On Wed, Feb 23, 2000 at 06:45:46PM +0100, Bodo Moeller wrote:
On Wed, Feb 23, 2000 at 02:32:32PM +0100, Lutz Jaenicke wrote:
I have just tried it with latest SNAPSHOT on HP-UX 10.20.
Could reproduce the problems.
www.rsasecurity.com does not count because that site does not even work
you can include the script and makefile into shlib/ or decide to
implement a "contrib/" hierarchie.
Best regards,
Lutz
PS. And don't forget, that the basic idea is from anonymous, not mine :-)
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus
On Wed, Mar 01, 2000 at 05:25:47PM -, Anonymous remailer wrote:
Lutz Jaenicke wrote:
After having applied the patch and recompiled the necessary items,
I am now proud owner of both a +O3 +Oall and a +O4 +Oall share library set.
It might be interesting to also try it with and without
p = buf;
and it should work.
new_session = d2i_SSL_SESSION (new_session, p, retval);
Just been there myself. If you check carefully the code within
PEM_write_SSL_SESSION (now knowing what to look for), you will find out
the same :-)
Best regards,
Lutz
--
Lutz Jaenicke
On Wed, Mar 01, 2000 at 05:25:47PM -, Anonymous remailer wrote:
Lutz Jaenicke wrote:
After having applied the patch and recompiled the necessary items,
I am now proud owner of both a +O3 +Oall and a +O4 +Oall share library set.
It might be interesting to also try it with and without
re.
(Of course check for error messages in the file.)
Maybe future versions of OpenSSL will also have the "-rand" option for
s_server...
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.D
e.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus
ntioned above...
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus
On Wed, Apr 05, 2000 at 01:31:07PM +0200, Lutz Jaenicke wrote:
The client _can_not_ successfully cache sessions. The reason is, that
Ooh, this was not expressed very clear. I wanted to say: the OpenSSL
LIBRARY can not automatically supply a client session from the cache.
The client APPLICATION
:EXP-RC2-CBC-MD5
CIPHER is RC4-MD5.
Then use your client to compare the result.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik
RAM in your system...
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044
else
msg_info("%lu:%s:%s:%d:", es, ERR_error_string(l, buf),
file, line);
}
}
[end of snippet]
with msg_info() being a secure printf replacement sending the messages to
syslog. YMMV.
Best regards,
Lutz
--
Lutz Jaenicke [
to my students: I am not interested in what you
believe, your religion is free, I am interested in what you know :-)
Thanks for the clarification,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
ources).
I don't know about Michal Trojnara's intentions.
The release of stunnel 3.8 predates the release of OpenSSL 0.9.5 (the first
release forcing correct seeding of the PRNG) by 4 days, so probably stunnel
is not yet aware of that change. Please contact Michal and kindly ask him
for an
used package.
Thanks very much, I'll try that tonight...
Good luck,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
On Tue, May 16, 2000 at 02:30:51PM +0200, Bodo Moeller wrote:
On Tue, May 16, 2000 at 09:05:16AM +0200, Lutz Jaenicke wrote:
The absolut minimum amount of seed is 16 bytes. If EGD is not drained, one
call to RAND_egd() will give you 255 bytes.
So depending on your environment you can use
version roll-back attacks. ...
I have also crosschecked with the latest SSLv3 specifications found at
Netscape and the corresponding paragraph is the same.
Hence, the Stalker implementation also violates SSLv3...
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED
() or BIO_free() first) being of no importance...
Did I get this right?
Best regards,
Lutz
PS. To be part of Postfix/TLS-0.6.10, to be released after straightening
out this issue.
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE
on the openssl-* mailings lists in the recent
past. Please check the mailing-list archives and search for "non-blocking"
or e.g. SSL_ERROR_WANT_READ (a typical state that occurs during non-blocking
I/O).
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROT
Goetz Babin-Ebell wrote:
Hello Richard,
Richard Levitte - VMS Whacker wrote:
In message [EMAIL PROTECTED] on Thu, 15 Feb 2007
10:34:23 -0800,
Kees Cook [EMAIL PROTECTED] said:
kees 3 years ago, I wrote a patch[1] (and did the TSU[2]) for adding
kees these features to s_client. Can
Goetz Babin-Ebell wrote:
Lutz Jaenicke wrote:
Goetz Babin-Ebell wrote:
[...]
* in SMTP doing a STARTTLS without previous EHLO
will return a
503 STARTTLS command used when not advertised
* in IMAP doing a STARTLS requires a
. CAPABILITY
first.
In both cases the server
Dr. Stephen Henson wrote:
On Wed, Feb 21, 2007, Lutz Jaenicke wrote:
Goetz Babin-Ebell wrote:
Lutz Jaenicke wrote:
Goetz Babin-Ebell wrote:
[...]
* in SMTP doing a STARTTLS without previous EHLO
will return a
503 STARTTLS command used when
Goetz Babin-Ebell wrote:
Lutz Jaenicke wrote:
Goetz Babin-Ebell wrote:
[...]
* in SMTP doing a STARTTLS without previous EHLO
will return a
503 STARTTLS command used when not advertised
* in IMAP doing a STARTLS requires a
. CAPABILITY
first.
In both cases the server
Peter Waltenberg wrote:
Yes, it's desirable that that data is unknown however there is a
compromise possible:
Complement the area. It'll mean valgrind will only complain at the correct
place, or possibly not at all, and it's still random. The performance hit
from doing that will be so small
Ben Laurie schrieb:
Lutz Jaenicke wrote:
Lutz Jaenicke wrote:
Peter Waltenberg wrote:
Yes, it's desirable that that data is unknown however there is a
compromise possible:
Complement the area. It'll mean valgrind will only complain at the correct
place, or possibly
Nitin M wrote:
Hi!
Can anyone please tell me the correct way to submit a patch here, as I
have never done that before on this list?
As stated somewhere on the website: submit it by email to [EMAIL PROTECTED]
Note: wrt SPAM protection this interface is moderated so there may be some
delay(*)
OpenSSL version 0.9.8g released
===
OpenSSL - The Open Source toolkit for SSL/TLS
http://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 0.9.8g of our open source toolkit for SSL/TLS. This new
OpenSSL
Martin Peylo wrote:
Hi,
could the following OIDs please be added to the objects.txt file? They
are used by CMP (RFC 4210) and CRMF (RFC 4211) which I am implementing
right now. This would make it easier for me to supply a patch which
applies cleanly in case the objects.txt file was changed
Robert Gries wrote:
Well even though I get the error about the shared libraries, it did work with
is Configure:
./Configure --prefix=~gries/usr/local/ssl --openssldir=~gries/usr/local/ssl
threads linux-ppc64 -m64 -L/usr/local/lib -DOPENSSL_USE_GMP -lgmp -static
[EMAIL
Bruno Bonfils wrote:
Hi openssl's people,
I'm currently writing a script to check a PKI. For this purpose, I
wrote a small patch to display the crlNumber directly from the crl's
app:
# openssl crl -in ca.crl -crlnumber -noout
crlNumber=42
I'll happy if the patch can be include in
Guenter Knauf wrote:
Hi Lutz,
Replies to active tickets are handled automatically.
I've a ticket open where I posted a couple of times updates:
http://rt.openssl.org/index.html?q=1611
but nothing of these appear here on the list - although they are properly
listed with #1611...
can
Richard Hartmann wrote:
Hi all,
3 X509_V_ERR_UNABLE_TO_GET_CRL unable to get certificate CRL
should read
3 X509_V_ERR_UNABLE_TO_GET_CRL: unable to get certificate CRL
i.e. there is a colon missing. If there is any interest, I can create a patch
but it is probably faster for both sides if
David Erosa García wrote:
Hello all.
I tried the openssl-users list but I think this may be a question for
the devel list:
I'm doing my homework about openssl, but *this question has nothing to
do with it*. It's just a doubt that arised while doing it.
There is one exercise with the
Zhichao Hong wrote:
I have sent email about a client hangs when trying to communicating
with server using 0.9.7e version of the openssl. When looking into the
debugger stack trace, the ssl3_read_n blocks forever in the s3_pkt.c.
When I browsed the cvs change history, the following issue was
Zhichao Hong wrote:
Thank you, Lutz, for the change set information! I have to admit that
I am not a power user of the openssl at the source level. We are not
controlling the server as it is a standard IIS HTTPS. The software
is using openssl library on top of openbsd stack. So do you
Bodo Moeller wrote:
However, another intentional use of potentially unitialized data is
still left as of
http://cvs.openssl.org/getfile/openssl/crypto/rand/randfile.c?v=1.47.2.2
:
i=fread(buf,1,n,in);
if (i = 0) break;
/* even if n != i, use the
Thor Lancelot Simon wrote:
I think I've discovered another problem with the current non-blocking API.
I have an application which reads data into fixed-size buffers which it
maintains per session. It uses non-blocking IO and select() when a read
returns SSL_ERROR_WANT_{READ,WRITE}.
To
Thor Lancelot Simon wrote:
On Fri, Aug 01, 2008 at 03:49:01PM +0200, Lutz Jaenicke wrote:
Thor Lancelot Simon wrote:
The record size of the SSL record is predetermined by the sender with
16k being the maximum size specified by the protocol.
32K for SSLv2, no?
I stopped caring
Hi!
I have just installed a new (2048bit) certificate and key to the
OpenSSL Project webserver. It is a wildcard certifcate for *.openssl.org
catching both www.openssl.org and rt.openssl.org.
Many thanks go to Steve Roylance from Globalsign for donating a
3 year wildcard SSL certificate!!
Best
David Woodhouse via RT wrote:
(Was waiting for the RT to autoreply with a number before I followed up,
but it doesn't seem to have arrived after half an hour, so I'll send
anyway. Hopefully the References: header will associate this with the
previous mail anyway...)
Mailings to rt are
David Woodhouse wrote:
On Mon, 2008-10-13 at 09:01 +0200, Lutz Jaenicke via RT wrote:
Note: I have reverted the DTLS1_BAD_VER part as DTLS1_BAD_VER handling
is not present in HEAD (0.9.9).
That makes sense.
I assume that DTLS1_BAD_VER handling wasn't added to HEAD because the
pre
Jurko Gospodnetić wrote:
Hi all.
Just wandering whether there is something I am missing about posting
bug reports/patches to 'r...@openssl.org'. I send a report there three
days ago and got neither any confirmation nor did the report get
forwarded to the development list. I resent the
Kyle Hamilton wrote:
I hope the test reports I sent to -bugs are useful. I'm on a Mac OSX
10.5.6 machine, Intel-based, and I ran tests in both 32 and 64 bit
modes, both without and with the optional features. I do not have gmp
installed, nor zlib, so I cannot vouch for their usability; I did
Kyle Hamilton wrote:
On Wed, Apr 1, 2009 at 4:55 AM, Lutz Jaenicke l...@lutz-jaenicke.de wrote:
Hi Kyle,
thank you very much for reports, they are currently sitting in the
moderation queue. I would kindly ask you and other testers to either
* send success messages to the list with just
David McCullough wrote:
Jivin Kyle Hamilton lays it down ...
Please mail these each as attachments to r...@openssl.org. This will
ensure that each gets entered into a trackable state, and also ensures
that the formatting for the patch files stays consistent.
No problems, I wasn't
Boyle Owen wrote:
PPS: Although I have subscribed to this list, I am not getting the mails
(I have to keep checking the archives). Is there anyone who can check
out my account?
Hmm. If memory serves me right there was a subscribe message sent to
the list instead of the mailing list
the attachment and store it for download.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
On Fri, Nov 28, 2003 at 07:01:03AM -0800, Tim Rice wrote:
On Sun, 16 Nov 2003, Lutz Jaenicke via RT wrote:
[EMAIL PROTECTED] - Mon Oct 20 15:20:21 2003]:
In trying to build ethier the OpenSSL_0_9_7c or OpenSSL_0_9_7-stable
branch on OpenServer 5 I discovered a change
:
Check that OPENSSL_malloc() really returned some memory.
PR: 751
Notified by: [EMAIL PROTECTED]
Reviewed by: Lutz Jaenicke, Richard Levitte
Summary:
RevisionChanges Path
1.28.2.9+5 -0 openssl/crypto/evp/evp_enc.c
On Wed, Feb 04, 2004 at 02:22:49PM +0100, Jostein Tveit wrote:
Lutz Jaenicke [EMAIL PROTECTED] writes:
On Tue, Feb 03, 2004 at 08:41:23AM +0100, Jostein Tveit wrote:
What exactly does the comment in ssl/ssl_lib.c mean:
/* works well for SSLv2, not so good for SSLv3 */
char
is
still free to use the full chunk size.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
, which
_is_ updated.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
decided to contact you
for an assistant, which I do hope you will take this matter into consideration.
Anti-SPAM measures have been updated. Sorry for this one slipping through...
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz
-productive
snapshots.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
with this location?
We had a hard disk problem that seems to be resolved now.
Please excuse any inconvenience,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044
PROTECTED]
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
__
OpenSSL Project
On Tue, May 03, 2005 at 05:19:06PM -0700, Doug Kaufman wrote:
On Tue, 3 May 2005, Lutz Jaenicke wrote:
New submissions are moderated. I have been on vacation and I did mess up
to correctly hand over to another team member.
Thanks for all your work on this. I had assumed that it was all
Hi!
The OpenSSL request tracker will go down now for migration to a new
version of RT and another host. All incoming email requests will be
queued and will be uploaded once the new setup is finished.
I will send another announcement once the request tracker is back up online.
Best regards,
Lutz Jaenicke wrote:
Hi!
The OpenSSL request tracker will go down now for migration to a new
version of RT and another host. All incoming email requests will be
queued and will be uploaded once the new setup is finished.
I will send another announcement once the request tracker is back up
-
Heres a new way to find what you're looking for - Yahoo! Answers
- End forwarded message -
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine
Lutz Jaenicke wrote:
Lutz Jaenicke wrote:
Hi!
The OpenSSL request tracker will go down now for migration to a new
version of RT and another host. All incoming email requests will be
queued and will be uploaded once the new setup is finished.
I will send another announcement once
Lutz Jaenicke wrote:
Lutz Jaenicke wrote:
Lutz Jaenicke wrote:
Hi!
The OpenSSL request tracker will go down now for migration to a new
version of RT and another host. All incoming email requests will be
queued and will be uploaded once the new setup is finished.
I will send
RT access configuration has been changed.
Best regards,
Lutz
---BeginMessage---
This transaction appears to have no content
__
OpenSSL Project http://www.openssl.org
Development Mailing List
ng actual statements on this list the discussion should be
moved to openssl-users!
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitae
"openssl verify" does not give a full list of its options, especially
the [-purpose] is missing (-purpose is listed in the manpage).
Make usage information consistent with manpage.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
B
lly compiled).
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus
lized to 0 in ssleay_rand_cleanup().
Impact: probably small, since RAND_bytes() is probably called directly
after RAND_cleanup() only under test conditions.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-
sense we complement
each other :-))
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D
on documenting these things.
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69
my knowledge of this part of the code is intimate
enough to propose a change. I will have a look into the source anyway.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl
)
blowfish(idx)
compiler: gcc -DTHREADS -DDSO_DL -D_REENTRANT -O3 -DB_ENDIAN -DBN_DIV2W
***
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik
case: fail.
But this of course would further increase the amount of confused people on the
mailing list asking for the PRNG not seeded problem :-(
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/persone
eing ready and a list being prepared...
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus
to
SSL_clear - Reset SSL to allow another connection
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
rify_result=1.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus
nside Configure and ./config will leave it
alone in the future!?
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-412
Hi!
I have just finished some manual pages about SSL_CIPHER handling to be
added to doc/ssl.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik
ets I left untouched. It is a long time ago I have seen one
and moemory is slowly fading.
Hopefully, somebody else will go over it add his 0.02 Swedish Krona
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.D
Appended two corrections, one extension and one new manpage.
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Another small chunk of manual pages,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044
Hi!
copying pages as skeleton to new ones is not always the best idea...
Please find attached two typos and two new pages.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke
and added SSL_CTX_set_ssl_version.
Best,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-030
..]
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49
.
despite the correct finding that my machine is a
"Operating system: 9000/42T-hp-hpux"
Who in hell stops you from calling
perl Configure hpux-cc
(-gcc)???
Regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://
Hi!
Some manual pages about SSL_CTX_load_verify_locations() and friends.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel
Hi!
Two corrections:
- c_rehash needs a directory as argument
- Unlike all other items the BIO-layer can return "-2". Hence the correct
classification of error return values is "0" instead of "-1".
Best regards,
Lutz
--
Lutz Jaenicke
and only register the algorithms that I want to be available?
man SSL_CTX_set_cipher_list
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik
itself?! (x509_vfy.c)
At least it never issues a X509_V_ERR_CERT_CHAIN_TOO_LONG itself...
Steve, probably you know best :-)
Anyway, I have appended a draft copy of what is there by now.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus
On Sun, Oct 08, 2000 at 01:45:41PM +0200, Richard Zidlicky wrote:
On Sat, Oct 07, 2000 at 08:19:52PM +0200, Lutz Jaenicke wrote:
...
if (SSL_get_verify_result(ssl) == X_509_OK)
should not that be X509_V_OK?
Of course :-)
Thanks
. It contains some explanations on this matter.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3
expired certificates
came into the way of more actual ones.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
: TLSv1_method() (will send out TLSv1 protocol).
To my knowledge, at least the CommunigatePro SMTP server violates this rule,
so that the Client would fail. So my recommondation would be SSLv23_method()
for the client, too.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL
SSLv23_server, which understands SSLv2, SSLv3 and SSLv3.1=TLSv1,
SSLv3_server does not understand SSLv3 and TLSv1.
I will recheck the exact behaviour and submit a corrected documentation.
Might take until this evening, though.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL
, SSLv3, and TLSv1, SSLv3 _only_ covers SSLv3 and not
TLSv1 even though a lot of the routines are shared.
Sorry,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik
not have the slightest idea of what is socket is :-)
(I am using the wording "SSL machine" to not confuse it with the "engine"
release of OpenSSL...)
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://w
see
whether the disussion brings more points.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaets
way for the OpenSSL developers team.
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus
How dos your problem manifest itself?
Best regards,
Lutz
PS. This really belongs to openssl-users...
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik
e
software :-)
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus
201 - 300 of 705 matches
Mail list logo