wiki.openssl.org/index.php/Diffie-Hellman_parameters
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense. www.websense.com
___
openssl-users mailing list
openssl-users@openssl.org
On Behalf Of Michael Wojcik
Sent: Thursday, December 18, 2014 21:27
And if DH parameters have not been set, OpenSSL will have to
generate them on the fly, which can be *very* slow (relative to
normal conversation establishment).
I think this is new in trunk; in all released
command,
which also has a mode (tctl write') that reads from standard input and writes
complete blocks to a tape device.
I'm sure there are plenty of examples online.
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense. www.websense.com
that it contains all the RSA
parameters, so it implicitly contains both the public and private key.
Michael Wojcik
Technology Specialist, Micro Focus
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of Serj
Sent: Tuesday, February 03, 2015 06:22
To: openssl-users@openssl.org
and was empty) and should trundle along happily.
--
Michael Wojcik
Technology Specialist, Micro Focus
This message has been scanned for malware by Websense. www.websense.com
___
openssl-users mailing list
To unsubscribe: https://mta.openssl.org
(Apologies for the top-post; Outlook does not deal properly with HTML email.)
If open, called by fopen, actually is setting EPERM, then one of the following
should be true:
- /usr/local/ssl/openssl.cnf exists but the user does not have read permission
on it
- Either /usr/local or
1 - 100 of 580 matches
Mail list logo