Hi,
I was able to get DTLS work with the latest version of openssl with a
single client and server. However, I was unable to get it to work with
multiple clients. The first client completes the handshake and works well.
But however the function DTLSv1_listen returns 1 immediately even for an
Thanks for the response - yes, I do understand I'm re-purposing this mechanism
in a creative way. At this time, it's just for experimental purposes.
On 4/3/18, 5:34 PM, "Viktor Dukhovni" wrote:
> On Apr 3, 2018, at 11:00 AM, Henderson, Karl via openssl-users
I am trying to decrypt TLS 1.2 records that is using the
TLS_AES_128_GCM_SHA256 cipher-suite using openssl's EVP API.
Per RFC 5246, decryption needs 4 inputs.
"
In order to decrypt and verify, the cipher takes as input the key,
nonce, the "additional_data", and the AEADEncrypted value.
Compiled OpenSSL on AIX 7.1.5.2 using gcc, I used the same Configuration
options that I have been using for 5 years:
Configure aix-gcc zlib fips shared
When running make test, I am getting the following:
test_bad_dtls
../util/shlib_wrap.sh .bad_dtls_test
test_fatalerr
Honeywell Internal
Your answer #1 below presumes that RSA_new_method() is called AFTER
RSA_set_method(). Is that a valid presumption? How is that documented as a
requirement?
When the flag is set in a call to RSA_set_method() after a call to RSA_new(),
the flag gets ignored with the current
On 04/04/18 16:38, Jerry L wrote:
> Compiled OpenSSL on AIX 7.1.5.2 using gcc, I used the same Configuration
> options that I have been using for 5 years:
>
> Configure aix-gcc zlib fips shared
>
> When running make test, I am getting the following:
>
> test_bad_dtls
>
>
You need to change your server config (however it is done), so that it gets
@SECLEVEL=0 into the cipher string. See the ciphers manpage for description of
security levels.
You can also edit openssl source and rebuild/relink, but that shouldn’t be
necessary.
--
openssl-users mailing list
To
Hi everyone,
I'm upgrading a server application from using OpenSSL 1.0.2n to using
OpenSSL 1.1.0g.
I noticed that after the upgrade, some SSL certs get rejected because they
use an MD5 digest, with the error:
"SSL_CTX_use_certificate:ca md too weak"
While I could ask clients to get a better CA
Gesendet von Mail für Windows 10
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Gesendet von Mail für Windows 10
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
10 matches
Mail list logo