Seems -iter option is added to master only in the below commit. By date,
it is later than 1.0.1g and probably 1.0.1h too.
commit 8a6c6bbf21cc11ea0fed69a106250af0d734d786
Author: Naftuli Tzvi Kay rfkro...@gmail.com
Date: Tue Jun 3 12:48:06 2014 -0700
Added custom PBKDF2 iteration count to
Seems -iter option is added to master only in the below commit. By date,
it is later than 1.0.1g and probably 1.0.1h too.
OK, thanks. Would that be a 1.0.2 option; or a 1.1.0 option?
On Wed, Jul 23, 2014 at 2:41 AM, Thulasi Goriparthi
thulasi.goripar...@gmail.com wrote:
Seems -iter option is
I didn't see it with 1.0.2-beta2 released yesterday.
Not sure, if it would be added to the final 1.0.2 release.
On Wed, Jul 23, 2014 at 12:36 PM, Jeffrey Walton noloa...@gmail.com wrote:
Seems -iter option is added to master only in the below commit. By
date,
it is later than 1.0.1g and
Hi,
I've found this in ssl/d1_both.c:
-
int
dtls1_retransmit_buffered_messages(SSL *s)
{
[...]
for ( item = pqueue_next(iter); item != NULL; item =
pqueue_next(iter))
{
frag = (hm_fragment *)item-data;
Good point, this doesn't look right; this is not how OpenSSL normally
reports details. The DTLS code hasn't received the same attention as the
SSL/TLS code yet, because it's used a lot less. Filing a report to
r...@openssl.org makes sense -- it doesn't look as if this has been reported
before.
Hi all,
I have followed chapter 5 of the book Network security with OpenSSL
in order to code a simple SSL/TLS client and server (in Xubuntu14.04
with OpenSSL1.0.1h). The client/server code worked fine.
Then, I modified the initialization function to take into
consideration cryptodev engine and
What am I doing wrong?
This code fragment:
#include stdio.h
#include string.h
#include openssl/evp.h
#include
I am still getting these errors in my webserver logs. Can someone help me
to solve this.
On Jul 22, 2014 3:28 PM, davidsnt david...@gmail.com wrote:
Hello Dave,
Thank you for your response, yes I am using Ubuntu 12.0 and recently did a
ubuntu openssl page upgrade and got ubuntu
What am I doing wrong?
This code fragment:
#include stdio.h
#include string.h
#include openssl/evp.h
#include
On Wed, Jul 23, 2014 at 11:10:28AM -0400, Robert Heller wrote:
What am I doing wrong?
[...]
EVP_DigestInit_ex(mdctx,(const EVP_MD *)EVP_sha256,NULL);
[...]
HMAC_Init_ex(ctx,paddedkey,KEYLEN,(const EVP_MD *)EVP_sha256,NULL);
[...]
The cast to (const EVP_MD *) hides the bug
Hi,
We need OpenSSL which supports TLS 1.2 (RFC 5246).
Please let me know which version We can use?
Currently we are using OpenSSL-FIPS-1.2, We need FIPS version.
On Tue, Jul 22, 2014 at 10:42 PM, Arun Kumar arunu...@gmail.com wrote:
Hi,
We are currently using below version:
Admin,
I have recently upgraded to openssl version 0.9.8za on windows server 2008,
the client connections are failing at BIO_do_connect. Please suggest what
need to be done.
Regards,
Sharath B
Hi Anil,
I am facing same issue. As suggested, I have built the all OpenSSL1.0.0m
sources with optimization +O3 and s3_pkt.c built with out optimization
(removed +O3 from the complier options specific to this file).
Still I am seeing this issue.
Can you please provide the solution to fix this
(a) please don't spam all of the lists. The openssl-users is sufficient
(b) you got a reply to your question yesterday. Check your email and the Gmail
spam folder.
- Andrew
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Arun Kumar
Sent: Tuesday,
At Wed, 23 Jul 2014 17:15:55 + openssl-users@openssl.org wrote:
On Wed, Jul 23, 2014 at 11:10:28AM -0400, Robert Heller wrote:
What am I doing wrong?
[...]
EVP_DigestInit_ex(mdctx,(const EVP_MD *)EVP_sha256,NULL);
[...]
HMAC_Init_ex(ctx,paddedkey,KEYLEN,(const
Then there’s two approaches and you can try either or both:
- get someone who can look at the Debian/Ubuntu version, which clearly differs
from upstream. Maybe the Debian and/or Ubuntu packagers can help you. Maybe
some other developer (though none has stepped forward here). Maybe you can
Hi,
I have inherited some c code which implements client/server communication. The
certs expired last week and there is no documentation as to how the certs were
generated.
I would like to know the correct sequence of openssl commands to generate the
certificate files on server S and client
On 23/07/14 08:17, Thulasi Goriparthi wrote:
I didn't see it with 1.0.2-beta2 released yesterday.
Not sure, if it would be added to the final 1.0.2 release.
There are no plans to back port this feature to 1.0.2.
Matt
__
I would like to know the correct sequence of openssl commands to generate
the certificate files on server S and client C.
It sounds like you need something like this:
http://www.g-loaded.eu/2005/11/10/be-your-own-ca/.
Under Create a Server certificate, the article above puts the
server's DNS
On Tue, Jul 22, 2014 at 11:50 PM, Arun Kumar arunu...@gmail.com wrote:
Hi,
We need OpenSSL which supports TLS 1.2 (RFC 5246).
Please let me know which version We can use?
Currently we are using OpenSSL-FIPS-1.2, We need FIPS version.
Check the CHANGE LOG at
Specifically, what can lead me backwards from the
Error with certificate at depth: 0, Error with issuer” error code?
I was hoping for a specific reason why this line
X509_NAME_oneline(X509_get_issuer_name(cert), data, 256);
is failing.
Thanks
Dan
On Jul 23, 2014, at 5:25 PM, Jeffrey
On Wed, Jul 23, 2014 at 9:21 PM, Daniel Bertrand
danieljamesbertr...@me.com wrote:
Specifically, what can lead me backwards from the
Error with certificate at depth: 0, Error with issuer” error code?
I was hoping for a specific reason why this line
22 matches
Mail list logo
