Hi!
My application uses openssl-fips for random number generation, where the
seeding have to have at least 100 bits of entropy coming from a hardware
random generator which is certified either to FIPS or CC EAL4. Due to
economy we want to use a USB token and not a full-featured HSM.
I have
Hi
We have a box running Debian 2.1 still in production, and for complicated
reasons we can't replace it immediately. I'm trying to compile OpenSSH for it,
and to do that I need to compile OpenSSL. The issue I'm seeing is very similar
to that reported by Alain Guibert here:
On 1/18/2012 12:00 PM, Brooke, Simon wrote:
Hi
We have a box running Debian 2.1 still in production, and for complicated
reasons we can't replace it immediately. I'm trying to compile OpenSSH for it,
and to do that I need to compile OpenSSL. The issue I'm seeing is very similar
to that
Firstly, apologies for Outlook and its inability to format responses in a
conventional or easy to follow way; it's an embarrassment, but unfortunately
these are the tools that poor corporate serfs have to work with.
Secondly, thanks for both these suggestions: they're both worth trying. I shall
On Wed January 18 2012, Jakob Bohm wrote:
On 1/18/2012 12:00 PM, Brooke, Simon wrote:
Hi
We have a box running Debian 2.1 still in production, and for complicated
reasons we can't replace it immediately. I'm trying to compile OpenSSH for
it, and to do that I need to compile OpenSSL.
Forwarded to openssl-users for discussion.
Best regards,
Lutz
--
Lutz Jaenicke jaeni...@openssl.org
OpenSSL Project http://www.openssl.org/~jaenicke/
---BeginMessage---
Hi,
I am using SSL_CTX_free(ctx) call in our OpenHPI application and getting
a crash in
On 1/18/2012 1:54 PM, Michael S. Zick wrote:
On Wed January 18 2012, Jakob Bohm wrote:
On 1/18/2012 12:00 PM, Brooke, Simon wrote:
Hi
We have a box running Debian 2.1 still in production, and for complicated
reasons we can't replace it immediately. I'm trying to compile OpenSSH for it,
and
On Wed January 18 2012, Jakob Bohm wrote:
On 1/18/2012 1:54 PM, Michael S. Zick wrote:
On Wed January 18 2012, Jakob Bohm wrote:
On 1/18/2012 12:00 PM, Brooke, Simon wrote:
Hi
We have a box running Debian 2.1 still in production, and for complicated
reasons we can't replace it
On Wed January 18 2012, Michael S. Zick wrote:
On Wed January 18 2012, Jakob Bohm wrote:
On 1/18/2012 1:54 PM, Michael S. Zick wrote:
On Wed January 18 2012, Jakob Bohm wrote:
On 1/18/2012 12:00 PM, Brooke, Simon wrote:
Hi
We have a box running Debian 2.1 still in production, and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL Security Advisory [18 Jan 2011]
===
DTLS DoS attack (CVE-2012-0050)
A flaw in the fix to CVE-2011-4108 can be exploited in a denial of
service attack. Only DTLS
Sadly, removing -fomit-frame-pointer does not work.
Briefly, I edited Configure, found the stanza for linux-elf, deleted
-fomit-frame-pointer, and invoked
./Configure linux-elf
I then invoked
make
Once again I got the bad register name errors. I grepped to check that
-fomit-frame-pointer
On 1/18/2012 9:57 AM, Brooke, Simon wrote:
Sadly, removing -fomit-frame-pointer does not work.
Isn't that the default behavior for -O3?
__
OpenSSL Project http://www.openssl.org
User Support
On Wed January 18 2012, William A. Rowe Jr. wrote:
On 1/18/2012 9:57 AM, Brooke, Simon wrote:
Sadly, removing -fomit-frame-pointer does not work.
Isn't that the default behavior for -O3?
On GCC - yes.
OP is using the ancestor of what is now known as GCC.
The answer was in another
Does openssl support SHA256?
Current version: OpenSSL 1.0.0e 6 Sep 2011
This would indicate that it does not:
root@ubuntu:/# openssl list-message-digest-commands
md4
md5
rmd160
sha
sha1
This document (http://www.openssl.org/docs/apps/openssl.html) however lists it
as a
MESSAGE DIGEST
On Jan 18, 2012, at 11:47 AM, Scott Wilson wrote:
Does openssl support SHA256?
Yes, it does. I'm not sure why it doesn't show up in the output of
list-message-digest-commands or the usage message, but openssl sha256 will
compute a SHA256 digest, and openssl dgst --help lists it.
On Tue, Jan 17, 2012 at 1:32 PM, Magosányi Árpád m...@magwas.rulez.org wrote:
My application uses openssl-fips for random number generation, where the
seeding have to have at least 100 bits of entropy coming from a hardware
random generator which is certified either to FIPS or CC EAL4. Due to
Excellent, thanks. Do you know how many versions back SHA256 is supported?
The reason I ask is that I've got an older version running on a Ubuntu VM
(OpenSSL 0.9.8o 01 Jun 2010), and I tried to generate a CA cert using SHA256
but it signed with SHA1. Here's the command I used in the script:
From: hamid.sha...@sungard.com [mailto:hamid.sha...@sungard.com]
Sent: Wednesday, 18 January, 2012 10:36
- Yes, I am calling load certificates before the trying to
make a connection. According to your suggestion, I have tried
to used openssl s_client to see the callback events and got
From: owner-openssl-us...@openssl.org On Behalf Of Mr.Rout
Sent: Wednesday, 18 January, 2012 02:52
snip
root@1143726:/usr/bin# openssl s_client -connect 10.204.4.69:7003
WARNING: can't open config file: /usr/ssl/openssl.cnf
CONNECTED(0003)
depth=0 C = IN, ST = Karnataka, L =
Hi,
I am using openssl (v1.0.0.0e) for my application and when I run valgrind, it
points to memory leaks at some openssl code. Is this really a leak present in
openssl or I need to do something to remove this leak? The following is the
valgrind dump,
==15790== 39,013 (1,288 direct, 37,725
Hi,
I am trying to implement the pseudo-random function as per the rfc2104
and rfc2246.
But I am getting incorrect output.
I tried debugging and comparing it with the working function output and
I found even the output for MD5_Update() is varying.
Could someone please take a look at source
21 matches
Mail list logo