Hi Matt,
I have linux 4.9.37 on RHEL7.3.
[root@localhost jlulla]# uname -a
Linux localhost.localdomain 4.9.37 #1 SMP Fri Jul 21 04:52:46 PDT 2017 x86_64
x86_64 x86_64 GNU/Linux
[root@localhost test]# OPENSSL_ENGINES=../engines/afalg ../util/shlib_wrap.sh
./afalgtest
AFALG not supported -
Hi Matt,
Thanks, I could find that the /usr/include/linux/version.h has #define
LINUX_VERSION_CODE 199168 for my booted kernel 4.9.37. Which is why I see the
following warnings also:
gcc -Iinclude -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS
-DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC
Hi,
I am trying to use afalg on Linux 4.9.37 with OpenSSL 1.1.0f.
I am facing 2 issues:
ONE: when I issue the speed command, I see the following:
[root@localhost apps]# ./openssl speed -evp aes-128-cbc -engine afalg
invalid engine "afalg"
139853452924736:error:2506406A:DSO support
Hi,
With an "intentionally corrupted" tls1_heartbeat() in Openssl 1.0.2l, heart
beat requests with big payloads such as 16300 or slightly more can be
repeatedly sent to the server.
The server, religiously responds back with such big payloads after spending its
cpu on encrypting/HMAC
Hi,
Could anybody please help me in finding known standard apps ( eg browsers and
servers) which support tls extension for maximum fragment size negotiation?
Also, I have lost the url of a website which used to analyze any given server (
eg www.yahoo.com) for its supporting various tls
Thanks Joey.
And I found the url for listing a server's tls extensions here:
http://possible.lv/tools/hb/?domain=yahoo.com
Do you know how we can enable/test the extensions using firefox or any other
browser?
On Mon, 12/4/17, Joey Yandle
y, December 5, 2017, 9:59 PM
On Tue, 5 Dec 2017 19:14:41 +
(UTC)
Jitendra Lulla via openssl-dev <openssl-dev@openssl.org>
wrote:
> Could the
solution be a restricted count of HB requests along with
a
> timer?
No, the solution is to disable TLS
heartbeats.
I actual