Mirsad Todorovac via RT wrote:
Dear Mr. Cristoph Martin,
I saw you are the supporter for openssl package.
Afaik Mr. Martin is (beside Mr. Roeckx) supporter for the *Debian*
OpenSSL package, so if you want to address specifically Mr. Martin, you
should try a Debian mailing list. If on the ot
Richard Stoughton wrote:
On Tue, May 20, 2008 at 12:09 AM, Bodo Moeller <[EMAIL PROTECTED]> wrote:
As far as I can understand the code, the suggested usage pattern for
the RNG would be
ssleay_rand_bytes(ssleay_rand_add ^ n) with n > 0.
If consecutive calls to ssleay_rand_bytes without interm
dean gaudet wrote:
On Thu, 15 May 2008, Geoff Thorpe wrote:
I forgot to mention something;
If you're using an up-to-date version of openssl when you see this (ie. a
recent CVS snapshot from our website, even if it's from a stable branch for
compatibility reasons), then please post details.
Thomas Schweikle wrote:
Hi!
can anyone give me a hint where to look on how I open an openssl
encripted socket bound to a specific interface? I found
"bind(address)", but do not have a clue on how it is used correctly!
First: the openssl-users mailing list would have been more appropriate.
You
JBYTuna wrote:
Oh my. So, these patches have not been incorporated? Will they ever get
incorporated?
I get once or twice a year this question, but every time i have to
answer: i don't know.
We did not know these patches existed. We've been chasing this problem for a
couple of years now.
JBYTuna via RT wrote:
When an OpenSSL server built on z/OS is using client verification, the
following error is incurred:
0x140890b2 - error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no
certificate returned
From tracing, we found the correct certificate was being returned. We found
Victor B. Wagner wrote:
Is there somebody involved in development of mod_ssl module for Apache?
Probably the mod_ssl mailing list is a better place for finding such
person(s), see http://www.modssl.org/support/.
Ciao,
Richard
--
Dr. Richard W. Könning
Fujitsu Siemens Computers GmbH
_
Omprakash wrote:
Hello everybody,
I have two symmetric key encryption algorithms "Camellia and Seed" which
is
properly integrated and tested with openssl 0.9.6j, which i did it for my
project. Will openssl interested in integrating these algorithm with those
standard list it already have. If
In the error checks which have added to crypto/rsa_eay.c in version 0.9.7l
RSAerr is called in function RSA_eay_public_encrypt with the first parameter
RSA_F_RSA_EAY_PUBLIC_DECRYPT and in function RSA_eay_public_decrypt with the
first parameter RSA_F_RSA_EAY_PUBLIC_ENCRYPT.
--
Dr. Richard W. Kö
Stephen Durdin wrote:
I admit that I'm new to this technology so please bear with me.
> We want to use FIPS OpenSSL for all of our "over-the-wire" security
> and the AES_encrypt and AES_decrypt APIs for local password security.
> I created an AES256 key using "openssl genrsa -aes256 -out aes25
DALE REAMER wrote:
I should explain further. The client is using openssl, the server is on
firmwware and cannot use openssl. The server developer has rc4 code and we want
to verify the encryption phase after the handshake phase. If I could give him
separately(offline) the session secret h
Rüdiger Plüm wrote:
are there any plans to add support for rfc3546 (Transport Layer Security (TLS)
Extensions),
especially Server Name Indication to openssl in the near future?
See the mail in this list from Peter Sylvester with the subject "TLS
Extension support - Server Name Indication" fr
Cosmin Moldovan wrote:
Im not sure about the correct usage pattern of the stack structures, but
I think that this is a bug, found in openssl 0.9.7d, in
crypto/stack/stack.c. The function sk_insert does not initialize the
newly allocated pointers, when it reallocs the data array (lines 146-154).
[EMAIL PROTECTED] wrote:
I've found that in stack.c there is no check about index value.
Results a crash if index>=MIN_NODES && index>=st->num or unpredictable result if index=st->num
See the message with the subject "Re: [PATCH] Missing loop end check in
crypto/engine/eng_table.c" from Geoff Thor
In crypto/engine/eng_table.c the size of the accessed stack is not
checked, so regularly non-existent stack elements are tried to access.
Surprisingly often this does not crash (and all seems to function
perfectly), but sometimes it does, as expected. My problems in
connection with stunnel can
Robert Urban wrote:
I'm wondering if the following but has been found and fixed. If so,
I'd really like to know about it.
backtrace:
- stunnel dies on a SIGSEGV
We have a similar problem on a SOLARIS/SPARC machine. A workaround is
the removal of the calls of ENGINE_load_builtin_engines and
ENGI
Because Evan Jennings asked in openssl-users for EBCDIC patches for the
0.9.7 branch, i post here my collection of EBCDIC patches for 0.9.7c.
This collection comprises also the (slightly extended) patches from
Howard Chu posted here some months ago.
Because requests for the EBCDIC patches occur
Because Evan Jennings asked in openssl-users for EBCDIC patches for the
0.9.7 branch, i post here my collection of EBCDIC patches for 0.9.7c.
This collection comprises also the (slightly extended) patches from
Howard Chu posted here some months ago.
Because requests for the EBCDIC patches occur r
mclellan, dave via RT wrote:
Hi everyone: we are a little new to OpenSSL, and recently upgraded our
distribution to 9.7c. I'm building on a BS2000 host. Everything
builds
happliy, and make test runs for a while, then starts reporting errors in
MD4
tests.
Before I start digging, I'd like to s
Goetz Babin-Ebell wrote:
Jostein Tveit wrote:
Goetz Babin-Ebell <[EMAIL PROTECTED]> writes:
is the NISCC test suite that found the ASN.1 bugs in OpenSSL
somewhere available ?
This was the answer I got when I contacted NISCC some days after the
ASN.1
bug was discovered:
: NISCC has a policy of o
At 15:30 25.03.2003 +0100, you wrote:
>i've a problem compiling open ssl o.9.4. See the following output:
>
>YA7:ffpbld : /eu/ffp/archive/src/openssl-0.9.4 > make
>making all in crypto...
>make[1]: Entering directory `/eu/ffp/archive/src/openssl-0.9.4/crypto'
>( echo "#ifndef MK1MF_BUILD"
At 15:16 28.05.2002 -0600, you wrote:
>Has anyone seen anything like this that we could leverage off? Is there
>any source code we could use as a model or even a general discussion of
>the architecture that we could use in writing our own server that would
>be optimized to handling as many handsha
At 10:20 16.04.2002 +0100, you wrote:
>If I build openssl with CHARSET_EBCDIC not defined, it fails to recognise a
>certificate, presumably because it fails to find the "-BEGIN
>CERTIFICATE-" string. With CHARSET_EBCDIC defined, I get a Base64
>decode error, presumably because the encrypt
At 17:54 08.04.2002 -0400, you wrote:
>Received this error after trying to generate key pair using openssl
>syntax : openssl req -new -nodes -keyout private.key -out public.csr.
>
>Error:
>
>demo1# openssl req -new -nodes -keyout private.key -out public.csr
>Using configuration from /usr/local/ss
At 11:54 04.04.2002 -0700, you wrote:
>Hi folks, how can one limit and enforce the the key size that can be
>generated and used by openSSL and related utilities. The enforcement
>has to happen on multiple levels,
>
>1. At generation.
See http://www.openssl.org/docs/apps/openssl.html
>2. Load
25 matches
Mail list logo
