1
and have linked all our application servers agains this version.
matthias
--
Matthias Apitz, ✉ g...@unixarea.de, http://www.unixarea.de/ +49-176-38902045
Public GnuPG key: http://www.unixarea.de/key.pub
signature.asc
Description: PGP signature
EVP_KDF
(nix)
I checked also the sources 1.1.1l and 1.1.1s, there are a lot of 'EVP_*'
symbols, but not EVP_KDF_ctrl.
What is the correct way to fix this. Thanks in advance.
matthias
--
Matthias Apitz, ✉ g...@unixarea.de, http://www.unixarea.de/ +49-176-38902045
Public GnuPG key: http
protected by some
passphrase (like for a SSH connection the usage of the private RSA
key).
Is there some usecase example or some tutorial for this, or any other
hints?
Thanks in advance
matthias
- Forwarded message from Matthias Apitz -
Date: Tue, 19 Feb 2019 09:57:11
El día sábado, mayo 29, 2021 a las 01:02:52a. m. -0400, Amber Shepherd escribió:
> Hi,
> Can you please let me know what I need to do in order to unsubscribe
> from this list?
Look into the header lines of the mails from the list for List-Unsubscribe:
matthias
--
Matthias A
El día Tuesday, February 19, 2019 a las 10:47:44AM +, Matt Caswell escribió:
>
>
> On 19/02/2019 08:57, Matthias Apitz wrote:
> >
> > Two questions:
> >
> > 1. Why this has no input file? Shouldn't it have on, and which? The man
> > page says, it
urd
ephztXEmQ63XP4ULPlcaOXzYk6GLUXFYKVYuIHnpdcJLLRMFWZ0bAgEC
-END DH PARAMETERS-
How this is supposed to work? Thanks
matthias
--
Matthias Apitz, ✉ g...@unixarea.de, http://www.unixarea.de/ +49-176-38902045
Public GnuPG key: http://www.unixarea.de/key.pub
};
Can I fix this somehow within the cups' code?
Thanks
matthias
--
Matthias Apitz, ✉ g...@unixarea.de, ⌂ http://www.unixarea.de/
+49-176-38902045
Public GnuPG key: http://www.unixarea.de/key.pub
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
r:1417C086:SSL routines:tls_process_client_certificate:certificate verify
> failed" zurückrufen.
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Nice idea recall an email which was sent to a mailing-list :-)
--
Matthias Apitz, ✉ g...@unixarea.de, ⌂ http
El día Friday, February 17, 2017 a las 09:57:39AM +, Matt Caswell escribió:
>
>
> On 17/02/17 07:46, Matthias Apitz wrote:
> > New, TLSv1/SSLv3, Cipher is DHE-DSS-AES128-GCM-SHA256
>
> Your server appears to be configured with a DSA certificate.
>
>
-connect 10.23.33.55:58076
quit
$ cat nohup.out
depth=0 C = de, ST = Germany, L = Munich, O = unixarea.de, OU = gTech, CN =
Matthias Apitz
verify error:num=18:self signed certificate
verify return:1
depth=0 C = de, ST = Germany, L = Munich, O = unixarea.de, OU = gTech, CN =
Matthias Apitz
lting string (as you do). However OBJ_obj2txt() might
> truncate what it would otherwise produce if the supplied buffer isn't
> big enough - but it still returns the length of the untruncated string.
>
> ...
I would even suggest to change the wording in the man page to:
"... representatio
is 1 then the numerical form will always be used.
>
> Above statement statement saying that *amount of space required is
> returned*.
I saw this, but 'amount of space required' is IMHO vague, I'd expect
'the length of the resulting string is returned'
matthias
--
Matthias
r must be, but does not specify what its return
value is, only that it is 'int'. Maybe it does not return the length of
the resulting string.
matthias
--
Matthias Apitz, ✉ g...@unixarea.de, ⌂ http://www.unixarea.de/ ☎
+49-176-38902045
"Ohne die Mauer hätte es Krieg gegeben&quo
ystore is generated with the Java keytool. It does not help
generate the keystore with Java1.8 keytool and use this in the Java1.6
server.
Is there some workaround?
Thanks
matthias
--
Matthias Apitz, ✉ g...@unixarea.de, ⌂ http://www.unixarea.de/ ☎
+49-176-38902045
--
openssl-users mailin
= SSL_new(ctx);
SSL_set_bio(ssl, bio, bio);
res = SSL_connect(ssl);
This works fine with IPv4 and IPv6.
HIH
matthias
--
Matthias Apitz | /\ ASCII Ribbon Campaign:
E-mail: g...@unixarea.de | \ / - No HTML/RTF in E-mail
WWW: http://www.unixarea.de/ | X
this, one has to pass
a created IPv6 socket to the SSL layer routines.
This should be fixed.
matthias
--
Matthias Apitz | /\ ASCII Ribbon Campaign:
E-mail: g...@unixarea.de | \ / - No HTML/RTF in E-mail
WWW: http://www.unixarea.de/ | X- No proprietary
);
ssl = NULL;
}
}
--
Matthias Apitz | /\ ASCII Ribbon Campaign:
E-mail: g...@unixarea.de | \ / - No HTML/RTF in E-mail
WWW: http://www.unixarea.de/ | X- No proprietary attachments
phone: +49-170-4527211 | / \ - Respect for open standards
way to not start special servers to
test with s_client...
Any idea how to let accept s_client the clear text before using SSL?
Thanks
matthias
--
Matthias Apitz | /\ ASCII Ribbon Campaign:
E-mail: g...@unixarea.de | \ / - No HTML/RTF in E-mail
WWW: http
some nice pictures how the bug works: http://www.xkcd.com/1354/
HIH
matthias
--
Sent from my FreeBSD netbook
Matthias Apitz, g...@unixarea.de, http://www.unixarea.de/ f: +49-170-4527211
UNIX since V7 on PDP-11, UNIX on mainframe since ESER 1055 (IBM /370)
UNIX on x86 since SVR4.2
we have rumor, that the bug was used by NSA,
of course the American Goverment says no.
Thanks
matthias
--
Matthias Apitz | /\ ASCII Ribbon Campaign:
E-mail: g...@unixarea.de | \ / - No HTML/RTF in E-mail
WWW: http://www.unixarea.de/ | X- No proprietary
--
Sent from my FreeBSD netbook
Matthias Apitz, g...@unixarea.de, http://www.unixarea.de/ f: +49-170-4527211
UNIX since V7 on PDP-11, UNIX on mainframe since ESER 1055 (IBM /370)
UNIX on x86 since SVR4.2 UnixWare 2.1.2, FreeBSD since 2.2.5
El día Saturday, April 12, 2014 a las 09:30:22PM +0200, Matthias Apitz escribió:
El día Saturday, April 12, 2014 a las 09:08:15PM +0200, Michael Tuexen
escribió:
What is the exact bug, can someone show a svn/git diff of the first
source version having the bug?
http://git.openssl.org
amount a valid
space...
matthias
--
Sent from my FreeBSD netbook
Matthias Apitz, g...@unixarea.de, http://www.unixarea.de/ f: +49-170-4527211
UNIX since V7 on PDP-11, UNIX on mainframe since ESER 1055 (IBM /370)
UNIX on x86 since SVR4.2 UnixWare 2.1.2, FreeBSD since 2.2.5
works in both directions; when a client
with an openssl lib/DLL with this bug connects to a well prepared SSL server,
the server can fetch up to 64 kbyte of memory from the client, for example the
stored saved passwords in your browser...
matthias
--
Sent from my FreeBSD netbook
Matthias
-Original Message-
From: Matthias Apitz [mailto:g...@unixarea.de]
Sent: Thursday, April 10, 2014 6:41 AM
To: Apitz,Matthias
Subject: Fwd: RE: OpenSSL Security Advisory
- Forwarded message from Salz, Rich rs...@akamai.com -
Date: Wed, 9 Apr 2014 15:43:28 -0400
:/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/t1_lib.c:2562:
Thanks for clarification.
matthias
--
Sent from my FreeBSD netbook
Matthias Apitz, g...@unixarea.de, http://www.unixarea.de/ f: +49-170-4527211
UNIX since V7 on PDP-11, UNIX on mainframe since ESER 1055 (IBM /370
, 0x810469b, 5) ...
Why is this different on Solaris and Linux?
matthias
--
Matthias Apitz | /\ ASCII Ribbon Campaign: www.asciiribbon.org
E-mail: g...@unixarea.de | \ / - No HTML/RTF in E-mail
WWW: http://www.unixarea.de/ | X - No proprietary attachments
phone
) if there is the clear text goodmorning
message coming in, if not it stops reading and initiates the SSL/TLS.
If it can read the 220 ready in clear text, it will asume clear
text and will talk the first command to the server.
Vy 73
matthias
--
Sent from my FreeBSD netbook
Matthias Apitz, g
does or not does SSL after connecting the socket?
Ofc the client could try any method and if it does not fit, drop the
connection and do an new one.
But I hope that there are better options. Thanks
matthias
--
Matthias Apitz | /\ ASCII Ribbon Campaign: www.asciiribbon.org
is there in clear text (like 220 SLNP) and if not
it should handover this buffer and the socket fd for further SSL
handshake... Is this possible?
matthias
--
Sent from my FreeBSD netbook
Matthias Apitz, g...@unixarea.de, http://www.unixarea.de/ f: +49-170-4527211
UNIX since V7 on PDP-11, UNIX
which allows storing
binary actets, like BLOB (Sybase) or IMAGE (Oracle) or ... depends on
your DBS.
matthias
--
Sent from my FreeBSD netbook
Matthias Apitz | - No system with backdoors like Apple/Android
E-mail: g...@unixarea.de | - Never being an iSlave
WWW: http
routines:SSL2_READ_INTERNAL:non sslv2 initial
packet:s2_pkt.c:187:
I think this is normal, because you did not contacted the server with
some SSL client;
At the client side :
curl: (56) Recv failure: Connection reset by peer
normal too;
HIH
matthias
--
Matthias Apitz
not need any key files to connect...
The output of the openssl client about the connection is attached below
as nohup.out.
Why is this? Could some kind soul bring a bit light into this? Thanks in
advance.
matthias
--
Matthias Apitz | /\ ASCII Ribbon Campaign
files in http://www.openssl.org/docs/HOWTO/
and they seems to be usefull, but the file certificates.txt makes in the
critical point a refernce to ...another HOWTO formats.txt? which is
not there :-(
Thanks
matthias
--
Matthias Apitz
t +49-89-61308 351 - f +49-89-61308 399 - m +49-170
34 matches
Mail list logo