,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
__
OpenSSL Project
The manual page about SSL_CTX_set_client_cert_cb was simply wrong.
What in hell did I smoke when writing it? Or was it simply too late
at night??
Anyway, I have just checked in a new version:
If a certificate was already set, the client_cert_cb will never be
called. Once it is called and
As already pointed out in additional emails in openssl-dev:
* the change will stay in place, thus NID_x500UniqueIdentifier
will be the macro to use starting with OpenSSL 0.9.7
* I have not activated the original meaning of uniqueIdentifier and
it will not be done before 0.9.8 in order to
[[EMAIL PROTECTED] - Tue Jun 11 09:11:38 2002]:
I believe that this last parameter needs to be of type size_t.
The problem is not solved by changing the calls to SSL_read() and
SSL_write(). These functions call internal functions which again call
other internal functions and so on. All of
[[EMAIL PROTECTED] - Tue Jun 4 19:09:40 2002]:
cc -o openssl -DMONOLITH -I../include -fPIC -DTHREADS -D_REENTRANT -O3
-D_DARWIN -DB_ENDIAN openssl.o verify.o asn1pars.o req.o dgst.o dh.o
dhparam.o enc.o passwd.o gendh.o errstr.o ca.o pkcs7.o crl2p7.o crl.o
rsa.o rsautl.o dsa.o dsaparam.o
Sorry, my explanation went into the wrong bucket :-(
Here again:
I have tried to access the host (and the specific URL) mentioned with
the openssl s_client command line tool. I could not see anything
strange. After the data (how useful is it?) is transferred, the client
sends a close notify
the new one over
the current one?
Ome more thing... Will the openSSL.tar.gz file install its components in
the same place that RedHat 7.3 installed by default?
Thanks for your time...
Best,
FTM
- End forwarded message -
--
Lutz Jaenicke [EMAIL PROTECTED
10.20, so I am not familiar with the latest 64bit issues).
It however seems, that nowhere any 64bit command line option is used.
Doesn't this mean, that 32bit code is generated? For hpux64-parisc-cc
the +DD64 flag is required.
Best regards,
Lutz
--
Lutz Jaenicke
out itself? Please have a look
into config and search for GCC_ARCH to see what I mean.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044
of days. In GCC 3.1 gcc --version
doesn't work the same way so I will looking at gcc -v | egrep ^gcc
version
to do the same job.
Please load down a current snapshot. GCC-3.1 support for --version should
be added.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL
.
* I am afraid to break things beyond NID_uniqueIdentifier in 0.9.7. (Due to
the alias for CCITT nothing should happen, though).
Opinions?
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
__
OpenSSL Project
The change introduced in OpenSSL 0.9.6d to prevent attacks on CBC
ciphers with known IVs seems to break compatibility.
Several discussions on the list and discussions I had in private email
indicate, that compatibility problems arise from this change. It should
be discussed, whether there is
this time. Also, ran ms\test.bat and it passed all the
tests.
Is this the right fix though ?
Yes,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
Thanks, the new OID has been added for 0.9.7 and later.
Best regards,
Lutz
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
[[EMAIL PROTECTED] - Thu Jun 6 08:55:05 2002]:
On Wed, Jun 05, 2002 at 03:10:58PM +0200, Lutz Jaenicke via RT wrote:
[[EMAIL PROTECTED] - Wed Jun 5 14:48:52 2002]:
ck_ssl.c: In function k_tn_tls_negotiate':
ck_ssl.c:3232: ID_uniqueIdentifier' undeclared (first use
On Thu, Jun 06, 2002 at 11:27:11AM +0300, Mike Pechkin wrote:
On Thu, Jun 06, 2002 at 09:46:28AM +0200, Lutz Jaenicke via RT wrote:
For instance, mod_ssl 2.8.8-1.3.24 use workaround:
#ifndef NID_uniqueIdentifier
#define NID_uniqueIdentifier 102
#endif
I don't like
On Wed, Jun 05, 2002 at 03:15:18PM +0200, Lutz Jaenicke wrote:
On Wed, Jun 05, 2002 at 02:47:24PM +0200, Bodo Moeller wrote:
On Wed, Jun 05, 2002 at 09:01:53AM +0200, [EMAIL PROTECTED] wrote:
Log:
The correct PERL interpreter is passed via commandline.
RCS file: /e/openssl
On Thu, Jun 06, 2002 at 12:39:50PM +0300, Mike Pechkin wrote:
On Thu, Jun 06, 2002 at 09:46:28AM +0200, Lutz Jaenicke via RT wrote:
Also, markus@ created this temp patch:
+@@ -102,6 +104,13 @@
+ !ERROR This module requires OpenSSL 0.9.5a or higher
+ #endif
On Thu, Jun 06, 2002 at 11:29:13AM +0200, Richard Levitte - VMS Whacker wrote:
In message [EMAIL PROTECTED] on Thu, 6 Jun 2002
11:17:18 +0200, Lutz Jaenicke [EMAIL PROTECTED] said:
Lutz.Jaenicke The correct solution would therefore be, to pass all
Lutz.Jaenicke options back from withing
to gcc-2.95.x.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
On Sun, Jun 02, 2002, Lutz Jaenicke wrote:
The first beta release of OpenSSL 0.9.7 is now available from the
OpenSSL FTP site URL: ftp://ftp.openssl.org/source/. Quite a lot
of code changed between the 0.9.6 release and the 0.9.7 release, so
a series of 3 or 4 beta releases is planned before
also be correct, thus sstrsep() should be used.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
/TLS: add draft AES ciphersuites (disabled unless explicitly requested).
--
Lutz Jaenicke [EMAIL PROTECTED]
OpenSSL Project http://www.openssl.org/~jaenicke/
__
OpenSSL Project http
into it, all
key-generation routines require random numbers. Did you seed the
PRNG?
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
pod2man.pl in case the system does not have
however seems to be reasonable for me.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
On Mon, May 27, 2002 at 09:41:49PM +, [EMAIL PROTECTED] wrote:
The documentation file
doc/apps/smime.pod
contains the '-in file' option twice in the SYNOPSIS section.
...
Thanks, fixed.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http
Obviously in enginetest.c the strdup() - BUF_strdup() migration was
forgotten.
I'll assign this to Richard, who takes care of the 0.9.6-engine branch.
Best regards,
Lutz
__
OpenSSL Project
You may want to look into the details of the certificate and make sure,
that
the required trust settings are activated. It is not enough to simply
have the
certificate, but you also have to trust it.
If this doesn't help, please ask this question on the openssl-users
list.
Best regards,
with respect to our license :-)
Hope this helps,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
for this
question.
I don't know a better forum than that.
I am not aware of a formal security evaluation
that has been proformed in the past.
At least I have not seen any results of one.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU
Thanks, ticket closed,
Lutz
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager
Thanks, I have fixed it in the repository.
Best regards,
Lutz
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List
comfortable with
computer and internet resources.
As the system is not yet fully operational, I consider it good enough to
send a semi-offical announcement for now. The system will have its test
during the upcoming 0.9.7 beta phase :-)
Best regards,
Lutz
--
Lutz Jaenicke
Thanks, I have fixed the problem.
I have found the missing =over 4 directly before the =back.
Best regards,
Lutz
__
OpenSSL Project http://www.openssl.org
Development Mailing List
Correspondence
so that new entries are no longer forwarded to the list.
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
[[EMAIL PROTECTED] - Wed May 15 13:25:14 2002]:
Hi!
i use Your project in my Client-Server project.
For example, my Server calls BIO functions to use opened socket
for handshaking , after that init_ssl_connection and everything works
fine.
But what will happen if i'll try to use client
On Tue, May 14, 2002 at 12:42:33PM +0200, [EMAIL PROTECTED] via RT wrote:
[SPAM deleted]
Additional Anit-SPAM measures have been applied.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus
the
patch for openssl-engine-0.9.6d, installation instructions and manual at
this URL:
http://glozik-zoltan.int.eu.org/tsa/
Added to the list of applications.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU
, that the -DFILIO_H should be
removed from the sco5-gcc-shared entry in Configure. In this shared
library build script, you however do leave it in. Shouldn't it also
be removed here?
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU
Thanks. I have added a corresponding entry into config.
Please check out a new snapshot for correct behaviour.
Best regards,
Lutz
__
OpenSSL Project http://www.openssl.org
Development
that come with OpenSSL are in POD format. Only
during installation, they are converted to manual pages using the
util/pod2man.pl script.
Did you install OpenSSL from source? (In which case we would have to
check pod2man for problems...)
Best regards,
Lutz
--
Lutz Jaenicke
[[EMAIL PROTECTED] - Sun May 12 22:48:56 2002]:
JFYI, when updating our package from 0.9.6c to 0.9.6d I've noticed
that the new shared libcrypto library doesn't work anymore. The
openssl(1) binary wouldn't recognize any of the block ciphers. I
tracked this down to the addition of
[[EMAIL PROTECTED] - Thu May 9 22:13:32 2002]:
I am trying to compile on a 64 bit Suse sles7 powerpc system.
the error message indicates
-m486
is an invalid compiler parameter. Anyone know the parameters I need to
give
./config to
get it to work for 64 bit Suse on a powerpc
I have added the missing ; for 0.9.7-dev and -dev.
We had no reports for 0.9.6d-beta1, even though the problem seems
to be in it, too. I however don't want to break that version
just minutes before it is released.
Best regards,
Lutz
regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
__
OpenSSL Project
On Sat, May 04, 2002 at 12:37:33AM +0200, Axel H. Siebenwirth wrote:
On Fri, 03 May 2002, Lutz Jaenicke wrote:
This definitely is a problem with your build tools. You seem to be
using gnu-ld (from binutils!?) and it is failing.
GNU ld 2.11.90.0.29
Copyright 2001 Free Software Foundation
a statement.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
gnu-ld (from binutils!?) and it is failing.
If it?s really gcc 3.1 that?s causing the problem, can someone tell me if it
might work with 3.0.x?
We did not have reports about failures using gcc-3.0.x.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http
[[EMAIL PROTECTED] - Wed May 1 12:20:35 2002]:
! echo #define DATE \`date`\; \
! echo #define DATE \`LC_TIME=C date`\; \
Is anybody aware of a platform on which this would cause trouble?
Best regards,
Lutz
0.9.7 version of OpenSSL.
AES is integrated into it. Just do it the same way we did it.
Hmm, or even just stop wasting your time, because it is already in there :-)
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU
might
be missing when integrating a new cipher.
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
__
OpenSSL Project
[3] == '='))
- ))) ||
+ ))*/) ||
(*s == '\0'))
#else
if (((*s == '/')
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE
. This is far more
difficult for applications externally calling OpenSSL's command line
tools...
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
__
OpenSSL Project
are aware that there are
problems with BIGNUM on 64bit.
What do we need: detailed information on platform, compiler, etc.
What do we need more: somebody having this platform being willing to
spend time in tracking the problem down!!!
Best regards,
Lutz
--
Lutz Jaenicke
-mips3-cc :-)
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
it to
be compatible with an OpenSSL generated PKCS#12 file.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
is used for the Friendly Name. It is the name that
is e.g. used in Netscape when it comes to list certificates.
-name Lutz Jaenicke (My CA)
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine
, as the macro is not used anywhere in OpenSSL.
As it is part of the public interface, I will fix the macro and not
just simply remove it :-)
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine
ssl_digest_methods() via load_ciphers(). ssl_create_cipher_list() is
called from SSL_CTX_new() (in 0.9.7 and I would suspect in older versions,
too), so that I don't see why it should make a difference with respect
to dll setup...
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL
(at least from the development point of view),
we won't make any modification to 0.9.6d any longer, except for vital
bugfixes as long as beta is open.
All of our efforts will now go into getting 0.9.7 out of the door.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL
a look into the EVP layer and how to add your
new cipher to the lists (follow OpenSSL_add_all_algorithms()).
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
.
It's definitely not a must have but I thought it would be helpful
for others to reproduce a Cygwin release version...
Thanks, added to 0.9.6d, 0.9.7, and -dev.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke
updated in a
while. Thanks for the reminder. I am now at 1.3.10.
Does it work now without your patches?
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044
message -
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
at least version 0.9.6 of openssl, please give
the new versions a try.
We have just released 0.9.6d beta1.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
to revert to the
old behavior.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
but better send it as
attachement. In your mail the TAB was transfored to SPACEs, so that
the patch utility could not apply it.
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D
support for this kind of platform is
needed.
Thanks, fixed. The debug-linux-pentium was missing (-pentiumpro and -k6
where there).
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine
my advice.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
Announcement of OpenSSL 0.9.6d and 0.9.7 Release Plan and Schedule
==
The OpenSSL developers team is pleased to announce the upcoming
release of OpenSSL 0.9.7. OpenSSL 0.9.7 contains several changes
and enhancements in many fields;
regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
__
OpenSSL Project
this means :-)
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
provides better mechanisms for moving to newer versions.
The option to support the SSLv2 client hello is part of the SSLv23_method().
The TLSv1_method() is pure TLSv1, no SSLv2 client hello.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU
by virii :-)
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
a statement about the situation.
I am not really easy to affect either, since I use a crappy graphical mail client
under Linux; nonetheless, I understand quite a few people on this list may use OE or
similar.
I am afraid that this statement is quite correct :-(
Lutz
--
Lutz Jaenicke
IDENTIFIER ::=
{ mime-mhs-headings 2 }
mime-mhs-bodies OBJECT IDENTIFIER ::= { mime-mhs 2 }
END
I come to the conclusion that I prefer to leave mail for use in the
internet 7 class.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http
On Mon, Apr 15, 2002 at 02:26:06PM +0200, Michael Bell wrote:
Lutz Jaenicke schrieb:
I come to the conclusion that I prefer to leave mail for use in the
internet 7 class.
I have no problem with this but what do you want to with the short name
for an RFC822mailbox? Do you want to ignore
On Mon, Apr 15, 2002 at 02:51:49PM +0200, Michael Bell wrote:
Lutz Jaenicke schrieb:
Please ignore my ignorance, but I just had a second look into RFC1274
and I could not find any reference about mail being a short name
for rfc822Mailbox.
See: RFC 2798 -- 9.1.3 -- 4th attribute
Ok
the old connection is not yet considered closed...
Anyway we would need the output and error messages from the LDAP server.
The ssldump output indicates that a new connection is attempted all the time,
so that there should be no problem with session resumption.
Best regards,
Lutz
--
Lutz
on openssl-users but got no response
at all - either confirming on denying...
Your posting is still in my incoming queue.
Obviously my team mates normally dealing with EVP issues are currently
too busy to take care of it. But it won't be forgotten :-)
Lutz
--
Lutz Jaenicke
not point out in which version the problem occurs.
Does it still occur with recent snapshots?
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044
.
To avoid this problem, we now set s-new_session to 2 instead of
using a local variable.
[Lutz Jaenicke, Bodo Moeller]
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine
at least one of
these properties different.
To be fair: I don't have the time to look around for it, but I would expect
that in some RFC this would also be listed as a requirement :-)
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU
On Wed, Apr 10, 2002 at 12:36:33PM +0200, Michael Bell wrote:
Lutz Jaenicke schrieb:
On Tue, Apr 02, 2002 at 10:07:27PM +0200, Lutz Jaenicke wrote:
On Tue, Apr 02, 2002 at 09:25:00AM +0200, Michael Bell wrote:
after I found the wrong definitions of SN_surname and SN_serialNumber I
On Wed, Apr 10, 2002 at 01:13:05PM +0200, Michael Bell wrote:
Lutz Jaenicke schrieb:
Doen't sound bad. I would say internetMail would fit better into the
usual naming scheme...
I would prefer it too.
Hmm. Just had another look into RFC1700...
Even though it is not yet used
, but discussions you send should be covered by the right
on free speech. If you are going to send patches to be included, it should
however be copied through to your government.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen
:
26747:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
number:s3_pkt.c:290:
That would fit the underlined statement above.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus
environment
variable in the way OpenSSL does it is a comletely normal technique.
There exist ideas to move to autoconf one fine day and integrating
a suitable check for perl might be part of the move, but I think we
should leave things as they are right now.
Best regards,
Lutz
--
Lutz
as mentioned.
Late versions of OpenSSL provide the SSL_OP_TLS_ROLLBACK_BUG that allows the
server to ignore this protocol violation. It is however not enabled by
default.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen
On Tue, Apr 02, 2002 at 10:07:27PM +0200, Lutz Jaenicke wrote:
On Tue, Apr 02, 2002 at 09:25:00AM +0200, Michael Bell wrote:
after I found the wrong definitions of SN_surname and SN_serialNumber I
looked around and find the next problems in crypto/objects/ :
SN_title
...
I am not sure about these ones. Bodo Moeller overviewed these changes, based
on changes submitted by Nils Larsch.
I have copied them through on this email to receive their comments.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
__
OpenSSL Project
this to be a bug) is small
compared to the impact of the incompatibility.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
__
OpenSSL Project
.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
__
OpenSSL
want to say that we are aware
that we cannot handle all thinkable cases of incorrect usage of the API.
We can (and probably will) fix the issue you just pointed out, but I am
sure that you will find much more of these cases, if you start searching :-)
Best regards,
Lutz
--
Lutz Jaenicke
of OpenSSL and should give his statement.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
401 - 500 of 705 matches
Mail list logo