Re: [PATCH] Follow OpenSSL's switch from AES128 to AES256 for session tickets

Hey, > While I agree that we should bump this to AES256 (or at least, make it > work with both), your change to use AES256 with keys that are > half-filled with zeros doesn't seem very appealing... > > I suggest that "ssl_session_ticket_key" should either accept only 80 > byte files (for use with

[njs] Various Number constants.

details: http://hg.nginx.org/njs/rev/8722dc4bdeb4 branches: changeset: 240:8722dc4bdeb4 user: Valentin Bartenev date: Sun Nov 06 16:03:03 2016 +0300 description: Various Number constants. diffstat: njs/njs_number.c | 60 1

[njs] Various Number methods.

details: http://hg.nginx.org/njs/rev/ad4b6e0b5014 branches: changeset: 241:ad4b6e0b5014 user: Valentin Bartenev date: Sun Nov 06 16:03:29 2016 +0300 description: Various Number methods. diffstat: njs/njs_builtin.c|2 +- njs/njs_number.c | 116 +

Re: [PATCH] Follow OpenSSL's switch from AES128 to AES256 for session tickets

Hi, On Sat, Nov 05, 2016 at 07:07:23PM -0700, Piotr Sikora wrote: > Also, considering that recent versions of OpenSSL use AES256 by > default (i.e. when keys are not provided using > "ssl_session_ticket_key" directive), we shouldn't provide a way lower > the security of Session Tickets. If backwa

Re: [PATCH] Follow OpenSSL's switch from AES128 to AES256 for session tickets

# HG changeset patch # User Christian Klinger # Date 1478468739 -3600 # Node ID 9cfbbce1ec24a31c29ea2f20cb21e32e5173bc60 # Parent 92ad1c92bcf93310bf59447dd581cac37af87adb Follow OpenSSL's switch from AES128 to AES256 for session tickets OpenSSL switched from AES128 to AES256 for de-/encryption o

Re: [PATCH] Follow OpenSSL's switch from AES128 to AES256 for session tickets

Hi, On Sun, Nov 06, 2016 at 03:19:36AM -0800, Piotr Sikora wrote: > ...and while we're breaking backward-compatibility, we should also > change the order in which values are read from files to match what > OpenSSL, BoringSSL & Apache are doing, [...] Done. (See follow-up message) Best regards, C

Re: [PATCH] Follow OpenSSL's switch from AES128 to AES256 for session tickets

Hey Christian, > # HG changeset patch > # User Christian Klinger > # Date 1478468739 -3600 > # Node ID 9cfbbce1ec24a31c29ea2f20cb21e32e5173bc60 > # Parent 92ad1c92bcf93310bf59447dd581cac37af87adb > Follow OpenSSL's switch from AES128 to AES256 for session tickets This should be: SSL: switch fr

Re: [PATCH] Follow OpenSSL's switch from AES128 to AES256 for session tickets

# HG changeset patch # User Christian Klinger # Date 1478473338 -3600 # Node ID 36f66e94771dd39e8948ba1023e5ca0677655840 # Parent 92ad1c92bcf93310bf59447dd581cac37af87adb SSL: switch from AES128 to AES256 for TLS Session Tickets. OpenSSL switched from AES128 to AES256 for de-/encryption of sessi

Help on NGINX css/js/image error 18679

Hello, I am getting CSS/JS/IMG error shown below while proxying subdirectory to a domain folder, [error] 13991#13991: *26 open() "/var/www/x1.com/public_html/templates/home/js/script.js" failed (2: No such file or directory), client: 68.5.183.249, server: www.x1.com, request: "GET /templates/ho