Hi Mrs
I am a PHD and i need some informations to see the
costs of the cryptographics loads in WTLS.
Is there any benchmark to compte the delay of
RSA certificate & encryption SHA-1, and DES (in a palm pilot)
have you a benchmark also for the fixed network
with RSA 512?
if not:
It is poss
Hi,
Please i have to know if i could add my own cipher algorithm and take it in
concideration in the SSL negociation process.
Best regards!
__
OpenSSL Project http://www.openssl.org
Development Mai
Hi all;
Could anyone tell me is it possible that i add my own cipher algorithm and
take it in concideration in the SSL negociation process???
I've asked this question before but it seems that no one is interrested...
Did i say sth wrong or is my question stupid ??? Sorry if it's the
I've just finish install and compile OpenSSL (the
.exe are in C:\OpenSSL-0.9.6b\out\).
What is the easyest way to get a SSL certificate
from my certreq.txt ?
I want to get a key and install it on my server for
testing.
Thank for any help, I'm a little confused with all
the functions.
Hello,
This isn't a bug report, but i don't want to sign up to mailing list just to
say 1 question.
If i compile OpenSSL, with just ./configure, make, make install, archive
that, then send it to somewhere in the U.S, can the site/ftp in the U.S
legally distribute it internationally?
In bss_log.c, the '#includes' are still processed, even when compiled with
-DNO_SYSLOG.
I'm curious why, since the entire rest of the file is skipped...
Dave Clendenan
Software Developer
Polycom Canada
[EMAIL PROTECTED]
(604) 697-9338
Thou shalt not follow the Null Pointer,
for at its end
Hello,
After generating CSR with openssl 0.9.8-dev, 0.9.7-dev or 0.9.6
'asn1dump' says that:
261 023: INTEGER 65537
: }
: }
: }
266 A00: [0]
: Error: Object has zero length.
Hello!
I used SMIME command tool to create some SMIME
messages.
I can create signed, encrypted message and to verify and
decrypt them with my functions.
Now I want to make this messages fully
compliant with existing mail clients:
1. My functions to can verify and decrypt me
Friends,
Are s_server.c and s_client.c are the
applications(openssl-engine-0.9.6d/apps) which I can use for testing
client-server handshake ?
Ankit Shah, Software Engineer
__
OpenSSL Project ht
I notice when using d2i_PUBKEY() to convert a string RSA
SubjectPublicKeyInfo to an EVP_PKEY struct that the string pointer ends up
pointing to random memory. Is this deliberate (e.g. for security reasons)
or a bug? I would like to have the public key string still available when
the function ret
I am working on a java program that parses PKCS12 Certificates. I am
able to pull out my public and private key with no problem. When I use
the command :
openssl pkcs12 -in test.p12 -info
I am shown 3 certificates; mine, and 2 from verisign. I am assuming
that these verisign certificates ar
I know from looking in the archives that this question has been asked
before, but I am wondering if anything has been done in the 0.9.7 branch
to address it.
We have an application that uses separate threads for its readers and
writers. Currently, the threads can stomp on each others state since
No response from openssl-users, hence trying the dev alias.
I have a X509_NAME variable which contains something like
/CN=mycn/OU=myou/O=myo
I want to modify this into
/CN=mycn/OU=yourou/O=myo
i.e. I want to change the OU from "myou" to "yourou"
Extracting the different RDNs (CN, OU & O) and rec
Where can I get program example using ENGINE as STORE?
Valery Blazhnov
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated Lis
A quick question about the SSL_get_shared_ciphers function.
What exactly does the comment in ssl/ssl_lib.c mean:
/* works well for SSLv2, not so good for SSLv3 */
char *SSL_get_shared_ciphers(SSL *s,char *buf,int len)
Are there any other ways than sending x number of client hellos
with only one
Hello,
After figuring out the size of the buffer needed to convert the internal
structure
into DER, the function allocates that size + 10 :
b=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);
Is there any particular reason why 10 is added to the size ?
Thanks,
Max Karolinskiy
smime.p
i 'm about to release a pseudo DES encryption device driver and the
corresponding openssl engine, for educational purpose. To build the emulator,
I used code from the openssl library. What should the license scheme be? For
example, can the driver and the engine be GPL, apart from the code taken
Hi,
I would like to know where I can find documentation on openssl
implementation (not API use for programming others programs, I'm
looking for openssl internals)
I want to correct dtls implementation (I have already sent a little
patch ;) ) and I want to understand implementation organization to
Hi! In our project we want to perform a complete global switch to OCSP
certificate verification (for a number of reasons we don't want CRL's
anymore) to make openldap, openvpn and others use OCSP.
Unfortunately I didn't find any implemented way to perform such a switch
in OpenSSL. There is only on
You can use these functions to do the OCSP verification during the ssl
handshaking.
#define SSL_set_tlsext_status_ids(ssl, arg) \
SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS,0, (void *)arg)
#define SSL_get_tlsext_status_ocsp_resp(ssl, arg) \
SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_R
Hi all,
Here's my situation... I'm trying to
produce certs and keys with the Java security packages
for use in my ssl enabled web server. The problem is
that when I try to start apache in SSL mode, it
doesn't like my server cert's private key. The Java
docs say that the private key I generated
Hi folks,
I am writing a yet another web browser. It uses multiple connection to
download
URLs simultaneously. (Not very original)
How do I avoid each connection having to go through the full blown
negotiation
with the web server?
Will SSL_copy_session_id do the job?
What are the limitations o
hi there,
I'm trying to get some sort of an idle timeout while waiting on SSL_read.
Is there an easy way to accomplish this? (Windows 2000, NT)
TIA
erik
__
OpenSSL Project http://www.openssl.org
Does anyone have an idea as to what release of Openssl first contained RC5?
Thanks,
-Jeff
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
This is a newbie question.
Sorry in advance if this is the wrong place to send
this message (and if I'm in the wrong place, just let me know: I won't send
emails here again).
I'm considering porting the ssl code (client-side
only) onto an embedded device (a.k.a. Interne
Hi! I am working on including SSL client in our product. One of the options
is using OpenSSL. But the problem is that our product is designed and
strictly structured as portable, that is the major part of the code is the
same for different platforms and only a thin layer contains platform
dependen
What is the purpose of the
SSL_get_ex_data_X509_STORE_CTX_idx()
chain of function calls in the above function ? I get
lost every time I try to track through it . . .
Thanks,
Joe Coates
__
Do You Yahoo!?
Yahoo! Calendar - Get organized for th
On Tue, Jan 09, 2001 at 10:14:29PM +0100, Rafâa TAHAR wrote:
> Hi all;
>
> Could anyone tell me is it possible that i add my own cipher algorithm and
> take it in concideration in the SSL negociation process???
> I've asked this question before but it seems that no one is int
De : Rafâa TAHAR <[EMAIL PROTECTED]>
À : [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date : mardi 9 janvier 2001 22:32
Objet : Question!
>Hi all;
>
>Could anyone tell me is it possible that i add my own cipher algorithm and
>take it in concideration in the SSL negociation pr
Asking this question, implies lack of understanding
in experimentation. The whole idea of programming (especially for enjoyment
-- yes there are those of us that program as a pasttime) is to learn how
things work. Sometimes, just trying to create an algorithm of your own is
more instructional
orry if my english is bad :)))
-Message d'origine-
De : [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] De la part de Nicolas Roumiantzeff
Envoyé : mercredi 10 janvier 2001 11:00
À : [EMAIL PROTECTED]
Objet : Re: Question!
Why would you want your own cipher?
What is wrong with existing cip
ROTECTED]]De la
part de Sean WaltonEnvoyé : jeudi 11 janvier 2001
02:50À :
[EMAIL PROTECTED]Objet : Re:
Question!Asking this question, implies lack of
understanding in experimentation. The whole idea of programming
(especially for enjoyment -- yes there are thos
Sean,
Your message has been very helpful.
Thank you,
Nicolas Roumiantzeff
-Message d'origine-De :
Sean Walton <[EMAIL PROTECTED]>À
: [EMAIL PROTECTED]
<[EMAIL PROTECTED]>Date :
jeudi 11 janvier 2001 03:29Objet : Re:
Question!Ask
Hi there,
I'm very new to SSL but will need to set it up for sending/receiving secure data
across a network to/from a client. The client has SSL set up and we will need to do
the same. I have downloaded openSSL and stunnel but don't know how it all works. How
do I get an SSL engine up and
Hi
you;
Usually i'm a UNIX user but i think
that the procedure is almost the same
:)))
You have to open a dos console and goto
your "openssl/out" directory ... then you have to launch the "openssl.exe"
program to get the OPENSSL prompt.
Once this is done you need this command to
sign you
Hi all,
we will implement our engine. But ENGINE in OpenSSL are develop still.
My question is: what is right sequence a call functions for engine which
have authenticate access to the private key usage?
Without OpenSSL I use something like this:
1) connect to IP address
2) login as USER
3) write
I found a #define of 64 bits long in 32 bits long
parts
code :
#ifdef THIRTY_TWO_BIT
...
...
#define BN_MASK (0xLL)
...
...
#endif
Is that normal ?
Jean Pierre
Hi All:
I've been asked to get OpenSSL working on the Mac with Mac OS 9.2.1. I've
got new Codewarrior 6.3 project going (based on the one in the 0.9.6b
distribution). But I'm having a problem. Can't connect to a secure server
(I'm using the ComLine example to test this code and I'm trying to g
Hi,
I was trying to compile test scripts (openssl-0.9.6b)
~/openssl-0.9.6b/demos/Maurice/*.c
When I try to make the file, I get the following error:
Too few
arguments to function PEM_ASN1_read
After digging around, I found the function definition at
~/openssl-0.
Greetings.
I wish to use a *home grown* GUI to obtain the necessary user data for the certificate request (something similar to what iPlanet uses). However,
I have been unsuccessful in locating the format of this file. And can i use this file with the -in parameter in the openssl call or do
I n
For what is following stuff good in bio.h?
...
#define VAR_ANSI
#ifdef VAR_ANSI
...
#endif
...
Shouldn't we simply remove the three lines? ANSI should be ANSI...
Cheers, Franco
__
OpenSSL Project
Hi all,
I'm new at developing whith this library and i'm having some
problems.
The thing is that i'm trying to write a client and a server working
over ssl by using the BIO abstraction ( i wasn't able to do it with
SSL_calls only ), something as it's done in demos/bio/
sconnect\s_acc
I have an app working very well...
*except* i now want (need?) to accurately determine if it's "ok to write" (will
not block) or "ok to read". Without SSL, I could do this with a select()..
however a select() is clearly not correct when using SSL.
However, SSL_pending() (i think...) only
Hi ,
I am new to this mailing
list.
I have Apache 1.3.9 installed
and working .
OS : Windows NT 4 Workstation
SP3
Now I got complied the openssl
0.9.4 successfully.
How to proceed further to make the
Apache server SSL complaint. ?
If you can give me some clue/steps,
it will be a great h
Hi,
I'm wondering how a user autenticate itself to a apache web server via
browser. Do he have to carry a floppy disk with his certificate, import to
the browser or will the browser just ask for a password.
If it is possible the second option, how safe will be the connection?
Thanks in advance.
Havent heard from any of you from my previous post, so thought Id try again.
Id really appreciate any pointers to a pre-existing project involving
building openssl functionality into a com object which can be utilized for
posting to and grabbing http data back from a secure website. Im planning
Hello!
I have a question about the check in the ssl_parse_serverhello_tlsext
function:
if (data >= (d+n-2))
goto ri_check;
Shouldn't it be
if (data > (d+n-2))
goto ri_check;
instead?
Thank you!
--
SY, Dmitry Belyavsky
Thus spake Michael Trebilcock:
> If i compile OpenSSL, with just ./configure, make, make install, archive
> that, then send it to somewhere in the U.S, can the site/ftp in the U.S
> legally distribute it internationally? What about other countries?
>
> A yes or no answer would be nice, or an "i'm
We ran into a small piece of code in ssl_rsa.c that is confusing us. In
SSL_CTX_use_certificate_chain_file(), the following code fragment exists:
ret=SSL_CTX_use_certificate(ctx,x);if (ERR_peek_error() !=
0) ret = 0; /* Key/certificate mismatch doesn't
imply ret==0 ... */if (ret)...
I
"Clendenan, Dave" wrote:
>
> In bss_log.c, the '#includes' are still processed, even when compiled with
> -DNO_SYSLOG.
>
> I'm curious why, since the entire rest of the file is skipped...
So that we don't get into dependency wars in the CVS versions of the
Makefiles.
Cheers,
Ben.
--
http://w
[EMAIL PROTECTED] wrote:
>
> Hello,
> After generating CSR with openssl 0.9.8-dev, 0.9.7-dev or 0.9.6
> 'asn1dump' says that:
>
> 261 023: INTEGER 65537
> : }
> : }
> : }
> 266 A00: [0]
>
I am trying to port the DES routines to C#
.NET. Can someone tell me what the E0 and E1 values are in the LOAD_DATA
#define ?
I tried parsing the PFX file attached(passphrase:test) using PKCS12_parse()
function.
However I cannot get the right value of DSA private key parameter x.
And I tried executing open-ssl command following
"openssl -in target.pfx -out target.key -nocerts -nodes".
I found that this case also resul
in B_SOCK.C, Line 78,
#ifdef SO_MAXCONN #define MAX_LISTEN
SOMAXCONN#elif defined(SO_MAXCONN)...
#ifdef SOMAXCONN /* SO_MAXCONN
-> SOMAXCONN ?? */#define MAX_LISTEN SOMAXCONN#elif
defined(SO_MAXCONN)...
Mars
On the beginning of Configure perl program, there is a statment as follows:
:
eval 'exec perl -S $0 ${1+"$@"}'
if $running_under_some_shell;
##
## Configure -- OpenSSL source tree configuration script
##
Could someone help to explain? I can not find the means of the symbol
":" at the begi
I ran into a problem with a stack overflow that has me looking at the
crypto\bio\b_print.c code and wondering a few things. Consider the
following routine (note especially the MS_STATIC variable):
int BIO_vprintf (BIO *bio, const char *format, va_list args)
{
int ret;
size
It's impossible to make an interoperable, signed S/MIME message with
OpenSSL at the moment due to a dumb bug in the OpenSSL implementation.
Go figure, no one actually seems to USE the OpenSSL S/MIME stuff
(perhaps not just because of the bugs... lack of v3 support is an
issue for me).
John
On W
On Thu, Jul 25, 2002 at 01:28:44AM -0400, John Viega wrote:
> It's impossible to make an interoperable, signed S/MIME message with
> OpenSSL at the moment due to a dumb bug in the OpenSSL implementation.
> Go figure, no one actually seems to USE the OpenSSL S/MIME stuff
> (perhaps not just because
>Hello!
>
>I used SMIME command tool to create some SMIME messages.
>
>I can create signed, encrypted message and to verify and decrypt them with my
>functions.
>
>Now I want to make this messages fully compliant with existing mail clients:
>1. My functions to can verify and decrypt message
Maya wrote:
>When I create signed or encrypted message, I get as input param SMTP header + MIME
message.
>Do I have to signed and encrypt both (SMTP header + MIME message) or just the
second part?
>What should be the SMTP header of the Signed or(and) Encrypted message?
As others have noted, you
In message <[EMAIL PROTECTED]> on Thu, 1 Aug
2002 13:17:24 -0500, "ANKIT K SHAH" <[EMAIL PROTECTED]> said:
anshah> Friends,
anshah> Are s_server.c and s_client.c are the
anshah> applications(openssl-engine-0.9.6d/apps) which I can use for testing
anshah> client-server handshake ?
Yes.
--
Rich
Chris Brook wrote:
>
> I notice when using d2i_PUBKEY() to convert a string RSA
> SubjectPublicKeyInfo to an EVP_PKEY struct that the string pointer ends up
> pointing to random memory.
The function
'EVP_PKEY * d2i_PUBKEY(EVP_PKEY **a,unsigned char **pp, long length)'
modifies the pointer *pp (
-Original Message-
From: Mark W. Webb [mailto:[EMAIL PROTECTED]]
Sent: Thursday, November 21, 2002 8:44 PM
To: [EMAIL PROTECTED]
Subject: PKCS12 question
I am working on a java program that parses PKCS12 Certificates. I am
able to pull out my public and private key with no problem. When I use
associated with a friendly name. If you
PKCS12 file contains only one container, then it should return one friendly
name.
Regards,
Murali
-Original Message-
From: Mark W. Webb [mailto:[EMAIL PROTECTED]]
Sent: Thursday, November 21, 2002 8:44 PM
To: [EMAIL PROTECTED]
Subject: PKCS12 question
I
The unversioned tars in ftp://ftp.openssl.org/snapshot/ are 0.9.8.
I.e. openssl-SNAP-20030209.tar.gz
(And you did already look there because you read
http://www.openssl.org/source/ right? :)
-Nathan
Ala Wai via RT wrote:
>
> THis maybe a dumb question, but where do I go to get
> t
Hi,
I am developing a cipher encryption tool in c++ using your openssl-crypto
library.
The result encrypted string is passed to another system for decryption and
vice versa, in which the cipher encryption tool was developed in Java, cipher
algorithm is DES, mode is CBC, PKCS 5 padding.
On Mon, 17 Mar 2003 11:26:46 -0700, Verdon Walker wrote:
>I know from looking in the archives that this question has been
>asked
>before, but I am wondering if anything has been done in the 0.9.7
>branch
>to address it.
>We have an application that uses separate threads f
ing the "cancel".
Verdon
>>> [EMAIL PROTECTED] 3/18/2003 7:10:23 PM >>>
On Mon, 17 Mar 2003 11:26:46 -0700, Verdon Walker wrote:
>I know from looking in the archives that this question has been
>asked
>before, but I am wondering if anything has been done in th
On Wed, 19 Mar 2003 09:51:20 -0700, Verdon Walker wrote:
>We have one thread wanting to write a large amount of data (say 2
>Meg).
>OpenSSL will break that data up into 16k chunks, SSLize them and
>write
>each separately. During the process, it is using the "rwstate" in
>the
>SSL structure to indi
First, thank you for your responses. I appreciate the feedback, but I
don't think I understand the points you are making in your last email.
Perhaps, I did not explain myself well enough, but the idea of allowing
long operations to be cancelled is hardly rare. Suppose for example, you
want to searc
On Wed, 19 Mar 2003 16:53:32 -0700, Verdon Walker wrote:
>First, thank you for your responses. I appreciate the feedback, but
>I don't think I understand the points you are making in your last
>email.
>Perhaps, I did not explain myself well enough, but the idea of
>allowing
>long operations to be
I knew I had not explained myself well enough given your last response.
I did not mean to attempt to abort the "current chunck", but rather to
be able to read the cancel between chunks so I could do just what you
suggest. Of course, the definition of "current chunk" is part of my
problem. I was thi
On Thu, 20 Mar 2003 11:45:28 -0700, Verdon Walker wrote:
>I knew I had not explained myself well enough given your last
>response.
>I did not mean to attempt to abort the "current chunck", but rather
>to
>be able to read the cancel between chunks so I could do just what
>you
>suggest. Of course, t
Hello,
I am using DH_new(), DH_generate_key(), DH_compute_key() to calculate the
shared DH key for a pre-determined safe prime "P" and "g". P & g are copied
into the DH structure by BN_hex2bn() functions. When I execute the code, I
get this warning (?) printf saying "the g value is not a generator
On Fri, Nov 7, 2008 at 6:11 PM, Dr. Stephen Henson <[EMAIL PROTECTED]> wrote:
> On Fri, Nov 07, 2008, Siva Jayaraman wrote:
>
>> No response from openssl-users, hence trying the dev alias.
>>
>> I have a X509_NAME variable which contains something like
>> /CN=mycn/OU=myou/O=myo
>>
>> I want to modi
On Fri, Nov 07, 2008, Siva Jayaraman wrote:
> No response from openssl-users, hence trying the dev alias.
>
> I have a X509_NAME variable which contains something like
> /CN=mycn/OU=myou/O=myo
>
> I want to modify this into
> /CN=mycn/OU=yourou/O=myo
>
> i.e. I want to change the OU from "myou"
Hello,
I'm currently porting the openssl-0.9.8 fips code to a
proprietary platform. There seems to quite a lot of time and effort put
into all the macros for different OSs and CPUs in FIPS_ref_point() and
instruction_pointer(). But I fail to see what problem the code in
fips_canister.c is trying
Why does PKCS7_decrypt() require the recipient's X509 cert? Doesn't the
recipient's cert already exist inside the PKCS7 structure? And if there is
more than one recipient info, can't PKCS7_decrypt() just try the private key
against each one?
My last question is, what is th
On Tue, Feb 03, 2004 at 08:41:23AM +0100, Jostein Tveit wrote:
> A quick question about the SSL_get_shared_ciphers function.
>
> What exactly does the comment in ssl/ssl_lib.c mean:
>
> /* works well for SSLv2, not so good for SSLv3 */
> char *SSL_get_shared_ciphers(SSL *s
Lutz Jaenicke <[EMAIL PROTECTED]> writes:
> On Tue, Feb 03, 2004 at 08:41:23AM +0100, Jostein Tveit wrote:
> > What exactly does the comment in ssl/ssl_lib.c mean:
> >
> > /* works well for SSLv2, not so good for SSLv3 */
> > char *SSL_get_shared_ciphers(SSL *s,char *buf,int len)
> Its part of t
On Wed, Feb 04, 2004 at 02:22:49PM +0100, Jostein Tveit wrote:
> Lutz Jaenicke <[EMAIL PROTECTED]> writes:
>
> > On Tue, Feb 03, 2004 at 08:41:23AM +0100, Jostein Tveit wrote:
> > > What exactly does the comment in ssl/ssl_lib.c mean:
> > >
> > > /* works well for SSLv2, not so good for SSLv3 */
Hi,
Can someone help me with info on this question?
Is there some significance to encrypt the MAC along with the message?
Is there some pitfall in leaving the MAC in the cleartext and encrypt the
message alone...
thanks,
swami
Hi,
I
have been having some problems with the startdate
and dnddate in my certificates being skewed since I upgraded
from 0.9.6G to 0.9.7D. I have traced it down to OPENSSL_gmtime,
which is located in O_TIME.C. My question is should OPENSSL_gmtime
be returning a time in
On Mon, Sep 13, 2004, Max Karolinskiy wrote:
>
> Hello,
>
> After figuring out the size of the buffer needed to convert the internal
> structure
> into DER, the function allocates that size + 10 :
>
> b=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);
>
> Is there any particular reason
Hi all,
Is there any plan to add PKCS#1 RSA-PSS padding in openssl 0.9.7x version (just
the same way as in openssl 0.9.8)?
regards,
Fred
__
OpenSSL Project http://www.openssl.org
Development Mai
Recently I was writing a PERL script that uses openssl to encrypt
an email message. The script executes the following command and
pipes the body of the message to the command's standard input:
openssl smime -subject 'subject' -encrypt /path/to/cert.pem > outfile
The above command produces th
is it possible to create a certificate with signature algorithm identifier sha-1WithRSAEncryption and the subjectPublicKeyInfo algorithmIdentifier is id-RSASSA-PSS or id-RSAES-OAEP?
View this message in context: x.509 question
Sent from the OpenSSL - Dev forum at Nabble.com.
Hi, I have a question about ssl3_shutdown in s3_lib.c. We are getting
an occasional processor fault on the line that reads:
else if (s->s3->alert_dispatch)
where s is a valid pointer but s3 is NULL. I would like to just
prevent the processor fault but leave things in a consistent st
Hi all,
I compiled openssl on a mainframe (mainframe emulation using Hercules
(MVS), in the USS (Unix System Services) subsystem), there IBM uses an
EBCDIC charset.
I receive a "Bad time value" when I want to check the peer certificate
(the peer certificate coming from a LINUX machine).
I think
Hi,
I want to test inline inline renegotiation with openssl. My test code
creates a SSL server and SSL client. Now I want client to unconditionally
re-negotiate the channel after the handshake is successfully. How would the
code look like for that. Currently, I have something on the lines of (only
Hi,
Does the FIPS module certification is missed if the fipscanister module is
compiled to a configuration (architecture, compiler version etc) different
from those listed on OpenSSL security policy? Our concern is if a change to
something on the build tools like compiler version or architecture c
Thank you, Ziyu! However, these three are no use without actual query
building and querying OCSP responder.
On Thu, 2012-05-03 at 16:06 +0800, Ziyu Liu wrote:
> You can use these functions to do the OCSP verification during the ssl
> handshaking.
>
> #define SSL_set_tlsext_status_ids(ssl, arg) \
On Thu, May 03, 2012, Alexander Komyagin wrote:
> Hi! In our project we want to perform a complete global switch to OCSP
> certificate verification (for a number of reasons we don't want CRL's
> anymore) to make openldap, openvpn and others use OCSP.
>
You should note there is a side effect of d
Thanks for the note, Stephen! I'll certainly take this into account.
If I incorporate OCSP check in check_revoked() function, which is called
during SSL connect/handshake it would just block during connect op for a
while, and I believe that no single service shall expect connection
establishment to
On Thu, May 03, 2012, Alexander Komyagin wrote:
> Thanks for the note, Stephen! I'll certainly take this into account.
> If I incorporate OCSP check in check_revoked() function, which is called
> during SSL connect/handshake it would just block during connect op for a
> while, and I believe that n
Can you give me an example of such application? I'll take a look at it.
On Fri, 2012-05-04 at 13:14 +0200, Dr. Stephen Henson wrote:
> On Thu, May 03, 2012, Alexander Komyagin wrote:
>
> > Thanks for the note, Stephen! I'll certainly take this into account.
> > If I incorporate OCSP check in chec
On Wed, 1 Mar 2000, Brady Moritz wrote:
> > Curl can fetch and post https. http://curl.haxx.nu/
> Thanks, I have looked at Curl but I am needing something that is either a
> COM object or is open source so that I can create a com object from it.
Huh?
Curl is most certainly Open Source (tm). It
5, 2000 5:03 PM
> To: [EMAIL PROTECTED]
> Subject: Re: question repeat
>
>
> Brady Moritz wrote:
>
> > I must be blind, as my mouse scroll button zoomed right past
> the source code
> > versions down to the binary versions.
> >
> > I am needing something th
) only... But Ill give it a lookover.
Thanks
Brady Moritz
Moritz Designs
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of amanda
> Sent: Friday, March 03, 2000 4:39 AM
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Subject
Brady Moritz wrote:
> I must be blind, as my mouse scroll button zoomed right past the source code
> versions down to the binary versions.
>
> I am needing something that can support multithreading, so Im not sure
> offhand that this will be helpful, as I would imagine cURL is meant for
> single-
1 - 100 of 609 matches
Mail list logo
