Wei Dai <[EMAIL PROTECTED]>:
>> [Posted to sci.crypt and the IETF SSH working group mailing list.]
>>
>> Phil Rogaway observed that CBC mode is not secure against chosen-
>> plaintext attack if the IV is known or can be predicted by the attacker
>> before he choses his plaintext [1]. Similarly,
Dax Kelson <[EMAIL PROTECTED]>:
> I'm having a problem where two RHL7.2 LDAP clients out of many don't
> authenticate against an OpenLDAP server. They are using starttls to
> connect to the server. The chain is sshd -> pam_ldap -> openldap ->
> OpenSSL.
>
> In openldap-2.0.21/libraries/libldap
REMOVE
---
http://www.freemail.gr - äùñåÜí õðçñåóßá çëåêôñïíéêïý ôá÷õäñïìåßïõ.
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automa
Charles McCabe wrote:
>
> I'm a complete Linux newbie here, submitting this report for the common
> good. I'm trying to get sshd working on my RedHat 7.2 box and this
> openssl install was the last in a series of frustrations. Hope it helps
> someone somewhere.
>
[snip]
> gcc -I.. -I../../incl
On Thu, Feb 07, 2002 at 03:38:32PM +0200, Izhar Shoshani Levi wrote:
> I found a bug in ssl session cache, please check it.
> SSL_CTX_session_remove trying to find the session in the cache and delete it
> but when calling SSL_SESSION_list_remove, in case that r != NULL the wrong
> session is
> sen
I'm a complete Linux newbie here, submitting this report for the common
good. I'm trying to get sshd working on my RedHat 7.2 box and this
openssl install was the last in a series of frustrations. Hope it helps
someone somewhere.
Thanks,
Chaz
Checking compiler...
Running make...
make[1]: Ente
Dr S N Henson wrote:
>
> Ben Laurie wrote:
> >
> > Dr S N Henson wrote:
> > >
> > >
> > > The self signed cert was only an example. There are other cases which
> > > could apply as well. An example would be explicit trust of an EE
> > > certificate. That isn't supported in OpenSSL yet but it will
On Fri, Feb 08, 2002 at 01:53:11AM -0700, Dax Kelson wrote:
>
> sshd/ftpd/telnetd -> pam_ldap -> libldap -> libssl/libcrypto
>
> To recap, when my dual processor Pentium III is idle, I *always* get a
> return value of 0 from SSL_connect. If I bog down the box, I get "1" and
> everything works
On Fri, 8 Feb 2002, Howard Chu wrote:
> Try using strace to log all system calls. Until you know which calls have
> failed, it's tough to isolate what's going on.
when using strace on sshd, I couldn't get it to fail. Not using strace, it
fails every time.
Dax
sshd/ftpd/telnetd -> pam_ldap -> libldap -> libssl/libcrypto
To recap, when my dual processor Pentium III is idle, I *always* get a
return value of 0 from SSL_connect. If I bog down the box, I get "1" and
everything works (login sucessful).
I added a check for SSL_get_error, and I get SSL_ER
From: "Baber Amin" <[EMAIL PROTECTED]>
BAMIN> I am trying to build the engine version (0.9.6c-engine) under win32
BAMIN> using VC6.x. It seems to be going fine till the compile for hw_aep.c,
BAMIN> which includes unistd.h. That seems to cause problems under win32.
Replace that inclusion line
11 matches
Mail list logo