PLEASE HELP. RESULTS OF 'MAKE':
making all in crypto...
make[1]: Entering directory
`/home/www/mojosgear/cgi-bin/openssl-0.9.5a/crypto'
( echo "#ifndef MK1MF_BUILD"; \
echo " /* auto-generated by crypto/Makefile.ssl for crypto/cversion.c
*/"; \
echo " #define CFLAGS
\"gcc -DTHREADS -D_REENTRAN
Paul Keogh <[EMAIL PROTECTED]>:
> There are a number of references to s->s3->tmp.message_type
> throughout the SSL code. I guess its an optimisation mechanism
> but what exactly is its function ?
Some messages are optional in the SSL 3.0/TLS 1.0 handshake. Because
of this, the message type of
BIXBY,MARK (HP-Cupertino,ex1) <[EMAIL PROTECTED]>:
> Does any searchable bug database exist for openssl that is accessible by
> end-users (similar to mod_ssl or apache, for example)?
No.
__
OpenSSL Project
Nicolas Roumiantzeff <[EMAIL PROTECTED]>:
>> There should be some workaround for systems without /dev/urandom !
> I posted a pointer to a to a secure random mechanism which is portable and
> does not rely on the user input and because of the continuous number of
> complaints on the subject, I am
Amit Chopra <[EMAIL PROTECTED]> in ulf.openssl.dev:
> Has anybody got acces violations when doin SSL_read. I come across
> them pretty regularly, but they are difficult to debug because they
> happen randomly when servicing hundreds of connections.
In a multi-threaded server? Then check if
Bradley Beck Asztalos <[EMAIL PROTECTED]>:
> pgold wrote: [...]
> s_client.c is what you want, [...] There is probably no better
> place to look for this information than those apps.
Looking at ssltest.c is also recommended. Because client and server
are in the same program, it's different fr
Douglas Lee <[EMAIL PROTECTED]>:
> It seems that if I set the underlying socket to be non-blocking, then the
> SSL wrapper is also non-blocking. However it seems that SSL_get_error()
> exhibits strange behaviour to me. It alternately returns SSL_ERROR_NONE
> and SSL_ERROR_SYSCALL even when ther
Matti Aarnio <[EMAIL PROTECTED]>:
> [...] if the ZMailer smtpserver is deoptimized so that each reply will
> always be sent as its own TLS write (same as CommuniGate Pro does), then
> things will break when read-ahead is set at the connecting smtp client.
[...]
> First with READ-AHE
On Wed, 12 Apr 2000, Richard Levitte - VMS Whacker wrote:
> djm> This violates the "principle of least suprise". The -rand parameter
> djm> should either stop reading after a sufficient number of bytes or be
> djm> properly documented in gendsa.1.
>
> Hmm, define "sufficient". In OpenSSL, it's
djm> Another bug in gendsa.1:
djm>
djm>-rand file(s)
djm>a file or files containing random data used to seed
djm>the random number generator, or an EGD socket (see
djm>RAND_egd(3)). Multiple files can be specified
djm>separated by a OS-depe
Peter.Seiderer> I have a little problem with the function
Peter.Seiderer> 'RSA_public_encrypt(..)'. From the documentation:
Peter.Seiderer>
Peter.Seiderer> int RSA_public_encrypt(int flen, unsigned char *from,
Peter.Seiderer>unsigned char *to, RSA *rsa, int padding);
Peter.Seiderer>
djm> This violates the "principle of least suprise". The -rand parameter
djm> should either stop reading after a sufficient number of bytes or be
djm> properly documented in gendsa.1.
Hmm, define "sufficient". In OpenSSL, it's "whatever the user wants
to throw at me, I'll eat until it stops".
Hello,
I have a little problem with the function 'RSA_public_encrypt(..)'.
>From the documentation:
int RSA_public_encrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
flen must be less than RSA_size(rsa) - 11 for the PKCS #1
v1.5 based padd
OpenSSL 0.9.5a:
I was suprised to find
openssl gendsa -out /etc/ssh_dsa_key dsa1024.pem -rand /tmp/urandom
hanging. On stracing it appeared to be endlessly reading from
/dev/urandom.
This violates the "principle of least suprise". The -rand parameter
should either stop reading after a suffi
Greetings.
There is a structure in openssl, named EVP_MD_CTX.
Unfortunately, it is not handled the same way all other structures are -
it's usually not allocated dynamicaly, and there's no
EVP_MD_CTX_new and EVP_MD_CTX_free functions;
That was probably ok with most people, because they
didn't h
15 matches
Mail list logo
