On Mon, Jun 15, 2009 at 5:46 AM, Phil Pennockopenssl-...@spodhuis.org wrote:
When RFC 5246 came out, specifying TLS 1.2 and having all mandated
cipher suites use SHA-256, we assumed that to aid the transition OpenSSL
would add EVL_sha256() to the list of digests initialised in
Hi all,
I was trying curl/libcurl compiled against OpenSSL 0.9.9.
I noticed a very strange behaviour that I was able to workaround with a
couple of sleep().
Curl fails to connect with:
curl: (52) SSL read: error:140943F2:SSL routines:SSL3_READ_BYTES:sslv3
alert unexpected message, errno 11
The
On Mon, Jun 15, 2009, Emanuele Cesena wrote:
Hi all,
I was trying curl/libcurl compiled against OpenSSL 0.9.9.
I noticed a very strange behaviour that I was able to workaround with a
couple of sleep().
Curl fails to connect with:
curl: (52) SSL read: error:140943F2:SSL
On Mon, 2009-06-15 at 14:30 +0200, Dr. Stephen Henson wrote:
I was trying curl/libcurl compiled against OpenSSL 0.9.9.
I noticed a very strange behaviour that I was able to workaround with a
couple of sleep().
Curl fails to connect with:
curl: (52) SSL read: error:140943F2:SSL
Hi Stephen,
I can't see how anything could cause an issue with 85 CAs. The attached
descriptions imply it might be a mod_ssl issue (not reproducible with
s_server).
There is a bit more information now in our ticket:
https://savannah.cern.ch/bugs/?48458
Romain Wartel wrote:
So 4
Hi Stephen,
I can't see how anything could cause an issue with 85 CAs. The attached
descriptions imply it might be a mod_ssl issue (not reproducible with
s_server).
There is a bit more information now in our ticket:
https://savannah.cern.ch/bugs/?48458
Romain Wartel wrote:
So 4
Hi Kyle,
My OpenSSL installation has been on my machine a while and I'm not sure that
it's my installation
that's at fault. This, https://launchpad.net/pyopenssl , has already built
and run successfully
again my installation. Python interface for OpenSSL. I'm guessing that the
test code I
On 2009-06-15 at 11:02 +0200, Bodo Moeller wrote:
On Mon, Jun 15, 2009 at 5:46 AM, Phil Pennockopenssl-...@spodhuis.org wrote:
When RFC 5246 came out, specifying TLS 1.2 and having all mandated
cipher suites use SHA-256, we assumed that to aid the transition OpenSSL
would add EVL_sha256()
Phil Pennock wrote:
The approach of the Exim MTA to cryptography is simple -- don't
second-guess the SSL library developers when it comes to choosing which
algorithms/digests/etc to load, and provide a knob
(tls_require_ciphers) for administrators to restrict what can be
loaded. The MTA
Maarten Litmaath wrote:
Hi Stephen,
I can't see how anything could cause an issue with 85 CAs. The attached
descriptions imply it might be a mod_ssl issue (not reproducible with
s_server).
There is a bit more information now in our ticket:
https://savannah.cern.ch/bugs/?48458
Romain
Maarten Litmaath wrote:
Hi Stephen,
I can't see how anything could cause an issue with 85 CAs. The attached
descriptions imply it might be a mod_ssl issue (not reproducible with
s_server).
There is a bit more information now in our ticket:
https://savannah.cern.ch/bugs/?48458
On 2009-06-15 at 14:17 -0700, David Schwartz wrote:
Phil Pennock wrote:
The approach of the Exim MTA to cryptography is simple -- don't
second-guess the SSL library developers when it comes to choosing which
algorithms/digests/etc to load, and provide a knob
(tls_require_ciphers) for
Hi Roumen,
it hangs the same , remove a few cas and it works.
# rpm -q httpd mod_ssl openssl fedora-release
httpd-2.2.11-8.x86_64
mod_ssl-2.2.11-8.x86_64
openssl-0.9.8k-4.fc11.x86_64
fedora-release-11-1.noarch
[...]
May be problem is in 64-bit OpenSSL (fedora?)
Phil Pennock wrote:
That just won't work. Cryptography is not a drop in a library
and mark a
checkbox on your product thing. It has to be properly integrated in an
application with decisions made as to what the application
actually needs,
what threat models it faces, and so on.
Hi,
Roumen Petrov schrieb:
In the past we can download a file with CA certificates (
ca-bundle.crt.tar.gz ) from mod_ssl site. Now file is removed but it
contain more then 90 certificates (PEM format concatenated together).
many use the Perl script I've hacked for cURL to create a
These scripts pull the latest version of the Mozilla-approved CAs.
OpenSSL is not in the business of making CA certificates available,
but having the ability to do this in the stock package might be very
good for the users. (Make sure that such a tool warns the user that
the CA certificates are
Hi openssl-devs,
Just wanted to query the best openssl version for basing patches on.
I have a number of patches relating to the ocf-linux project and other
embedded linux work that I'd like to post for review and/or inclusion.
I am currently based on 0.9.8k, but 1.0.0 beta or a snapshot is
17 matches
Mail list logo