Re: (start_)tls and openssl-0.9.8a

2005-11-22 Thread Goetz Babin-Ebell
Nikola Milutinovic wrote: Andreas Hasenack wrote: On Mon, Nov 21, 2005 at 03:15:03PM +0100, Nikola Milutinovic wrote: Then there is a change in semantics of the OpenSSL API and somebody will have to dig through the docs. Just changed a build option for openssl. What didn't work

Re: (start_)tls and openssl-0.9.8a

2005-11-22 Thread Nikola Milutinovic
Goetz Babin-Ebell wrote: Nikola Milutinovic wrote: Hmm, first of all, why no-idea, no-rc5? You have better implementations on your system? I usually let OpenSSL be the provider of those algorithms. Because idea and rc5 have patent issues ? Heh, forgot about that one... Why does OpenSSL

Re: (start_)tls and openssl-0.9.8a

2005-11-22 Thread Andreas Hasenack
On Tue, Nov 22, 2005 at 07:34:07AM +0100, Nikola Milutinovic wrote: What didn't work (./Configure); zlib no-idea no-mdc2 no-rc5 no-ec no-ecdh no-ecdsa shared What worked: no-idea no-rc5 shared Hmm, first of all, why no-idea, no-rc5? You have better Patents If you have nerves for

Re: (start_)tls and openssl-0.9.8a

2005-11-22 Thread Goetz Babin-Ebell
Nikola Milutinovic wrote: Goetz Babin-Ebell wrote: Nikola Milutinovic wrote: Hmm, first of all, why no-idea, no-rc5? You have better implementations on your system? I usually let OpenSSL be the provider of those algorithms. Because idea and rc5 have patent issues ? Heh, forgot about

(start_)tls and openssl-0.9.8a

2005-11-21 Thread Andreas Hasenack
Has anybody else got problems with tls and openssl-0.9.8a with cyrus-imapd-2.2.12? I just rebuilt it with that version of openssl and (start) tls stopped working: $ imtest mymachine -t -v (...) SSL3 alert read:fatal:bad record mac SSL_connect:failed in SSLv3 read finished A SSL_connect error 0

Re: (start_)tls and openssl-0.9.8a

2005-11-21 Thread Andreas Hasenack
On Mon, Nov 21, 2005 at 02:04:08PM +0100, Nikola Milutinovic wrote: (sigh) we all hate when that happens... Have you ran OpenSSL tests after building it? gmake check or gmake test. make test in openssl just works, no errors. Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ:

Re: (start_)tls and openssl-0.9.8a

2005-11-21 Thread Andreas Hasenack
On Mon, Nov 21, 2005 at 03:15:03PM +0100, Nikola Milutinovic wrote: Andreas Hasenack wrote: On Mon, Nov 21, 2005 at 02:04:08PM +0100, Nikola Milutinovic wrote: (sigh) we all hate when that happens... Have you ran OpenSSL tests after building it? gmake check or gmake test.

Re: (start_)tls and openssl-0.9.8a

2005-11-21 Thread Nikola Milutinovic
Andreas Hasenack wrote: On Mon, Nov 21, 2005 at 03:15:03PM +0100, Nikola Milutinovic wrote: Then there is a change in semantics of the OpenSSL API and somebody will have to dig through the docs. Just changed a build option for openssl. What didn't work (./Configure); zlib no-idea