2013/10/15 Matt Caswell fr...@baggins.org
make install_sw
Hi Matt,
That seems to go without errors alas it doesn't render me a
libcrypto.so.1.0.0 like I expected.
I am sorry I gave up on this.
I has al to do with the application being partly wine emulated and fully
32-bit. It runs fine on a
This might have cropped into all the SSL snapshots.
/usr/bin/ranlib ../libssl.a || echo Never mind.
if [ -n libcrypto.so.1.0.0 libssl.so.1.0.0 ]; then (cd ..; make
libssl.so.1.0.0); fi
[ -z ] || gcc3 -fPIC -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS
-pthread -D_THREAD_SAFE
It is safe to assume that both the SNI and NPN callbacks would have been
called _before either call returns success notification ?
In other words, an app would be in consistent state - having decided on
both the protocol (say SPDY/HTTP2.0) and possible certificate switch,
before performing any of
At substantial risk of beating the proverbial already-dead horse, here're
some questions I have:
- is legitimate Web-client-issued renegotiation observed in real world ? In
other words, do the web browsers of today issue legitimate renegotiation
requests ?
Some of such legitimate reasons could
One of the openSSL vulnerabilities is:
CVE-2013-0169:
The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used
in OpenSSL, , do not properly consider timing side-channel attacks on a MAC
check requirement during the processing of malformed CBC padding, which
allows remote
