Re: OpenSSL 1.0.1 released

On 3/14/2012 12:27 PM, Bruce Stephens wrote: open...@master.openssl.org (OpenSSL) writes: [...] o Preliminary FIPS capability for unvalidated 2.0 FIPS module. I note that #2741 appears not to be resolved, so if you build on Windows and use --with-fipsdir=... then that probably

Re: [CVS] OpenSSL: OpenSSL_1_0_1-stable: openssl/ Configure

+1, I had applied this locally [sorry for delays] On 3/14/2012 5:20 PM, Dr. Stephen Henson wrote: OpenSSL CVS Repository http://cvs.openssl.org/ Server: cvs.openssl.org Name: Dr. Stephen

Re: OpenSSL 1.0.1 released

Dr. Stephen Henson wrote: On Wed, Mar 14, 2012, Mike Frysinger wrote: i'm not looking for downstream workarounds here but rather the right answer. is openssl-1.0.1 expected to be ABI compatible with openssl-1.0.0 ? Yes. In brief the versioning scheme introduced with 1.0.0 is: Changes

Re: Openssl 1.0.1 beta3 - Some ciphers with SHA256 set as tls1.0

I did some extra test using OpenSSL 1.0.1, nginx, and Firefox and Opera browsers. Nginx is configuration: ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers

Re: DTLSv1_get_timeout/DTLSv1_handle_timeout on server for each connection

Hi Michael, Robin, i had a basic doubt, suppose i have dtls client (ip address:cip, source port: cport) and dtls server (ip address: dip, destination port: dport). both are connected. then client goes down/crashes without calling ssl_shutdown, so server still has the client context information.

Re: DTLSv1_get_timeout/DTLSv1_handle_timeout on server for each connection

On Mar 15, 2012, at 1:08 PM, Manish Yadav wrote: Hi Michael, Robin, i had a basic doubt, suppose i have dtls client (ip address:cip, source port: cport) and dtls server (ip address: dip, destination port: dport). both are connected. then client goes down/crashes without calling

Re: OpenSSL 1.0.1 released

On Thursday 15 March 2012 03:19:07 Ludwig Nussel wrote: Dr. Stephen Henson wrote: On Wed, Mar 14, 2012, Mike Frysinger wrote: i'm not looking for downstream workarounds here but rather the right answer. is openssl-1.0.1 expected to be ABI compatible with openssl-1.0.0 ? Yes. In brief

Re: OpenSSL 1.0.1 released

William A. Rowe Jr. wr...@rowe-clan.net writes: On 3/14/2012 12:27 PM, Bruce Stephens wrote: open...@master.openssl.org (OpenSSL) writes: [...] o Preliminary FIPS capability for unvalidated 2.0 FIPS module. I note that #2741 appears not to be resolved, so if you build on Windows

[openssl.org #2761] util/cygwin.sh: Fix runtime package name

Hi, please apply the following patch to the util/cygwin.sh script to the 0.9.8 branch, the 1.0.1 branch, and trunk. The patch fixes the generated name for the runtime openssl package on Cygwin. So far it used the version number of OpenSSL for the package name, but with 1.0.1 this is wrong.

Re: DTLSv1_get_timeout/DTLSv1_handle_timeout on server for each connection

Hi Michael, thanks for info. thanks, manish On Thu, Mar 15, 2012 at 6:16 PM, Michael Tuexen michael.tue...@lurchi.franken.de wrote: On Mar 15, 2012, at 1:08 PM, Manish Yadav wrote: Hi Michael, Robin, i had a basic doubt, suppose i have dtls client (ip address:cip, source port: cport)