Hello!
On Mon, Jan 06, 2014 at 12:35:46PM -0500, linuxr00lz2013 wrote:
> Hello thank you for your reply!
>
> 1) I have shown you the real configuration and logs. All I changed was the
> FQDN's because I dont know if I am allowed by my company to post them
> online.
The problem is that it makes
Hi,
> It does not look like 1.0.1f changed the default behavior of
> ENGINE_rdrand (coderman's been following it).
Yes it did, rdrand is no longer enabled by default. Here [1] is
the backport in the OpenSSL_1_0_1-stable head [2].
At least Debian [3] and Ubuntu backported this as well.
Regard
On 6 January 2014 20:34, justink101 wrote:
> Consistently slow DNS lookups from
> nginx
I *really* don't think you've demonstrated anything that points to
that conclusion. Do some tcpdump'ing. Show the data. Show your
working. ;-)
J
___
nginx mailing
On 06/01/14 20:40, Jeffrey Walton wrote:
There's also an Apple SecureTransport bug workaround. Apple's
SecrureTransport does not properly negotiate ECDHE-ECDSA cipher
suites. It affects Mac OS X and could affect iOS. It might be prudent
to add SSL_OP_SAFARI_ECDHE_ECDSA_BUG by default.
http://www
OpenSSL 1.0.1f was released today. It might be a good time to rebuild
all the versions of nginx using static versions of OpenSSL.
There are three CVE remediations included in the release:
CVE-2013-4353, CVE-2013-6449, CVE-2013-6450.
http://www.openssl.org/news/openssl-1.0.1-notes.html.
It does no
Anybody have any further insight on this? Consistently slow DNS lookups from
nginx, even though dig shows fast query times.
Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,246001,246070#msg-246070
___
nginx mailing list
nginx@nginx.org
http://
Hello!
On Sat, Jan 4, 2014 at 11:59 PM, Jeffrey Walton wrote:
> I've been studying agentzh's encrypted session module from
> https://github.com/agentzh/encrypted-session-nginx-module/tree/master/src.
>
Thank you for checking it out! :)
>
> The problem I am having is: I cannot tell how this is pl
Hello!
On Thu, Jan 2, 2014 at 12:54 PM, theotow wrote:
>
> Any Ideas if this is possible with the limit_rate of the http core module
> and lua?
>
You can use ngx_lua alone to do this.
> If it would be possible to make 2 zone dicts where the ips of the the slow
> and fast connections are in. And
Hello thank you for your reply!
1) I have shown you the real configuration and logs. All I changed was the
FQDN's because I dont know if I am allowed by my company to post them
online.
2) Which tests do you recommend I run using telnet and curl? I am not too
familiar with using curl so any guida
nobody an idea?
Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,245957,246064#msg-246064
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Hello!
On Mon, Jan 06, 2014 at 02:56:23PM +1100, Nick Jenkin wrote:
> Hi
>
> In Centos 6.5 (and RHEL 6.5) the ECDH ciphers were enabled.
> There appears to be an issue with the nginx.org 1.5.8 Centos
> binaries still not having support for ECDHE despite having
> updated openssl 1.01e with ell
On Mon, Jan 6, 2014 at 5:10 AM, Nick Jenkin wrote:
> RHEL used 1.0.0 in 6.4, however in 6.5 it was updated to OpenSSL 1.0.1e-fips
> 11 Feb 2013
> See:
> https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html-single/6.5_Release_Notes/
>
> Like I said, if I compile ngin
RHEL used 1.0.0 in 6.4, however in 6.5 it was updated to OpenSSL 1.0.1e-fips 11
Feb 2013
See:
https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html-single/6.5_Release_Notes/
Like I said, if I compile nginx myself it ECDH works fine. It’s the nginx.org
binaries that
On Sun, Jan 5, 2014 at 10:56 PM, Nick Jenkin wrote:
> Hi
>
> In Centos 6.5 (and RHEL 6.5) the ECDH ciphers were enabled. There appears to
> be an issue with the nginx.org 1.5.8 Centos binaries still not having support
> for ECDHE despite having updated openssl 1.01e with elliptic curves.
>
> If
14 matches
Mail list logo
