Re: SHA256 support in TLS ciphers

2007-02-16 Thread Matthew Hunt
jimmy said: > i think he was talking about ssl ciphers, these are different from those > in libcrypto. SSL ciphers go like SSL3_CK_RSA_RC4_128_SHA. So he > probably meant whether openssl has support for SHA2 in the hash part of > ssl ciphers. > > i haven't seen sha2 in any of the snapshots. maybe

[openssl.org #1490] [BUG] [PATCH] unintialized enc_read_ctx/enc_write_ctx on error

2007-02-16 Thread Nils Larsch via RT
patch applied. Thanks ! Nils __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL

Re: STARTTLS patch for imap and ftp

2007-02-16 Thread Kees Cook
On Fri, Feb 16, 2007 at 07:12:50PM +0100, Richard Levitte - VMS Whacker wrote: > Yes. Done. Thank you, and sorry you had to wait 3 years for this to > happen. Great! Thank you. :) -- Kees Cook@outflux.net ___

Re: STARTTLS patch for imap and ftp

2007-02-16 Thread Richard Levitte - VMS Whacker
In message <[EMAIL PROTECTED]> on Thu, 15 Feb 2007 10:34:23 -0800, Kees Cook <[EMAIL PROTECTED]> said: kees> 3 years ago, I wrote a patch[1] (and did the TSU[2]) for adding kees> these features to s_client. Can this please be applied to CVS? Yes. Done. Thank you, and sorry you had to wait 3 y

STARTTLS patch for imap and ftp

2007-02-16 Thread Kees Cook
Hello! 3 years ago, I wrote a patch[1] (and did the TSU[2]) for adding these features to s_client. Can this please be applied to CVS? I've seen other people on the mailing list asking for it[3], including fixes for HELO[4]. This is a pretty trivial patch, and would help a lot of people. I h

Weird OpenSSL behaviour on connecting to W2k3-LDAPS [LONG]

2007-02-16 Thread Christian Marg
Hello, Since noone on the openssl-users list could help, I'm trying this list for help. In http://marc.theaimsgroup.com/?l=openssl-users&m=116111352610602&w=2 Geert Van Muylem reports a similar problem but didn't get a response, so I just repost this issue along with my findings. =

Re: X509_dup doesn't work unless validity period is set

2007-02-16 Thread Andrew Brampton
From: "Dr. Stephen Henson" <[EMAIL PROTECTED]> Sent: Friday, February 16, 2007 1:58 AM On Fri, Feb 16, 2007, Andrew Brampton wrote: The validity period is a mandatory field for an X509 object. Without this it isn't a valid certificate. That's why it wont dup. Steve. I understand it isn't a

Re: SHA256 support in TLS ciphers

2007-02-16 Thread jimmy
Brad House wrote: I'm aware that this question has been asked before, but is anyone working on adding SHA256 support to the existing ciphersuites? I'm developing an application that requires these, so I'd appreciate it if anyone could give me an update on when this support will be implemented, o