On Tue, May 02, 2017 at 04:49:50PM +0200, Frederic Lecaille wrote:
> Here is an update of my patch which integrates your fix.
Now applied, thanks to you both!
Willy
Hi Manu,
>> I care primarily about vanilla OpenSSL, and in don't get a sense that there
>> is an
>> interest to implement this for TLSv1.2.
>
> It make sense with AEAD ciphers like AES-GCM and CHACHA20-POLY1305. and it’s
> compatible with TLSv1.2.
What I was trying to say above is: my
or
> Le 2 mai 2017 à 17:14, Lukas Tribus a écrit :
>
> Hello,
>
>
>> Hi Lukas,
>>
>> The response is in our link:
>> [2] https://github.com/openssl/openssl/issues/541
>>
>> No need to disable this option per default and option is needed for security.
>
> The point is:
Hello,
> Hi Lukas,
>
> The response is in our link:
> [2] https://github.com/openssl/openssl/issues/541
>
> No need to disable this option per default and option is needed for security.
The point is: when the admin is aware of TLS security, he can easily add
a new config option on a major
On 05/02/2017 03:45 PM, Baptiste wrote:
Here is a new patch version which takes into an account Baptiste
remarks.
Thank you again Baptiste.
Hi Fred,
I gave a try to your code today and found a segfault at the next DNS
request following the fqdn change.
I attached a patch to this
Appart the bug, the new feature works smoothly!
Great job, Fred @haproxy.com :p
Baptiste
On 05/02/2017 03:45 PM, Baptiste wrote:
Here is a new patch version which takes into an account Baptiste
remarks.
Thank you again Baptiste.
Hi Fred,
Hello Baptiste,
I gave a try to your code today and found a segfault at the next DNS
request following the fqdn change.
I
>
>
>> Here is a new patch version which takes into an account Baptiste remarks.
>
> Thank you again Baptiste.
>
>
Hi Fred,
I gave a try to your code today and found a segfault at the next DNS
request following the fqdn change.
I attached a patch to this email to fix it, simply merge it into
Hi Lukas,
The response is in our link:
[2] https://github.com/openssl/openssl/issues/541
No need to disable this option per default and option is needed for security.
The equal-preference groups work with server preference. I tested it with
BoringSSL.
Manu
> Le 28 avr. 2017 à 20:05, Lukas
Hi Grant,
An other issue:
static void ssl_sock_close(struct connection *conn) {
if (conn->xprt_ctx) {
if (global_ssl.async) {
/* the async fd is created and owned by the SSL engine,
which is
* responsible for fd closure.
Hi Willy,
thank you very much for your detailed response. I will try out your
suggestions and get back to the mailing list if I got any problems.
Regards.
Daniel
Am 28.04.17 um 19:08 schrieb Willy Tarreau:
Hi Daniel,
On Fri, Apr 28, 2017 at 06:58:38PM +0200, Daniel Heitepriem wrote:
Hi
11 matches
Mail list logo