I encountered this problem implementing app using tls v1.2 method and
specifying SSL_VERIFY_PEER. Openssl function ssl3_get_cert_verify calls
function method-ssl_get_message specifying a max message length of 514 bytes
when in fact it can be longer when using tls 1.2 with peer cert
I encountered this problem implementing app using tls v1.2 method and
specifying SSL_VERIFY_PEER. Openssl function ssl3_get_cert_verify calls
function method-ssl_get_message specifying a max message length of 514 bytes
when in fact it can be longer when using tls 1.2 with peer cert
The introduction of NPN support seems to have broken DTLS.
[12] ./openssl s_server -dtls1
WARNING: can't open config file: /usr/local/ssl/openssl.cnf
Using default temp DH parameters
Using default temp ECDH parameters
ACCEPT
ERROR
2692642180:error:1408C06F:SSL routines:SSL3_GET_FINISHED:bad
Hi
I've compiled a recent SNAP of OpenSSL 1.0.1 (from 18/12). I am pretty sure
that the assembly language code generated for the ghash function (in
ghash-x86.s) is incorrect.
The gcm_init_4bit() function generates a 16-entry table of 128-bit values, to
be used as a multiplication table. The
Current OS: CentOS release 5.5 (Final) (RHEL5_64)
Currentl openssl version: 1.0.0e
Would it be possible to support s_client for starttls connections for ldap?
i.e.
openssl s_client -connect mail.domain.com:389 -starttls ldap
Best Regards,
--
Rick King