Re: [openssl.org #2771] [BUG] Openssl 1.0.1 times out when connecting to Outlook Exchange 2007

It's empirically found that SSL 2.0 and TLS 1.0 ClientHellos larger than 256 bytes *are* accepted, while TLS 1.1 and 1.2 have to be shorter to be accepted. TLS version in ClientHello *message* is denoted by corresponding field. But then the *message* is placed to TLS *record*, which is denoted

Re: [openssl.org #2771] [BUG] Openssl 1.0.1 times out when connecting to Outlook Exchange 2007

On Sun, Apr 01, 2012 at 12:17:19PM +0200, Andy Polyakov wrote: It's empirically found that SSL 2.0 and TLS 1.0 ClientHellos larger than 256 bytes *are* accepted, while TLS 1.1 and 1.2 have to be shorter to be accepted. TLS version in ClientHello *message* is denoted by corresponding

Re: [openssl.org #2771] [BUG] Openssl 1.0.1 times out when connecting to Outlook Exchange 2007

On Sun, Apr 01, 2012, Kurt Roeckx wrote: And they now both contain 0x03,0x03. At least gnutls is sending 0x03,0x00 with 0x03,0x03. Gnutls is also sending client hellos shorter than 256 bytes (couldn't see a way to extend it though I'm not familiar with gnutls). I already wondered about

Re: [openssl.org #2771] [BUG] Openssl 1.0.1 times out when connecting to Outlook Exchange 2007

On Sun, Apr 01, 2012, Dr. Stephen Henson wrote: Did a quick hack modification setting header version to 0x3,0x0 and it now *will* connect to some sites it didn't before with a long client hello including paypal. It ends up negotiating TLS 1.2 anyway. I'll do some more tests to see what

Re: [openssl.org #2771] [BUG] Openssl 1.0.1 times out when connecting to Outlook Exchange 2007

On Sun, Apr 01, 2012 at 02:42:20PM +0200, Dr. Stephen Henson wrote: On Sun, Apr 01, 2012, Dr. Stephen Henson wrote: Did a quick hack modification setting header version to 0x3,0x0 and it now *will* connect to some sites it didn't before with a long client hello including paypal. It

Re: [openssl.org #2771] [BUG] Openssl 1.0.1 times out when connecting to Outlook Exchange 2007

On Sun, Apr 01, 2012, Kurt Roeckx wrote: On Sun, Apr 01, 2012 at 02:42:20PM +0200, Dr. Stephen Henson wrote: On Sun, Apr 01, 2012, Dr. Stephen Henson wrote: Did a quick hack modification setting header version to 0x3,0x0 and it now *will* connect to some sites it didn't before

Openssl certificate errors

Hi I am trying to make a Gsoap call to a HTTPS service, I understand that GSOAP provides option to call HTTPS service using soap_ssl_client_context function. I am using the function in my client application as below if (soap_ssl_client_context (lp_Soap, SOAP_SSL_DEFAULT,

OpenSSL Connection Hangs After Handshake

Hi, there! I'm a C# dev trying to write a server using SSL encryption. I am using the TcpClient class with the SSLStream class. I have created the Self-Signed certificates I need and confirmed that they are in PEM format, these are successfully loaded by the server and client. However, the

Re: [openssl.org #2781] OpenSSL 1.x doesn't compile on mingw-w64 (targeting win32)

Leandro Santiago via RT wrote: I'm trying to compile openssl 1.0.1 (but I also tested the 1.0.0) on mingw-w64 (gcc 4.7), but I'm having errors. I tested in three configurations: Ubuntu 11.04 32-bit, Kubuntu 11.10 64-bit and Windows 7 32-bit having the same errors. The command line I used was:

Re: [openssl.org #2781] OpenSSL 1.x doesn't compile on mingw-w64 (targeting win32)

Leandro Santiago via RT wrote: I'm trying to compile openssl 1.0.1 (but I also tested the 1.0.0) on mingw-w64 (gcc 4.7), but I'm having errors. I tested in three configurations: Ubuntu 11.04 32-bit, Kubuntu 11.10 64-bit and Windows 7 32-bit having the same errors. The command line I used

[openssl.org #2781]

I also tested with mingw64:gcc and mingw:gcc. The results were the same in the three machines. And I'm using a no-patched openssl downloaded from openssl.org. -- Atenciosamente, Leandro __ OpenSSL Project