Re: [openssl-users] Help with ssl error

>From the original question, it appears the server here only supports two >cipher suites: RSA_With_AES_128_CBC_SHA and RSA_With_3DES_EDE_CBC_SHA This would explain the alert 71, which is the sent because there are no cipher suites in common. From:

Re: [openssl-users] SSL_shutdown return error when close in init

On Tue, 18 Apr 2017, mid...@163.com wrote: >Hello > I'm using open1.1.0e in async mode with intel QuickAssist Engine to handle > https connections? but there's some problem. > >client(ab)-- server(my program) > ><-TCP handshake> -ssl

Re: [openssl-users] Query regarding DTLS handshake

> On 13. Apr 2017, at 11:11, mahesh gs wrote: > > Hi, > > We are running SCTP connections with DTLS enabled in our application. We have > adapted openssl version (openssl-1.1.0e) to achieve the same. > > We have generated the self signed root and node certificates for

Re: [openssl-users] Help with ssl error

On Tue, Apr 18, 2017 at 11:17:48AM -0400, Joseph Southwell wrote: > It doesn’t look like it requested a client certificate to me. Correct, the server alert was returned immediately in response to the TLS ClientHello. > $ openssl s_client -state -msg -connect ftp.echannel.banksys.be:16370 >

Re: [openssl-users] Help with ssl error

It doesn’t look like it requested a client certificate to me. openssl110e>openssl s_client -state -msg -connect ftp.echannel.banksys.be:16370 -starttls ftp CONNECTED(0104) SSL_connect:before SSL initialization >>> ??? [length 0005] 16 03 01 00 ab >>> TLS 1.2Handshake [length 00ab],

Re: [openssl-users] Multithreading: Global locks causing bottleneck in parallel SSL_write calls

> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf > Of Jakob Bohm > Sent: Tuesday, April 18, 2017 06:22 > > Please note that all of these "CBC vulnerabilities" you specifically > mention are SSL/TLS vulnerabilities in the particular ways that SSL3 > and current TLS

Re: [openssl-users] openvpn 2.4.1 with gost

Hello, As far as I know, openvpn does not work with GOST algorithms without patches. On Tue, Apr 18, 2017 at 12:16 PM, R.S via openssl-users < openssl-users@openssl.org> wrote: > Hello. > I have just build openvpn with openvpn-build with these versions: >

Re: [openssl-users] Integrating New Cipher Suite

On Fri, Apr 14, 2017, Schmicker, Robert wrote: > > > After some debugging (exactly as mentioned above) it appears that the cipher > suite does not show up in the ClientHello using the s_client/s_server. I > modified the cipher for testing to use 512 bits instead of 64 so that it is > ranked

[openssl-users] openvpn 2.4.1 with gost

Hello. I have just build openvpn with openvpn-build with these versions: OPENSSL_VERSION="${OPENSSL_VERSION:-1.0.2k}" PKCS11_HELPER_VERSION="${PKCS11_HELPER_VERSION:-1.11}" LZO_VERSION="${LZO_VERSION:-2.10}" TAP_WINDOWS_VERSION="${TAP_WINDOWS_VERSION:-9.21.2}"

Re: [openssl-users] Segmentation fault ssl23_connect()

Thanks. I'll try that. Regards, Sanjaya On 18 Apr 2017 15:27, "Matt Caswell" wrote: > > > On 16/04/17 20:17, Sanjaya Joshi wrote: > > Hello, > > > > I use openldap_2.3.39 to initiate secure LDAP connection (starttls) to > > external LDAP server. The used openssl version is

Re: [openssl-users] Multithreading: Global locks causing bottleneck in parallel SSL_write calls

On 13/04/2017 22:01, Michael Wojcik wrote: From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of Dipak Gaigole Sent: Thursday, April 13, 2017 15:12 I will try with disabling FIPS. Opinions differ, but many people - including myself - recommend not enabling FIPS mode

[openssl-users] QcStatements with OpenSSL (C++)?

Hi there, can OpenSSL pasre QcStatement X509v3 Extension btw. Did OpenSSL Support these? Any Piece of example Code of how can i parse the data? Thanks Matthias -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Segmentation fault ssl23_connect()

On 16/04/17 20:17, Sanjaya Joshi wrote: > Hello, > > I use openldap_2.3.39 to initiate secure LDAP connection (starttls) to > external LDAP server. The used openssl version is 1.0.2k. > > While establishing the secure connection from client, i observe the > following segmentation fault