> You know you are going from something horribly out of date to something
very out of date, right?
Yes.
> Can’t you at least move to 1.0.2?
That is out of my hands and is almost entirely irrelevant to the
information I asked for and need. Even if I could upgrade to 1.0.2 the same
problem and
Hi Everyone,
1.
I am trying to upgrade some libraries of an older version of openssl
(~0.9.7) with the libraries of a less old version of openssl (1.0.0e).
2.
When I perform a dynamic openssl build with the following commands, I get
(among other files) a libssl.a file.
cd
ere:
>
> https://www.openssl.org/source/openssl-fips-2.0.16.tar.gz
>
> (c) The FIPS-140 User Guide here, which covers how to build first the FIPS
> module and then fips-enabled OpenSSL:
>
> https://www.openssl.org/docs/fips/UserGuide-2.0.pdf
>
> Andrew
>
> From
Hello Everyone,
Will someone tell me where the source code is to build this version of
openssl, please?
"OpenSSL 1.0.1e-fips 11 Feb 2013"
Thanks!
Joe
-
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Thanks, Matt!
I did not know that OpenSSL.org is the only organization that creates
CVEs for OpenSSL.
Thanks for clearing this up for me!
Joe
--
On 12/01/16 22:43, Joe Flowers wrote:
>* Hello OpenSSL Developers,
*> > >* I understand through your previous a
Hello OpenSSL Developers,
I understand through your previous announcements that OpenSSL 0.9.8 is
no longer "supported", and no more "security fixes", nor "security
updates" will be provided by OpenSSL.org.
Does this mean that we can expect no more CVEs to be generated or
listed for OpenSSL
Hello OpenSSL Developers,
I understand through your previous announcements that OpenSSL 0.9.8 is no
longer "supported", and no more "security fixes", nor "security updates"
will be provided by OpenSSL.org.
Does this mean that we can expect no more CVEs to be generated or listed
for OpenSSL
Hello Everyone,
I would like recommendations and suggestions for encrypting a document on a
distributed CD. I would like someone to be able to open and read the
document only if they have a password or secret string or other(?).
I understand there is a limit to how secure this really is, but I
PGP?
On Wed, Nov 2, 2011 at 8:27 AM, Joe Flowers joe.flow...@nofreewill.comwrote:
Hello Everyone,
I would like recommendations and suggestions for encrypting a document on
a distributed CD. I would like someone to be able to open and read the
document only if they have a password
Thanks a lot Steve! We'll definitely be keeping Globalsign is mind.
Joe
-
On Fri, Sep 12, 2008 at 1:49 PM, Lutz Jaenicke [EMAIL PROTECTED]wrote:
Hi!
I have just installed a new (2048bit) certificate and key to the
OpenSSL Project webserver. It is a wildcard certifcate for
We're thinking of using openssl in our company but wondering about the
version number.
Rach,
OpenSSL is a great product. It is very widely used and adopted throughout
the world. If you ripped it off the face of the planet right now, it would
be catastrophic because so many people and systems
is burp:
http://portswigger.net/proxy/
OWASP also has WebScarab:
http://www.owasp.org/index.php/OWASP_WebScarab_Project
or even Paros:
http://www.parosproxy.org/index.shtml
HTH.
-- Matt Tesauro
On Mon, 2008-06-02 at 11:54 -0400, Joe Flowers wrote:
Hello everyone,
Does anyone have ideas
Hello everyone,
Does anyone have ideas on how I can get Wireshark to decrypt my OpenSSL
HTTPS client application data?
I can decrypt the HTTPS traffic OK to the server machine from the client
machine with Wireshark installed on the client machine, where the HTTPS
traffic is initiated from a web
Thanks Jean-Marc.
Do you think that because my OpenSSL app uses AES-256 for the cipher that
that could be the problem?
Joe
Zack,
This is what I got back from a different friend:
http://www.novell.com/documentation/oes/nlm_list/index.html?page=/documentation/oes/nlm_list/data/ai39ik3.html
Search for NTLS.NLM.
Novell TLS Library
* SSL stack based on OpenSSL.
* If unloaded, there is no SSL
Gary,
Have you tried running your application in a Dependency Walker profile?
http://support.microsoft.com/kb/256872
Joe
gary clark wrote:
Hey Victor,
Thanks for the response. I dont think its an attribute
issue of dlls or files. I checked and they seem to be
ok. Not read only. The two dlls
Zack,
I've done a lot of NetWare programming but have never heard of a
OpenSSL .lib for Novell Netware's CLIB library. I don't think such a
beast exists.
If you are looking to make .exe files then you can probably use the free
Borland compiler
.
The netware readme file makes mention of this but documentation
suggests that Code Warrior is a requirement (which I do not have).
I will take a look at the borland stuff, but I was trying to wing it
without having to purchase anything as this was a one time shot.
Thanks,
Zack
On 6/1/07, Joe Flowers
Hello All-
I can't remember getting this error the last time I built OpenSSL from
source.
I saw a recent archived post where Steve said that this is caused by the
MS VC++ v6.0 SP6 environment not being setup correctly, but I'm not sure
this is the case here. This is my second development
Dr. Stephen Henson wrote:
Note that the two errors are produced when generating the WinCE makefiles
which aren't used so they can be safely ignored.
Steve,
Yeah, I noticed the ce warning messages too and tried to continue on
to the next step (nmake -f ms\ntdll.mak) but it failed repeatedly
Lars,
I assume you are running this inside a loop inside of main() and that is
how you can tell there is a leak?
Joe
Lars Uhlmann wrote:
Please reference http://www.openssl.org/support/faq.html#PROG13 --
I think I've detected a memory leak, is this a bug?
Thanks!
It doesn't matter
Marek,
I really appreciate this code snippet **a lot**. It looks like an
excellent snippet of code...as best as I can tell.
Can anyone else please confirm that these functions (listed below) are
what I need to implement for making OpenSSL thead-safe?
No offense intended Marek. I'm just
David Schwartz wrote:
Make sure that you protect the SSL session with a
mutex. You are not allowed to call SSL_read and SSL_write at the same time
on the same session from different threads.
DS
David,
Does same session mean, same instance of an ssl object, or same
instance of a
);
}
-
Good luck!
Joe
Steven Young wrote:
Apologies if this is a duplicate; I was messing around with my e-mail
yesterday and it was broken for a while. I didn't see this go through.
On Sun, Aug 20, 2006 at 06:54:36PM -0400, Joe Flowers wrote
I wouldn't advise that. Read the docs:
When calling |SSL_write()| with num=0 bytes to be sent the behaviour is
undefined.
I still stand by me first reply on this thread, as I believe it follows
directly from the docs.
Read the docs on SSL_read() and SSL_write().
SSL_ERROR_WANT_WRITE does
Joe Flowers wrote:
It means the exactly same SSL function you just did with the exact
same parameters as you ust did that produced this SSL_ERROR_WANT_WRITE
return. Again, it's clearly explained in the docs.
Joe
Good grief. Pardon my grammar.
The sentence should have read:
It means call
Steve,
You need to put select(ready to read or write) inside each (BOTH
SSL_read() and SSL_write()) of your while loops at the beginning, and
then cycle on WANT_READ or WANT_WRITE for BOTH SSL_read() and
SSL_write() loops.
You're getting high utilization because you are not putting select
Help please.
I have a program/parent thread that launches 4 child threads. It's a
Win32 application that has to be linked using the /MT VC compiler option
for reasons other than OpenSSL. The parent thread calls the following
OpenSSL calls.
CRYPTO_malloc_init();
SSL_library_init();
Joe Flowers wrote:
In any case, does it hurt anything if I try to implement these two
OpenSSL functions anyway?
And, if it's quick and easy to do, can someone sent code snippets of
implementations of these two functions?
In my parent thread, should I just call the following two OpenSSL
I am not 100% sure I understand your question.
It is necessary that I make a very simple HTTPS browser in one thread
and a very simple HTTPS server in another thread.
I'd like to make the HTTPS browser thread impervious (not get hung in
a blocking state) to web servers that are rebooted at
David Schwartz wrote:
I have never done anything like this, however.
DS
H. Then, I'm curious to know at what point (between what socket
functions) you put your socket in the non-blocking state and when/if you
ever set it back to blocking?
Joe
Is it safe to put just SSL_read() and SSL_write() inside the
non-blocking BIO regions and leaving SSL_accept(), SSL_connect(),
SSL_shutdown(), accept(), socket(), bind(), listen(), connect(),
shutdown(), close(), SSL_CTX_new(meth), SSL_new(ctx),
SSL_CTX_free(ctx), etc. in the blocking BIO
Darryl Miles wrote:
David Schwartz wrote:
I don't get it.
DS
Ah, finally something concrete.
Hey thats ok; sit back and relax. I'm sure a patch is on its way.
God I hope so.. I'm right in the middle of trying to get this
non-blocking stuff to work consistently (with a
David Schwartz wrote:
God I hope so.. I'm right in the middle of trying to get this
non-blocking stuff to work consistently (with a timeline fast
approachingarg!) and I can't tell if it's something I am doing wrong
and what exactly that is. Too many variables to be easy.
If you
I'm watching this thread with great interest as I have not figured out
the correct way to handling OpenSSL with non-blocking sockets which are
a requirement in my case.
Can anyone expand on the correct way to handle OpenSSL over non-blocking
sockets please?
I haven't been able to find any
Please help me understand what's going on.
I've successfully used OpenSSL (latest released version - 0.9.7f) to
communicate with a https:// site. (See my pseudo-code at the bottom of
this message.) However, nowhere in my code is a public key for the
https:// site specified.
But, when I look at
Mohamed:
Add an extra NULL parameter to the end of the arguments in each of these
two functions in the loadkeys.h and/or loadkeys.c files.
Joe
//---
Mohamed Nadjar wrote:
I am a new user of openssl and I try to understand how it works by
looking at the demos!
But I have the
I am trying to port pieces of OpenSSL to NetWare.
I have been able to compile and link a program with the following
function OK.
RSA_private_decrypt(pubKeySize, input, buf_dec, privKey-pkey.rsa,
RSA_PKCS1_PADDING);
However, I would like alternative functions to
ERR_load_crypto_strings();
38 matches
Mail list logo
