Deva Seetharam wrote:
>
> Hi
> I am trying to use
> Kx=DH Au=DH Enc=3Des Md=SHA1.
>
> For a DOMESTIC(USA) application,we are trying
> to use DH for both key exchange and authentication,
> 3Des for cipher and SHA1 for message digests.
>
> So, I tried this:
> openssl ciphers -v
> "!RSA:!EXP:!aRS
Hi
I am trying to use
Kx=DH Au=DH Enc=3Des Md=SHA1.
For a DOMESTIC(USA) application,we are trying
to use DH for both key exchange and authentication,
3Des for cipher and SHA1 for message digests.
So, I tried this:
openssl ciphers -v
"!RSA:!EXP:!aRSA:!aNULL:kEDH:aDH:3DES:SHA1"
and I get the ou
On Wed, Dec 29, 1999 at 10:37:24AM -0500, Jeffrey Altman wrote:
>> Probably ADH ciphers should be automatically excluded if
>> SSL_VERIFY_PEER is set. SSL_VERIFY_PEER usually means that the
>> application *wants* the handshake to fail unless the peer can be
>> authenticated; they should never se
> Probably ADH ciphers should be automatically excluded if
> SSL_VERIFY_PEER is set. SSL_VERIFY_PEER usually means that the
> application *wants* the handshake to fail unless the peer can be
> authenticated; they should never set SSL_VERIFY_PEER if they
> want anonymous ciphers.
Not true. SSL_
Mixmaster wrote:
>
> Ben Laurie wrote:
> > > rene.eberhard> It't also easy to use C++ objects in a C code.
> > >
> > > Oh? How so? Is that portable?
> >
> > Yes. But boring...
> >
> > extern "C" {
> >
> > void *newThing()
> > {
> > return new Thing;
> > }
>
> That's how to us
Bodo wrote:
> I am willing to add such functions (or I wouldn't have proposed to use
> the Finished message in the first place) and don't recall anyone
> stating that it violates the, ahem, design of the library. This also
> provides an opportunity to clean up the pertinent library internals
> so
Peter 'Luna' Runestig <[EMAIL PROTECTED]>:
> Problem:
>
> If the negotiated cipher is ADH (ie, the SSL_aNULL flag is set) and if
> the verify mode is SSL_VERIFY_PEER, the server will send a certificate
> request to the client. The receipt of this request by the client is
> considered a fatal pr
Kyle R. Rose <[EMAIL PROTECTED]>:
> In the course of using OpenSSL for a client application, I would
> regularly get a SEGV in the client session caching code under high
> load. After some examination, I traced it to SSL_CTX_add_session,
> where two data structures (a hash and a list) are not be
Adrian Peck wrote:
>
> Having found that the Microsoft SGC extensions to SSL were not implemented
> in openssl-0.9.4, I made some changes myself. However as you can see the
> changes are very hacky due to my wish to keep the changes as simple as
> possible.
>
> The basic problem is that IE4 or 5
Jeffrey Altman <[EMAIL PROTECTED]>:
>> Without some alternative mode of server authentication, of course,
>> Anon DH remains a pretty scary proposition -- all the more so because it
>> implies a level of trustworthiness that it can not provide.
> In the telnet protocol we would like to u
> I managed yesterday to compile imap 4.7 with OpenSSL 0.9.4
> using a little 'glue' (stdio2ssl.c). I put the glue sources in src/ssl
> and made a link ssl -> src/ssl. Modified just a lillte bit imapd.c
FYI. There is a way without source code modification whatsoever:-) See
http://fy.chalmers.se/~a
Dear Vladimir -
Thank you very much for your contribution. I will make a note of its
existance for my records.
I already wrote a complete OpenSSL/imap-4.7 package (it is called the "SSL
IMAP Patchkit") which provides full client and server SSL/TLS support for
IMAP, POP3, and other protocols. U
openssl lends itself to simple, elegant c++ wrappers... it is "object
oriented" in design.
it's easy enough to write some simple wrapper classes "SSLCtx", "SSLSock",
etc. that encapsulate some basic functionality and add little or no
overhead - depending on the compiler
the overhead here should
Ben Laurie wrote:
> > rene.eberhard> It't also easy to use C++ objects in a C code.
> >
> > Oh? How so? Is that portable?
>
> Yes. But boring...
>
> extern "C" {
>
> void *newThing()
> {
> return new Thing;
> }
That's how to use C in C++ code, not C++ in C code.
Feed the a
Hi Mark,
I managed yesterday to compile imap 4.7 with OpenSSL 0.9.4
using a little 'glue' (stdio2ssl.c). I put the glue sources in src/ssl
and made a link ssl -> src/ssl. Modified just a lillte bit imapd.c
To compile imap+SSL go to the 'ssl' directory and perform a make.
I tested it against Ne
15 matches
Mail list logo
