On Thu, Jan 21, 2010, fredk2 wrote:
>
> do I understand this correctly:
> 0.9.8m sends a no_renegotiation alert and apache needs a mod_ssl patch that,
> by default, upon this alert closes the connection?
>
No this isn't Apache's fault. OpenSSL 0.9.8m sends the no_renegotiation alert
it's just t
do I understand this correctly:
0.9.8m sends a no_renegotiation alert and apache needs a mod_ssl patch that,
by default, upon this alert closes the connection?
Thanks - Fred
Dr. Stephen Henson wrote:
>
> On Thu, Jan 21, 2010, fredk2 wrote:
>
>>
>> Yes I forgot to mention that I did test with
Victor Duchovni wrote:
> Locking callbacks are needed for the reference counting in the CRYPTO
> library to not get messed up. Various bits of context are associated
> withe the new SSL object by reference.
>
Locking callbacks are required, period. If you are using OpenSSL with
multiple threads,
Just to conclude with this:
My process has stopped growing in memory size after about 5 days
which implies that my problem appeared to be a memory management issue (OS
related) and as soon as the
fragmentation from the frees settled, the memory foot print became stable.
Thanks for everyone's he
On Thu, Jan 21, 2010, fredk2 wrote:
>
> Yes I forgot to mention that I did test with the 0.9.8m s_client and that
> worked.
> The [new] problem 0.9.8m create is that a (old) client can request R and
> exhaust all apache threads.
>
This is a bit of a problem for older clients because the specifi
Yes I forgot to mention that I did test with the 0.9.8m s_client and that
worked.
The [new] problem 0.9.8m create is that a (old) client can request R and
exhaust all apache threads.
Thanks for the reply - Fred
Dr. Stephen Henson wrote:
>
> On Thu, Jan 21, 2010, fredk2 wrote:
>
>>
>> Hi,
>>
On Thu, Jan 21, 2010, fredk2 wrote:
>
> Hi,
>
> I have tried to read some of the old posts, but do not understand if the
> following is an apache or openssl question.
>
> I am using the apache 2.2.14 mod_ssl with the patch:
> http://www.apache.org/dist/httpd/patches/apply_to_2.2.14/CVE-2009-35
Hi,
I have tried to read some of the old posts, but do not understand if the
following is an apache or openssl question.
I am using the apache 2.2.14 mod_ssl with the patch:
http://www.apache.org/dist/httpd/patches/apply_to_2.2.14/CVE-2009-3555-2.2.patch
When I test with openssl 0.9.8i the rene
On Wed, 20 Jan 2010 20:33:34 -0500, "Shotton, Fred" wrote:
> I'm running apache 2.2.14 with mod_ssl using OpenSSL 0.98m-beta1. When
> renegotiating a client session, I get an error from apache:
> "Re-negotiation handshake failed: Not accepted by client" and a fatal
> "unexpected_message" alert in
Dr. Stephen Henson wrote:
>
> On Wed, Jan 20, 2010, Shotton, Fred wrote:
>
> > I'm running apache 2.2.14 with mod_ssl using OpenSSL 0.98m-beta1.
> When renegotiating a client session, I get an error from apache:
> "Re-negotiation handshake failed: Not accepted by client" and a fatal
> "unexpected_m
The ChangeLog entry:
Version 4.30, 2010.01.21, urgency: LOW/EXPERIMENTAL:
* New features
- Graceful configuration reload with HUP signal on Unix
and with GUI on Windows.
This release involves major modifications of the code.
I expect some regression issues, so please make sure to test this versi
note, also see
http://stackoverflow.com/questions/2012645/can-you-help-me-get-my-head-around-openssl-public-key-encryption-with-rsa-h-in-c
Cheers,
Ben.
On 20 January 2010 16:22, Anand Patel wrote:
> For RSA API take a look at http://openssl.org/docs/crypto/rsa.html#
> -Anand
>
>
> On Wed, Jan
Hi, all,
I am new to OpenSSL. I need some help to set up the SSL connection to the SSL
email server.
I have an application to access the email account and retrieve the emails
automatically.
Now, I find that for some email servers, eg. Gmail, the connection should be
SSL.
For the normal ema
Let me reframe the last question..
What I meant to say is, could someone provide some info on how to
test/verify whether the openSSL version has in fact been patched to confirm
whether a backport update has in fact occurred?
Thanks,
Shawn
From: owner-openssl-us...@openssl.org
[mailto:o
On Wed, Jan 20, 2010, Shotton, Fred wrote:
> I'm running apache 2.2.14 with mod_ssl using OpenSSL 0.98m-beta1. When
> renegotiating a client session, I get an error from apache: "Re-negotiation
> handshake failed: Not accepted by client" and a fatal "unexpected_message"
> alert in OpenSSL s_cli
On Wed, Jan 20, 2010, sandeep kiran p wrote:
> Hi,
>
> Can I not include a long name when specifying an OID? Here is a part of my
> openssl.cnf file.
>
> HOME = .
> RANDFILE = $ENV::HOME/.rnd
> oid_section = new_oids
>
> [ new_oids ]
>
> testoid=My Test OID, 1.2.3.4
>
> This gives bac
On Wed, Jan 20, 2010, Shotton, Fred wrote:
> I'm running apache 2.2.14 with mod_ssl using OpenSSL 0.98m-beta1. When
> renegotiating a client session, I get an error from apache: "Re-negotiation
> handshake failed: Not accepted by client" and a fatal "unexpected_message"
> alert in OpenSSL s_client
Hi,
I probably have a silly question but, I currently have a bunch of customized
Linux operating systems and on it runs OpenSSL. The version and rpm check
indicates "OpenSSL 0.9.8h 28 May 2008" which is an older version.
Furthermore, the change logs too indicate the latest update as:
OpenSS
On Thu, Jan 21, 2010 at 12:59:36AM +0100, OpenSSL wrote:
>
>The OpenSSL project team is pleased to announce the release of
>version 0.9.8m-beta1 of our open source toolkit for SSL/TLS. This new
>OpenSSL version is a security and bug fix beta release which implements
>draft-ietf-tls
Hi Dr,
I already tried using :
openssl pkcs7 -inform DER -in pkcs7.p7
It gives me the same error, which are as follows
net\chint...@symdev1:~/Symphony/Dev/system/dl/sym-licensemanager$ openssl pkcs7
-inform DER -in pkcs7.p7
unable to load PKCS7 object
11381:error:0D0680A8:asn1 encoding routines
20 matches
Mail list logo
