Geoff Thorpe wrote:
> The hash-database means the only way to
remove expired sessions is to iterate across the entire database!
Or you maintain an auxillary database that maps the expiry time to a
list of session IDs. This could be a btree (perhaps with a bucket of
session IDs, to avoid dulic
On Thursday 31 Oct 2002 8:56 pm, Bear Giles wrote:
> Edward Chan wrote:
> > The default behavior of server-side session caching is
> > to cache session in memory. This is probably not
> > gonna work very well if there are a lot of connections
> > to the server
> >
> > It says to "open file nam
Title: Message
Thanx,
Franck, I'll post an update after my head clears; I find using openssl very
confusing, not to mention stressful (although that may be due to the fact that
I've never gotten CA.pl to work properly; I always have to go back and read the
CA.pl source to figure out what the
Hi,
I would like to ask one more question in connection to this one.
How would you gather randomness or entryopy on a system that doesn't have
any /dev/egd-pool or /dev/urandom or /dev/random.
What cn be good sources of randomness and how do I know how much randomness is
required?
Regards
Sura
Title: Message
www.tldp.org SSL-Certificates
HOWTO
feel
free to send an update based on your experience...
-Original Message-From: Mark
Olbert [mailto:[EMAIL PROTECTED]]Sent: Friday, 1 November 2002 4:53
To: [EMAIL PROTECTED]Subject: Windows: Code
Signing Certificate
Can anyo
Thanks to all who replied with suggestions. It turned out to be something
completely different.
I had used PKZIP to unzip and untar the distribution tarball and -
surprise! - rather than creating links (Windows shortcuts) where
appropriate, it creates 0-byte files! That meant that all of the header
Title: Message
Can anyone direct me
to documentation (or a howto) on using openssl to create a digital certificate
that can be used to sign macros in an Excel worksheet?
I've successfully
created and installed a root certificate authority for myself under Windows, but
when I try to sign co
Edward Chan wrote:
The default behavior of server-side session caching is
to cache session in memory. This is probably not
gonna work very well if there are a lot of connections
to the server
It says to "open file named according to session id".
However, session_id contains non-ascii chars,
check the version of perl you are using.
I had the exact same problem and upgrading my perl
version fixed all of the issues.
I am sorry, but I do not have version numbers handy.
Regards,
Tim
--- Noel Burton-Krahn <[EMAIL PROTECTED]> wrote:
> Right, I remember I had a ton of problems building
> op
The data you're talking is some configuration file or something?
The application that use this data ... can decrypt the data?, or could
you add this functionality to those applications... i think your using
symmetric cryptography... that's easy... you have to use the EVP
librery...
if not... your
The OpenSSL PRNG feels that it is fully seeded with 160 bits, i.e. 20 bytes of
entropy. In
rand_lcl.h the symbol ENTROPY_NEEDED is defined to 20. In 0.9.6g at least.
Tim
--- Edward Chan <[EMAIL PROTECTED]> wrote:
> Hi Stephen,
>
> Thanks for the reply. You're absolutely right. It
> does
There is an hp-ux depot here : http://hpux.cs.utah.edu/hppd/hpux/Languages/openssl-0.9.6d/
Ryan Frantz wrote:
Has
anyone successfully installed OpenSSL on an HP-UX box? See the error
below: ar r ../libcrypto.a
cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o
uid.
Hi there,
I compiled libwww with Openssl. When I test the client
program, wwwssl, against my secure server, I have CA
certificate expired error. Actually the CA for the
server cert is not expired. I found later that OpenSSL
try to replace the server CA cert with the
corresponding one in its own sto
Has anyone successfully installed OpenSSL on an
HP-UX box? See the error below:
ar r ../libcrypto.a cryptlib.o mem.o mem_dbg.o
cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o/usr/lib/dld.sl: Can't
find path for shared library: libfl.sl/usr/lib/dld.sl: No such file or
directory***
Right, I remember I had a ton of problems building
openssl under cygwin. No problems at all with ActiveState perl in an NT
DOS prompt.
--Noel
- Original Message -
From:
Gait Boxman
To: [EMAIL PROTECTED]
Sent: Thursday, October 31, 2002 12:45
PM
Subject: Re:
Looks like your code is impatient.
When you get continue, 4 retries won't be enough to
get the next response.
Basically, if you get an SSL_ERROR_WANT_READ, you
just need to keep continuing to retry the SSL_read, if you expect more data that
is. So, if you expect a server response, keep tryin
I did it, and without any problem worth
mentioning.
Your troubles might be with two things,
though.
One might be the perl configure .. that is needed
to set up the makefile, there is mention of a specific perl distro req'd, I just
ran it with the one I had, and it worked fine (could be the r
Hello:
Just wondering if anyone has attempted to use OpenSSL
in an environment where the private key generated by a
CA/RA is only available on a smart key token, and cannot be
extracted. That is all of the private key processing must be
done on board the token's processor, and so the key is not
ava
Okay, I give up.I followed the
build instructions in INSTALL.W32 for VC++ only to find an unparseable makefile
(ntdll.mak) with carriage returns embedded in the names of two macros (e.g.
SSL^MOBJ=$(OBJ_D)\ssl.obj ...).When I fixed that, I discovered that the
makefile was attempting to copy f
Hello
!Here is my problem : I wrote 2 codes : a server under linux and client
forlinux (and windows). The server sends datas to a client (which is on an
othercomputer denoted by C) and the connection is secured using
openssl. Theclient stores those datas in a directory of C but I would lik
Hello
!Here is my problem : I wrote 2 codes : a server under linux and client
forlinux (and windows). The server sends datas to a client (which is on an
othercomputer denoted by C) and the connection is secured using
openssl. Theclient stores those datas in a directory of C but I would lik
You can start be making sure that mod_ssl is either linked statically or
(Bloaded dynamically via a LoadModule call in your conf/httpd.conf file.
(B
(B
(B-Original Message-
(BFrom: [EMAIL PROTECTED]
(B[mailto:[EMAIL PROTECTED]] On Behalf Of Eric Tan
(BSent: Wednesday, October 30, 200
What is the error?
-Original Message-
From: DARCY,MATTHEW (HP-UnitedKingdom,ex2) [mailto:matthew.darcy@;hp.com]
Sent: Thursday, October 31, 2002 11:18 AM
To: '[EMAIL PROTECTED]'
Subject: RE: Compiler Recomendations Solaris 8 (and RedHat 8 too!)
I compiled openssl 9-6g on redhat 7.3 with
I haven't seen a recommendation. I have gotten it to work with gcc 3.2 fine
on solaris 8...
David
-Original Message-
From: DARCY,MATTHEW (HP-UnitedKingdom,ex2) [mailto:matthew.darcy@;hp.com]
Sent: Thursday, October 31, 2002 10:58 AM
To: '[EMAIL PROTECTED]'
Subject: RE: Compiler Recomenda
I believe I have seen the OS return 0 on a 2nd read even when not at EOF.
I'll try to come up with a test case to demonstrate it.
(See http://groups.google.com/groups?selm=3DB8738F.2000409%40kegel.com
for a related thread.)
- Dan
"Noel Burton-Krahn" [EMAIL PROTECTED] wrote:
Uh... Dan, read() alw
Install prngd. It's better. You can get egd package with egc to seed
prngd, but you don't need it. You can just cat a bunch of files into the
prngd seed file.
David
-Original Message-
From: Manoj Kithany [mailto:MKITHANY@;utah.gov]
Sent: Thursday, October 31, 2002 11:56 AM
To: [EMAIL P
Hello
!Here is my problem : I wrote 2 codes : a server under linux and client
forlinux (and windows). The server sends datas to a client (which is on an
othercomputer denoted by C) and the connection is secured using
openssl. Theclient stores those datas in a directory of C but I would like
Having problems with MD5_Init when attempting to use common messenger
programs (i.e.- ymessenger). error - relocation error:
/opt/ymessenger/bin/ymessenger.bin undefined symbol: MD5_Init - Using
latest version 0.9.6g. Attempted using config --prefix=/usr and
/usr/local. Neither have fixed is
Hi,My program is using
OpenSSL function SSL_read() to read http content.It works fine for most of
the headers, but after it receives HTTP/1.1100 Continue header (the first block of headers), it will hang
there. It should continue to read the
headers (which is HTTP/1.1 200 OK...).
The follow
Hi,
Why it show invalid command "SSLEngine", when
running "./apachectl startssl"?
How to make it work?
Thank you very much!
Best Regards,
Eric Tan
_
1874(³¯«³¨³)¡A¦A¨£ÅSµ·º¿²ú(¦óÃý¸Ö)¡A·à¤l¤s¤U(ù¤å)...
Over 800 latest ringtones,
Thanks Erwann:
I checked my System and have installed PRNG. I checked it by using:
# ps -ef | grep prng
root 47354 6518 0 14:13:01 - 0:03 /opt/freeware/sbin/prngd
On Thu, 31 Oct 2002, Manoj Kithany wrote:
> THANKS for your reply.
> I checked the url before I posted my query to this List. I am bit
Sorry if I offended you. You didn't specify in your first post that you
checked the URL, and since this question is in the FAQ, that means it is
asked a *lot* of
Attached is the openssl.spec file for Red Hat 8.0, which is what Red Hat
uses to build their openssl package, presumably with gcc 3.2.
If you can make some sense of it, you'll probably find out how to get
openssl to compile. Ignore the configure options no-idea, no-mdc2 and
no-rc5. These are only
the package I got from openssl did not include shared librarys - hence why I
am keen to compile it myself.
good suggestion though
-Original Message-
From: Boyle Owen [mailto:Owen.Boyle@;swx.com]
Sent: Thursday, October 31, 2002 4:54 PM
To: [EMAIL PROTECTED]
Subject: RE: Compiler Recomen
Hi Mr. Erwann:
THANKS for your reply.
I checked the url before I posted my query to this List. I am bit
confused - should I need to install EGD or PRNG? I checked my IBM
Server and could'nt find /dev/random?
Can you/anyone please help?
THANKS!
Manoj G. Kithany
>>> [EMAIL PROTECTED] 10
Sorry - I meant to get the package for openssl! (not for gcc...)
-Original Message-
From: DARCY,MATTHEW (HP-UnitedKingdom,ex2) [mailto:matthew.darcy@;hp.com]
Sent: Donnerstag, 31. Oktober 2002 17:20
To: '[EMAIL PROTECTED]'
Subject: RE: Compiler Recomendations Solaris 8
I have installed g
This question is asked a lot.
With asynchornous sockets, you need to check the err
using SSL_get_error. If the error IS
SSSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE then you
need to call SSL_accept again.
I would reccommend adding the FD back into your select
queue based on the read/write status,
I have installed gcc 2.95 package from sun freeware. I am trying to compile
openssl-9.6g it is failing. Could some one recomend a compiler version /
package to compile openssl-9.6g
-Original Message-
From: Boyle Owen [mailto:Owen.Boyle@;swx.com]
Sent: Thursday, October 31, 2002 4:14 PM
To
I compiled openssl 9-6g on redhat 7.3 with gcc 2.96 and was told to use 3 or
2.95 (still failing)
I am using 2.95 on Solaris and it is failing with the same error as redhat
so I am lost as to what is a recomended GCC
-Original Message-
From: [EMAIL PROTECTED] [mailto:John.Airey@;rnib.org
On Thu, 31 Oct 2002, Manoj Kithany wrote:
> I installing OPENSSL and when running I get following ERROR - wonder
> why:
> --
> # ./openssl req -new -nodes -keyout private.key -out public.csr
> Using configuration from /usr/loc
I don't understand - the packge is a binary so you don't need to
compile. It's like RPM on linux.
-Original Message-
From: DARCY,MATTHEW (HP-UnitedKingdom,ex2) [mailto:matthew.darcy@;hp.com]
Sent: Donnerstag, 31. Oktober 2002 16:58
To: '[EMAIL PROTECTED]'
Subject: RE: Compiler Recomendatio
41 matches
Mail list logo