I see EVP_EncodeUpdate adds a newline char after every 64 chars of
output (presumably to wrap the output). Can this be disabled?
Nick
__
OpenSSL Project http://www.openssl.org
User Support
On Mon, February 18, 2013 3:04 am, Eisenacher, Patrick wrote:
Hi Joel,
Looks like your client doesn't trust the server's root CA certificate.
Try to invoke s_client with either the -CApath or the -CAfile option.
Thanks for your note.
The issue I have been reporting has never been on the
-Original Message-
From: Dave Thompson
From: owner-openssl-us...@openssl.org On Behalf Of Joel Bion
Sent: Monday, 18 February, 2013 13:57
The issue I have been reporting has never been on the client
side, as the
problem is seen when connecting into a server that is booted
On Tue, Feb 19, 2013, Eisenacher, Patrick wrote:
Additionally, try invoke s_client with the -trace and -state options to get
more human readable output. But as Dave has already pointed out, your
client's write to the socket fails, because the underlying connection was
closed down and you
On 18/02/2013 22:32, Dr. Stephen Henson wrote:
That's fine except that we're using SSL_CTX_set_verify() callback already
and the docs say it and SSL_CTX_set_cert_verify_callback() should not
be mixed.
That explanation could be clearer. In this case it's fine to mix the two.
OK, thankyou.
Thank you all for your kind help. I noticed the lack of the trace option
with 1.0.1e. Is there some way for me to check out a copy of 1.0.2
development, to see if it exhibits the same problem - and if it does, to
capture a trace?
I have not been able to progress much on this, because of other
On Tue, Feb 19, 2013, Joel Bion wrote:
Thank you all for your kind help. I noticed the lack of the trace option
with 1.0.1e. Is there some way for me to check out a copy of 1.0.2
development, to see if it exhibits the same problem - and if it does, to
capture a trace?
Any 1.0.2 snapshot
On Tue, Feb 19, 2013, Jeremy Harris wrote:
On 18/02/2013 22:32, Dr. Stephen Henson wrote:
That's fine except that we're using SSL_CTX_set_verify() callback already
and the docs say it and SSL_CTX_set_cert_verify_callback() should not
be mixed.
That explanation could be clearer. In this
Since my goal is a running system with no known security vulnerabilities ...
I have a habit of wanting to use the 'latest everything' as I check versions
of software on my server once every few weeks.
These two items contradict each other. If you want a secure system, you should
only
For anyone who happens to bump up against this, we found that it was because we
unintentionally were linking in the 64-bit fipscanister.lib into a 32-bit
application. The default on a 64-bit version of Windows is a 64-bit library.
We rebuilt as a 32-bit library and it resolved the problem.
Mr. Salz -
You bring up excellent points!
I must admit that since this is a personal server sitting in my home
(albeit used by my wife for consulting work of hers), I do allow for
contradictory goals to exist. Part of my desire is to avoid *known*
security vulnerabilities. As to the unknown ones
On Tue, Feb 19, 2013 at 03:57:00AM -0500, Nick wrote:
I see EVP_EncodeUpdate adds a newline char after every 64 chars of
output (presumably to wrap the output). Can this be disabled?
No, but the EVP_EncodeBlock() function does not generate any newlines.
You must pass it a multiple of 3-bytes
Hi!
Regarding the FIPS_selftest method. I am a little bit confused regarding
this method, according to the documentation UserGuide-2.0.pdf section 2.6.1
it should be possible to call this method. The UserGuide clearly states “*A
power-up self-test is performed automatically by the FIPS_mode_set()
Hi
I am using following sequence of x509 calls to generate self signed
certificate from existing original certificate in DER format.
X509 *cert;
X509 *orig_cert;
orig_cert = d2i_X509_fp(orignal_cert.der, NULL);
cert = d2i_X509_fp(orignal_cert.der, NULL);
/* Set Issuer
Ok, I admit I'm a newbie and has probably been answered 1000s of times -
although I haven't found the answer.
I'm trying to do something simple. I'm trying to convert a simple string
using AES-256 and the Windows WinCRYPT api and have the output be something
I can then decrypt with OpenSSL on a
On 02/19/2013 01:25 PM, Rickard Binnare wrote:
Hi!
Regarding the FIPS_selftest method. I am a little bit confused regarding
this method, according to the documentation UserGuide-2.0.pdf section
2.6.1 it should be possible to call this method. The UserGuide clearly
states “/A power-up
On Tue, 2013-02-19 at 16:48 +, Viktor Dukhovni wrote:
On Tue, Feb 19, 2013 at 03:57:00AM -0500, Nick wrote:
I see EVP_EncodeUpdate adds a newline char after every 64 chars of
output (presumably to wrap the output). Can this be disabled?
No, but the EVP_EncodeBlock() function does
On Mon, Feb 18, 2013 at 2:38 PM, Jeffrey Walton noloa...@gmail.com wrote:
Hi All,
$ uname -a
Linux ubuntu-12-x64 3.2.0-37-generic #58-Ubuntu SMP Thu Jan 24
15:28:10 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux
Any ideas?
jeffrey@ubuntu-12-x64:~/openssl-1.0.1e$ ./Configure linux-generic64
18 matches
Mail list logo