1. Modify the uplink logic to hardcode your DLL, and make sure your users'
programs never call this modified openssl, probably by using a nonstandard
filename(s), and then stand ready to provide updates every few months.
2. Rewrite the uplink logic to figure out which DLL is providing the
tr
Viktor Dukhovni wrote:
> On Thu, Apr 03, 2014 at 01:18:13PM +0200, Frantisek Hanzlik wrote:
>
>> Hello OpenSSL gurus,
>>
>> I found in my sendmail-8.14.7/Fedora-18-i386 queue undelivered mails,
>> log say 'TLS handshake failed', and when I captured traffic between
>> mine and destination mailserve
Hi,
I am writing a DLL plugin which works with a third party plugin. The DLL
uses open ssl. I was able to successfully connect to a ssl server from a
console application (.exe). But when I added the same code to my dll, it is
not working. Discussions point that i should include "applink.c" in my c
On Thu, Apr 03, 2014 at 01:18:13PM +0200, Frantisek Hanzlik wrote:
> Hello OpenSSL gurus,
>
> I found in my sendmail-8.14.7/Fedora-18-i386 queue undelivered mails,
> log say 'TLS handshake failed', and when I captured traffic between
> mine and destination mailserver, I got result as in attached
We have built the following:
httpd-2.4.6
openssl-1.0.1.e
openssl-fips-2.05
for both Windows and Solaris so we can leverage SHA256.
For both environments I have Apache configured with the following:
SSLProtocol +TLSv1 +TLSv1.1 +TLSv1.2
On Windows, this works. I can use a Browser to hit the ser
On 04/03/2014 11:19 AM, Thomas J. Hruska wrote:
> This works fine:
>
> http://opensslfoundation.org/
>
>
> This raises a certificate warning (Firefox):
>
> https://opensslfoundation.org/
>
> opensslfoundation.org uses an invalid security certificate. The
> certificate is not trusted because no
This works fine:
http://opensslfoundation.org/
This raises a certificate warning (Firefox):
https://opensslfoundation.org/
opensslfoundation.org uses an invalid security certificate. The
certificate is not trusted because no issuer chain was provided. The
certificate is only valid for the f
Well, I found out where it's defined. It's a MACRO definition (
IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname ). I'm still investigating the leak
Regards
From: hicham55...@hotmail.com
To: openssl-users@openssl.org
Subject: Memory leak in ssl3_get_server_certificate
Date: Thu, 3 Apr 2014 14:4
Ø Is there a good way to pass the packets to/from openssl instead of using a
FD for handshakes/etc?
BIO is the openssl IO abstraction; see SSL_set_bio, for example.
/r$
--
Principal Security Engineer
Akamai Technology
Cambridge, MA
I would like to ask your advice on a matter...
I am writing an application that has wrapped HTTPS in another protocol.
I have extracted the SSL packet out of the enclosing packet (which has already
pulled the packet out of the socket).
Is there a good way to pass the packets to/from openssl inst
Hello all,
I found a memory leak when using ssl_connect function. Bellow the valgrind
trace:
==12028== 37,600 (1,040 direct, 36,560 indirect) bytes in 10 blocks are
definitely lost in loss record 12 of 27
==12028==at 0x40053C0: malloc (vg_replace_malloc.c:149)
==12028==by 0x4185C8E:
Hello OpenSSL gurus,
I found in my sendmail-8.14.7/Fedora-18-i386 queue undelivered mails,
log say 'TLS handshake failed', and when I captured traffic between
mine and destination mailserver, I got result as in attached text export
from wireshark.
And when I tried:
openssl s_client -starttls smt
In order to validate a client cert at all, with or without CRL(s),
yes the server must request the client cert
and s_server does that only if you specify -verify or -Verify.
The client must also agree to provide the cert, which it might not;
if it does not and you use -verify the handshake pr
13 matches
Mail list logo