> But I want to use TLS 1.2 only for my application with curl 7.58 in Ubuntu
> 18.04. So while using openssl 1.1.1 how to disable default TLS 1.3 and how
> to enable TLS 1.2?
Just curious. Why do you want to disable TLS 1.3? It will automagically use
1.2 if that's all the other end
"collect2" indicates that this isn't Solaris ld, but GNU ld in
action. With GNU ld, -Map doesn't do what you think it does
(from https://sourceware.org/binutils/docs/ld/Options.html#Options):
-Map=mapfile
Print a link map to the file mapfile. See the description of
the -M
Tentative fix: https://github.com/openssl/openssl/pull/8548
On Thu, 21 Mar 2019 07:22:39 +0100,
Richard Levitte wrote:
>
> Said and done: https://github.com/openssl/openssl/issues/8547
>
> I would appreciate it if you followed what's happening there and
> helped out getting it right...
>
>
Said and done: https://github.com/openssl/openssl/issues/8547
I would appreciate it if you followed what's happening there and
helped out getting it right...
Cheers,
Richard
On Thu, 21 Mar 2019 07:09:37 +0100,
Richard Levitte wrote:
>
> "collect2" indicates that this isn't Solaris ld, but GNU
I have updated my openssl from 1.1.0 to 1.1.1 recently. Openssl 1.1.1 version
supports TLS1.3 feature.
But I want to use TLS 1.2 only for my application with curl 7.58 in Ubuntu
18.04. So while using openssl 1.1.1 how to disable default TLS 1.3 and how to
enable TLS 1.2?
Can I set any flags
> On Mar 21, 2019, at 2:14 AM, Hal Murray wrote:
>
>> Can I set any flags while building openssl 1.1.1 to disable TLS 1.3 or can
>> i get any package from ubuntu to disable TLS 1.3 ?
>
> You can do it at run time using SSL_set_max_proto_version
It can also be set in the system-wide default
>This software however is 7 years old, we’re not in a position to drop
> everything and rewrite it.
Then don't upgrade? If it's for a CA you don't need TLS 1.3 for example.
Or take the existing OpenSSL code that works and jam it into the current
release.
On Thu, Mar 21, 2019 at 01:00:14PM +, Salz, Rich via openssl-users wrote:
> >This software however is 7 years old, we’re not in a position to drop
> > everything and rewrite it.
>
> Then don't upgrade? If it's for a CA you don't need TLS 1.3 for example.
>
> Or take the existing
On 3/21/19 7:04 AM, Richard Levitte wrote:
> Tentative fix: https://github.com/openssl/openssl/pull/8548
>
I think this was all covered in detail during the beta test releases
and I am certain that last year I was quite vocal that the config files
are wrong for Solaris. The solution is that the
On 3/20/2019 12:41 PM, Michael Wojcik wrote:
Sounds like you might have import libraries there. Does "ar t
libcrypto.lib" show a bunch of .obj members, or a bunch of .dll
members? If it's the latter, then it's just an import library that
tells the linker what DLL needs to be loaded at
On 3/20/2019 6:44 PM, Sergio NNX wrote:
I've been happily using the Shining Light 32-bit binaries with both
openssl 1.0 and 1.1 and mingw.
Getting back to this:
I tried mingw linking against these
"c:/program files/openssl64/lib/libcrypto.lib"
"c:/program files/openssl64/lib/libssl.lib"
First, let me prefix that while I don't want to badmouth anybody, even
incompetence cannot excuse deliberately generating bad/unparsable encoding.
That's one of the cases when the cure is clearly worse than the disease.
On 3/21/19, 13:58, "openssl-users on behalf of Viktor Dukhovni"
wrote:
> On Mar 21, 2019, at 1:57 PM, Viktor Dukhovni
> wrote:
>
>1. Return failure from i2d_ASN_OBJECT(), which then percolates
> up to failure to encode the containing structure.
>
>2. Emit a "harmless" default OID (such as 0.0), returning to
> the behaviour prior to 1.0.1i
>
+1 to Viktor's points.
Regards,
Uri
Sent from my iPhone
> On Mar 21, 2019, at 12:52, Viktor Dukhovni wrote:
>
> On Thu, Mar 21, 2019 at 01:00:14PM +, Salz, Rich via openssl-users wrote:
>
>>> This software however is 7 years old, we’re not in a position to drop
>>> everything and
On Thu, Mar 21, 2019 at 05:22:24PM +, Blumenthal, Uri - 0553 - MITLL wrote:
> > On the DER padding front, the minimal
> > working suffix is 7 bytes:
Apparently I can't count today, clearly the suffix is 8 bytes.
> >
> >30 03-- Length 3 sequence
> >06 01 00 -- OBJECT ID: 0.0
> >
On Tue, 19 Mar 2019 at 07:56, Swamy J-S wrote:
> Right now my code uses curl library with libcurl4 and gnuTLS as SSL
> backend. Am using many curl options such as CURLOPT_SSL_VERIFYPEER ,
>
If you use gnuTLS as your SSL backend then this is nothing to do with
openssl at all.
Kind Regards
Rich
16 matches
Mail list logo