On 9/23/2011 9:04 PM, Sulaiman Paperwalla wrote:
Hi, I am a newbie using Fedora 15 and I’m trying to install an
application via RPM that is failing on the following dependencies:
libcrypto.so.4
libldap.so.2
libssl.so.4
I have the following installed:
openssl-1.0.0e
openldap-2.4.24
And I
Hi, I am a newbie using Fedora 15 and I'm trying to install an application via
RPM that is failing on the following dependencies:
libcrypto.so.4
libldap.so.2
libssl.so.4
I have the following installed:
openssl-1.0.0e
openldap-2.4.24
And I have the following symbolic links defined for the abov
On Fri, Sep 23, 2011, Jakob Bohm wrote:
>
> Is openssl running out of bit values for SSL_OP_ constants?
>
Well more ran out of contants. When a new flag was needed for TLS v1.2 all 32
bits were used but fortunately two ancient ones were never used by anything
AFAIK so could be reassigned.
Ther
On Fri, Sep 23, 2011, brajan wrote:
>
> hi
> i installed the openssl-fips 1.2 in opensuse kernel 2.6.25.5-1.1-default
> Opensuse version 11.1. i try to run the following code . i got the illegal
> instruction ..
> and i need to knoe i installed the fips 1.2 fully..
>
Build an FIPS capable Open
hi
i installed the openssl-fips 1.2 in opensuse kernel 2.6.25.5-1.1-default
Opensuse version 11.1. i try to run the following code . i got the illegal
instruction ..
and i need to knoe i installed the fips 1.2 fully..
GDB out of my code
27 FIPS_mode_set(1);
(gdb)
31 s
On 9/23/2011 8:53 AM, Sander Temme wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sep 22, 2011, at 6:56 AM, Johan van Selst wrote:
Mounir IDRASSI wrote:
So, an OpenSSL based web server is immune from this attack, unless it
uses the flag SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS.
Which is
>
> 1. Make sure your password contains only ascii letters and digits, there
> may be
> some other chars that get encoded to different byte values on the computer
> that
> creates the .p12 and on the android.
>
for testing I've been using "password" "longpassword" and "pass". Doesn't
seem to matte
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sep 22, 2011, at 6:56 AM, Johan van Selst wrote:
> Mounir IDRASSI wrote:
>> So, an OpenSSL based web server is immune from this attack, unless it
>> uses the flag SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS.
>
> Which is exactly what Apache and some other
On 22-09-2011 17:34, Dr. Stephen Henson wrote:
...
> exptag 6
> ptag 16
> Error reading S/MIME message...
>
Well it is expecting an OID but is getting a SEQUENCE.
Looking at your ASN1 dump perhaps the OID otherRevInfoFormat isn't present?
> ...
> OtherRevocationInfoFormat ::= SEQUENCE
Hi Dave,
Thanks for spending some time for my issue. But, it seems that you have
followed the same steps that I had used earlier; but I still not been able
to enable the ciphers. I may be missing something. So can you please send me
a detailed steps on how you got those ciphers enabled.
I d
On Fri, Sep 23, 2011, alok sharma wrote:
> Hi,
> Ok I got your point. I think it will be helpful.Do you have any link or
> precedure to setup these call backs or these are just function pointers
> which needs to be initialized at ssl initialization time.
See the FAQ:
http://www.openssl.org/
Hi,
Ok I got your point. I think it will be helpful.Do you have any link or
precedure to setup these call backs or these are just function pointers
which needs to be initialized at ssl initialization time.
Regards,
Alok
On Fri, Sep 23, 2011 at 5:22 PM, Dr. Stephen Henson wrote:
> On Fri, Sep
On Fri, Sep 23, 2011, alok sharma wrote:
> Hi,
> The error message comes when we invoke SSL_accept() API. But taking
> lock on it will affect performance as it performs network operation inside
> this API (like client hello message and other). So if network is overloaded
> then mutex hold tim
Hi,
The error message comes when we invoke SSL_accept() API. But taking
lock on it will affect performance as it performs network operation inside
this API (like client hello message and other). So if network is overloaded
then mutex hold time will be too large. I have observed that in worst c
On Fri, Sep 23, 2011, alok sharma wrote:
> I am using the openssl fips version for my application.So, I have not made
> any change in openssl or Fips code. Just enabling fips and using SSL API
> exposed for client server model. But through debugger I have found that my
> application is crashing gi
I am using the openssl fips version for my application.So, I have not made
any change in openssl or Fips code. Just enabling fips and using SSL API
exposed for client server model. But through debugger I have found that my
application is crashing giving error message inside Fips_rand() at following
On Fri, Sep 23, 2011, alok sharma wrote:
> Hi,
> So is there any method on Windows to generate non-predictable
> randomnumbers. I think mostly FileSytem time is used to seed randomness
> which is failing in my case.
>
As I indicated this shouldn't be happening if you've set up locking callba
1. Make sure your password contains only ascii letters and digits, there
may be
some other chars that get encoded to different byte values on the
computer that
creates the .p12 and on the android.
2. ISTR that some other SSL implementations choke on RSA keys with certain
values of the most of l
1. make sure your server includes the intermediary VeriSign CA
(issued by the root CA, issuer of your cert) in its response for the
common case where the client only has a copy of the trusted root
CA and not the (frequently changing) intermediary CA. This cert
should appear at depth=1 in the s_cl
On Fri, Sep 23, 2011 at 4:59 AM, alok sharma wrote:
> So is there any method on Windows to generate non-predictable
> randomnumbers. I think mostly FileSytem time is used to seed randomness
> which is failing in my case.
One typically uses CryptGenRandom.
Jeff
> On Mon, Sep 19, 2011 at 4:52
Hi,
So is there any method on Windows to generate non-predictable
randomnumbers. I think mostly FileSytem time is used to seed randomness
which is failing in my case.
Regards,
Alok
On Mon, Sep 19, 2011 at 4:52 PM, Dr. Stephen Henson wrote:
> On Mon, Sep 19, 2011, alok sharma wrote:
>
> > Hi J
21 matches
Mail list logo