eact on the final
conclusion and make (or not) appropriate adjustments.
I would be most pleased if you would post the necessary information
so that Corinna can comment on it.
Best regards,
Lutz
--
Lutz Jaenicke
a
new challenge to mailing list operators and users.
I cannot comment on the OpenSSL-Announce list. Only the core members
should be allowed to send via this list.
Probably the list should be switched to "moderated" (it currently does
not seem to be moderated, does it?).
Be
ptoAPI.
The -name option is used for the "Friendly Name". It is the name that
is e.g. used in Netscape when it comes to list certificates.
-name "Lutz Jaenicke (My CA)"
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet
elf, so that I would expect it to
be compatible with an OpenSSL generated PKCS#12 file.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Univer
c target.
Have a look into Configure and use another target, e.g. irix-mips3-cc :-)
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine El
gt; gpg signed mail preferredgpg-key: finger [EMAIL PROTECTED]
> 64bit GNU powered http://www.itp.uni-hannover.de/~kreutzm
^^
Is this a 64bit setup?
What was the "Configure" target selected?
Lutz
--
Lutz Jaenicke
P-UX Software Porting and Archive Center.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
__
() :-)
Anyway: ssl_create_cipher_list() is responsible for initializing
ssl_digest_methods() via load_ciphers(). ssl_create_cipher_list() is
called from SSL_CTX_new() (in 0.9.7 and I would suspect in older versions,
too), so that I don't see why it should make a difference with respe
COMP,(f),(r),ERR_file_name,__LINE__)
left unnoted, as the macro is not used anywhere in OpenSSL.
As it is part of the public interface, I will fix the macro and not
just simply remove it :-)
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/p
stalled on my machine. I hadn't updated in a
> while. Thanks for the reminder. I am now at 1.3.10.
Does it work now without your patches?
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elekt
the Cygwin net
> distribution.
>
> It's definitely not a "must have" but I thought it would be helpful
> for others to reproduce a Cygwin release version...
Thanks, added to 0.9.6d, 0.9.7, and -dev.
Best regards,
Lutz
--
Lutz Jaenicke
on into the TLS/SSL layer.
In parallel have a look into the EVP layer and how to add your
new cipher to the lists (follow OpenSSL_add_all_algorithms()).
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottb
rted to the 0.9.6 tree.
0.9.6 is dead and gone (at least from the development point of view),
we won't make any modification to 0.9.6d any longer, except for vital
bugfixes as long as beta is open.
All of our efforts will now go into getting 0.9.7 out of the door.
l list):
Latest OpenSSH requires at least version 0.9.6 of openssl, please give
the new versions a try.
We have just released 0.9.6d beta1.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, A
-- End forwarded message -
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4,
an internal discussion going on how
to handle the situation, including the option to revert to the
old behavior.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allge
include
> ---
> > #include
This may break other platforms.
> diff -r -x Makefile* /p/openssl/dev.0.9/src/openssl-0.9.6/test/tcrl
> /p/openssl/porting_base/test/tcrl
> 80c80
> < /system/gnu_library/bin/rm -f f.* ff.* fff.*
> ---
> > /bin/rm -f f.* ff.* fff.*
This w
think that "out of the box" debug support for this kind of platform is
> needed.
Thanks, fixed. The "debug-linux-pentium" was missing (-pentiumpro and -k6
where there).
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://ww
h.
Best regards,
Lutz
PS. Please do not embed patches in the text but better send it as
attachement. In your mail the TAB was transfored to SPACEs, so that
the "patch" utility could not apply it.
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet
Announcement of OpenSSL 0.9.6d and 0.9.7 Release Plan and Schedule
==
The OpenSSL developers team is pleased to announce the upcoming
release of OpenSSL 0.9.7. OpenSSL 0.9.7 contains several changes
and enhancements in many fields; p
2.0 client hello messages will be
> phased out with all due haste. Implementors should make every
> effort to move forward as quickly as possible. Version 3.0
> provides better mechanisms for moving to newer versions."
The option to support the SSLv2 client hel
cussing solutions I will wait for an
> answer (bug or misinterpretation).
Hmm. As far as I could see with "openssl x509" and "openssl asn1parse",
certificates are printed in the order of the data inside the certificate.
Whatever this means :-)
Best regards,
ect to the fast update service required I do not expect
anything like this to be available for free) and somebody has to shell
out the money.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.ae
On Mon, Apr 15, 2002 at 02:51:49PM +0200, Michael Bell wrote:
> Lutz Jaenicke schrieb:
> >
> > Please ignore my ignorance, but I just had a second look into RFC1274
> > and I could not find any reference about "mail" being a short name
> > for rfc822M
On Mon, Apr 15, 2002 at 02:26:06PM +0200, Michael Bell wrote:
> Lutz Jaenicke schrieb:
> > I come to the conclusion that I prefer to leave "mail" for use in the
> > "internet 7" class.
>
> I have no problem with this but what do you want to with the short
{ mime-mhs-headings 1 }
id-hex-multipart-message OBJECT IDENTIFIER ::=
{ mime-mhs-headings 2 }
mime-mhs-bodies OBJECT IDENTIFIER ::= { mime-mhs 2 }
END
I come to the conclusion that I prefer to leave "mail" for use in the
"internet 7" clas
I should give a statement about the situation.
> I am not really easy to affect either, since I use a crappy graphical mail client
>under Linux; nonetheless, I understand quite a few people on this list may use OE or
>similar.
I am afraid that this statement is quite correct :-(
to reduce your
risk of getting affected by virii :-)
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Univers
need the output and error messages from the LDAP server.
The ssldump output indicates that a new connection is attempted all the time,
so that there should be no problem with session resumption.
Best regards,
Lutz
--
Lut
.6c
>
> Any comments on this ? I posted on openssl-users but got no response
> at all - either confirming on denying...
Your posting is still in my incoming queue.
Obviously my team mates normally dealing with EVP issues are currently
too busy to take care of it. But it won't be f
o not point out in which version the problem occurs.
Does it still occur with recent snapshots?
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-
to the
session cache.
To avoid this problem, we now set s->new_session to 2 instead of
using a local variable.
[Lutz Jaenicke, Bodo Moeller]
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen
the serial number in the authority key identifer.
You therefore could assure correct behaviour by making at least one of
these properties different.
To be fair: I don't have the time to look around for it, but I would expect
that in some RFC this would also be listed as a requirement :-)
Best reg
On Wed, Apr 10, 2002 at 01:13:05PM +0200, Michael Bell wrote:
> Lutz Jaenicke schrieb:
>
> > Doen't sound bad. I would say "internetMail" would fit better into the
> > usual naming scheme...
>
> I would prefer it too.
Hmm. Just had another look into RFC17
On Wed, Apr 10, 2002 at 12:36:33PM +0200, Michael Bell wrote:
> Lutz Jaenicke schrieb:
> >
> > On Tue, Apr 02, 2002 at 10:07:27PM +0200, Lutz Jaenicke wrote:
> > > On Tue, Apr 02, 2002 at 09:25:00AM +0200, Michael Bell wrote:
> > > > after I found the
On Tue, Apr 02, 2002 at 10:07:27PM +0200, Lutz Jaenicke wrote:
> On Tue, Apr 02, 2002 at 09:25:00AM +0200, Michael Bell wrote:
> > after I found the wrong definitions of SN_surname and SN_serialNumber I
> > looked around and find the next problems in crypto/objects/ :
&g
; error you observed]. In
> my case, this wrong version number led to a "bad_record_mac" error as mentioned.
Late versions of OpenSSL provide the SSL_OP_TLS_ROLLBACK_BUG that allows the
server to ignore this protocol violation. It is however not enabled by
default.
Best regard
^^
Hmm. This does not really indicate it is TLSv1, doesn't it???
> and here is what I get on the server (OpenSSL) when I Ctrl-C the client:
>
> 26747:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
> number:s3_pkt.c:290:
That would fit the underlined statement above
d leave things as they are right now.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
___
acility, I
> will stop posting any more information.
I am not a lawyer, but discussions you send should be covered by the right
on free speech. If you are going to send patches to be included, it should
however be copied through to your government.
Best regards,
Lutz
--
Lutz Jaenicke
ply privately
> if needed.
This bug is already fixed in the CVS:
*) Fix ssl3_read_bytes (ssl/s3_pkt.c): To ignore messages of unknown
type, we must throw them away by setting rr->length to 0.
[D P Chang <[EMAIL PROTECTED]>]
Best regards,
Lutz
--
http://www.secg.org/secg_docs.htm )
> assigns new names to the OIDs of the 'prime192v1' and the 'prime256v1'
> curves, and assigning two names to one OID can't work. I attached a patch for
> the necessary changes in crypto/objects and crypto/ec (, which will re
> In obj_dat.h they both end up having OID 0. Their corresponding OBJ_ macros
> in obj_mac.h get mapped to OBJ_X9_62_prime{192,256}v1 (of which I suppose
> they are aliases), though, so it may be OK.
> I'm not into all the gory details of this magic - it just looked a bit odd to
ast older hello
messages is recommended.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
g before and I am not too familiar
with these RFCs. But obviously nobody else of the team picked up the topic
(yet). I can promise you to add your email to my TODO list, but I cannot
promise you a time until when I will find the time to dig into this
issue...
Best regards,
ntil now.
Following your statement we must add an according note to the 0.9.7
release notes (the entry in the changelogs looks rather harmless until
now :-). We should also leave 0.9.6d with the old behaviour, as
the impact of the bug (yes, I also consider this to be a bug) is small
compared to
apply the same change to 0.9.6-stable, if
this is considered useful.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
___
that you will find much more of these cases, if you start searching :-)
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
n according patch. Please note that objects.h
is no longer used (well, the file is still available, but the actual
information is #ifdef'ed out and obj_mac.h is included).
Please test out the next snapshot.
Best regards,
Lutz
--
Lutz Jaenick
ables. This raises an 'array out of bounds' warning
> on Norcroft C.
Hmm. fgets(buf,256,stdin) will read at most 256-1 bytes and will
append the trailing '\0', at least according to K&R 2.
Therefore the offending statement could simply be removed...
Best regards,
mended change makes sense. I am however not
sure whether this will break existing applications. Steve Henson is most
familiar with the X.509 part of OpenSSL and should give his statement.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
h
SL_AD_BAD_CERTIFICATE
> X509_V_ERR_PATH_LENGTH_EXCEEDED => SSL_AD_UNKNOWN_CA
> X509_V_ERR_INVALID_CA => SSL_AD_UNKNOWN_CA
> X509_V_ERR_INVALID_PURPOSE => SSL_AD_UNSUPPORTED_CERTIFICATE
Thanks, your patch has been applied.
Best regards,
Lutz
--
Lutz Jaenicke
at hand, please submit it to openssl-dev.
(Don't forget to CC to [EMAIL PROTECTED]).
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrot
handled seperately by the SSL_NOT_EXP flag...)
* Some other ciphers are also missing the "strength class setting". But
I would like the first point discussed before filling in.
* Technically, this fix should not only go into 0.9.7-stable but also into
-dev. Should it als
; if (ssl_clear_bad_session(s))
> {
> SSL_SESSION_free(s->session);
> s->session=NULL;
> }
>
> Otherwise, the SSL_SENT_SHUTDOWN flag is not taken into account when
> checking out if session should be removed from cache.
Seems you are right again. Moved the bad-sess
gt; SSL_CTX_remove_session(s->ctx,s->session);
> return(1);
> }
> else
> return(0);
> }
>
> Does it mean that the SSL session is never removed through SSL_clear, or am
> I totally wrong ?
It seems to me, that yo
fix in it yourself.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-0304
switch in the attached.
Did you try to run "make test" without prior installing OpenSSL?
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbu
On Thu, Feb 14, 2002 at 04:16:40PM +0100, Richard Levitte - VMS Whacker wrote:
> From: Khan Alamgir <[EMAIL PROTECTED]>
>
> akh> Please help!
>
> Use a more modern OpenSSL. The current release is 0.9.6c.
And call SSL_library_init() :-)
; session is
> sent to the function, instead of sending r which is the one that is in the
> cache c is been sent.
I have just checked in an appropriate fix, it will be included in the next
snapshots. Please check out your test case again.
Best regards,
Lutz
ret=1;
SSL_SESSION_list_remove(ctx,c);
}
Any other opinions on what is the correct solution?
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, A
see what is going over the wire... (an EOF... would mean that it is the
peer closing the connection... is this really true?).
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http
; session is
> sent to the function, instead of sending r which is the one that is in the
> cache c is been sent.
Thanks for your report. I have added your report to my TODO list.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-C
anna look into this? I've tried, but can't really grasp what goes
> on...
Hmm. As you may have seen from openssl-cvs I found another problem
when running "make test", but I could not reproduce your problem...
Best regards,
Lutz
--
Lutz Jaenicke
unt of cryptographic code and options
(kerberos etc) was much smaller. Now that much more code of this
type is available the amount of possible conflicts should be minimized.
OpenSSL already cleared its namespace by moving include files into
openssl/*.h allowing inclusion of similar hea
On Wed, Jan 23, 2002 at 11:21:49AM -0800, Booker C. Bense wrote:
> On Wed, 23 Jan 2002, Lutz Jaenicke wrote:
>
> > On Wed, Jan 23, 2002 at 07:03:20AM -0800, Booker C. Bense wrote:
> > > On Wed, 23 Jan 2002, Lutz Jaenicke wrote:
> > > > Ok, the behaviour of th
ception on s_server.exe NTDLL.DLL 0x05 Access
> Violation"
I could not reproduce your problem on my UNIX platform, so you will have
to give us at least a backtrace (and the version information, of course).
BTW. It is "ADH-RC4-MD5" (a dash instead of the underscore between RC4-M
llow special action (e.g. login) based on the contents of
the certificate.
> Eventually too many peer certs may hog-on server
> resources.
Memory and hard disk became cheap these days.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus
egards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus
fication) or "0" (verification failure). Only when ok is set
to 0, the return value of X509_STORE_CTX_get_error(ctx); is
significant.
If not sure, you should start without a callback function and see,
whether the certificate verification fails (it should).
Best regards,
_name
man ciphers (-v option)
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-0304
ssing, as they have already been read
by PEM_read_X509().
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Univer
On Thu, Dec 13, 2001 at 10:06:45AM +0100, Srikanta Nayak wrote:
> How openSSL will looks EGD ? Is there any such documentation available on net
>related to it?
http://www.openssl.org/support/faq.html#USER1
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU C
an arbitrary number fixes a problem, there is a bug around that
must be fixed. Just increasing buffer allocations only hides the problem,
it does not solve it.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Co
this list. One advantage of mailing lists
is that they can be very informative and stimulating, because you
get an insight into other peoples work.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.D
k version of HP-UX, so it should be detectable...
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Univer
time of
the call was used. New function X509_STORE_CTX_set_verify_cb() introduced
to allow the necessary settings.
[Lutz Jaenicke]
The fix will be available in 0.9.6c (due out in the next days!?) and 0.9.7.
Nevertheless: thanks for your effort!
Best regards,
Lutz
--
Lut
k(),
but I don't have a code sample. If I remember correctly I discussed this
issue publicly on this list some time ago.
I do use Konqueror at home and it does seem to support peer certificate
checking, so you may want to check out the Konqueror source.
Best regards,
Lutz
--
Lu
y
> against the saved file. However, it still complains in
> verify_callback that peer cert by server is untrusted.
Ah! For the verification to succeed, you must capture the CA chain
including the root certificate. OpenSSL's verification routines by
now do not allow single peer cer
eing resumed.
The OpenSSL client does set the cipher based on this returned value.
It is therefore not necessary to set the cipher in advance.
Do you have any problems due to this behaviour?
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECT
ical API
SSL_get_peer_certificate(), SSL_get_peer_cert_chain() to obtain the
X509 objects. You can then simply write them to file using the
PEM_write_X509()/PEM_write_bio_X509() function.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.ae
lled until the the reference count
>has reached 0.
Thanks, I have rephrased the corresponding paragraph.
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrote
On Wed, Nov 14, 2001 at 10:59:57AM -0800, Michael Sierchio wrote:
> Lutz Jaenicke wrote:
>
> > The entropy parameter should tell, how much "uncertainty" is in the
> > data provided.
>
> > If we choose a value of 0, we mean that there may be entropy in it,
ctor
is one indicator.
If we choose a value of 0, we mean that there may be entropy in it, but
maybe an attacker can predict the value, so we use it but do not count
it as a really unpredictable input.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cott
.
There are reasons, why the shlib/hpux10-cc.sh is looking somewhat
complicated (besides building with +O4=optimization at link time)...
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/persone
ical reasons?)
The time the OpenSSL team members can spend on the project is limited.
If you can supply a patch, we will strongly consider applying it :-)
Please only take care of the current development snapshot (0.9.7-dev).
The development for 0.9.6c is more or less finished and for compatibility
r
On Tue, Oct 16, 2001 at 02:30:03PM +0100, Adam Back wrote:
> On Sun, Oct 14, 2001 at 06:19:30PM +0200, Lutz Jaenicke wrote:
> > [...]
> >
> > * If you have any patch to submit that will improve the behaviour of
> > s_client you are most welcome to post it to this li
client you are most welcome to post it to this list :-)
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-412
better
suited to your needs, as it is intended for application and not for testing?
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik
be changed to all lower case for consistency with
> other messages.
Will be fixed in a minute.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrot
ackported the shared
library support from 0.9.7-dev to 0.9.6x?
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaets
On Sat, Aug 25, 2001 at 01:59:24PM +0200, Lutz Jaenicke wrote:
> I'll add it to the TODO list. If we change this to a dynamic limit,
> we could start with 16kB (platform independant) and then applications
> may decide at will. 16kB should be sufficient in most cases, because
>
There exists an undocumented -Fl option (at least on 10.20).
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4,
.
This problem has been fixed in the CVS tree on August 7, 2001 and the
fix will therefore be part of the next release.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl
On Fri, Aug 24, 2001 at 06:31:56PM -0700, Doug Kaufman wrote:
> On Fri, 24 Aug 2001, Lutz Jaenicke wrote:
>
> > On Thu, Aug 23, 2001 at 02:21:27PM -0500, Douglas E. Engert wrote:
> > > ! #if defined(MSDOS) && !defined(WIN32)
> > > !
6b.
Thanks, applied!
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax
e. With certificates typically having a size of 1-2kB this
would mean a chain length of ...
And it also means that 100kB are on the wire even before any payload is
handled...
> The SSLv3 specs don't set this limit, but rather allows 2^24 certificates.
> I understand the need to
nsequence of all the drawbacks the actual setup has...
I will add an appropriate note tomorrow.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik
did check in the version from the wrong directory. One better
should not work on Sundays. (fixed)
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechni
anybody have an idea on why this distinction is being made?
It doesn't make sense to me. (If nobody has an idea on why it should not be
public, I will make it public.)
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.a
501 - 600 of 791 matches
Mail list logo