On Thu, Mar 25, 2010 at 06:16:22PM +0100, Gregory BELLIER wrote:
> However, I didn't ask if new code was necessary in Postfix so it can be
> aware of a new cipher. As you said, it's automatical. I asked if, in your
> opinion, it would be necessary to build postfix (as is) against a new
> OpenSS
Victor Duchovni a e'crit:
On Thu, Mar 25, 2010 at 10:31:40AM +0100, Gregory BELLIER wrote:
At this point, you really need to step back, take a deep breath, and
use OpenSSL as-is.
As I said, it's to learn. If I do nothing then it's pointless.
No need to change the OpenSSL
On Thu, Mar 25, 2010 at 10:31:40AM +0100, Gregory BELLIER wrote:
>> At this point, you really need to step back, take a deep breath, and
>> use OpenSSL as-is.
>>
> As I said, it's to learn. If I do nothing then it's pointless.
No need to change the OpenSSL APIs to discover how Postfix handles
Gregory BELLIER:
> > At this point, you really need to step back, take a deep breath, and
> > use OpenSSL as-is.
> >
> As I said, it's to learn. If I do nothing then it's pointless.
>
> What I ask is not your point on if it's relevant to do it or not because
> we all know it's not.
With inten
mouss a écrit :
$ ldd /usr/local/libexec/postfix/smtpd
/usr/local/libexec/postfix/smtpd:
...
libssl.so.7 => /usr/local/lib/libssl.so.7 (0x2810a000)
libcrypto.so.7 => /usr/local/lib/libcrypto.so.7 (0x2815)
...
if you rebuild openssl but provide the same ABI, then it's ok. If
Victor Duchovni a écrit :
On Wed, Mar 24, 2010 at 11:09:44AM +0100, Gregory BELLIER wrote:
if I copy an existing cipher in OpenSSL and rename it, it will act as if it
is a new cipher.
On the wire SSL ciphers have numeric ids, not names. If you "rename"
a cipher, it just changes how
On Wed, Mar 24, 2010 at 11:09:44AM +0100, Gregory BELLIER wrote:
> if I copy an existing cipher in OpenSSL and rename it, it will act as if it
> is a new cipher.
On the wire SSL ciphers have numeric ids, not names. If you "rename"
a cipher, it just changes how it is displayed in logs. Renaming c
Gregory BELLIER a écrit :
> Hi.
>
> if I copy an existing cipher in OpenSSL and rename it, it will act as if
> it is a new cipher.
>
> Would I need to build postfix against this new OpenSSL to be able to use
> the new cipher? I think it's not required but I have a doubt.
> How does the TLS negoci
Hi.
if I copy an existing cipher in OpenSSL and rename it, it will act as if
it is a new cipher.
Would I need to build postfix against this new OpenSSL to be able to use
the new cipher? I think it's not required but I have a doubt.
How does the TLS negociation work ? I guess it is done by Pos