On Thu, Nov 20, 2014, Barbe, Charles wrote:
> Hello,
>
> I have noticed a small and consistent memory leak in my multithreaded openssl
> server and am wondering if somebody can help me figure out what I need to do
> to free it when my application closes. I am on OpenSSL version 1.0.1j. Here's
On Thu, Nov 20, 2014 at 10:19:32PM +, Barbe, Charles wrote:
> I can do any combination of steps 2,3 and 4 above (ie. leave some
> of them out) and I always get the same amount of memory left over
> after I shut down my application. I believe this means that this
> is some sort of global inform
> Any help would be appreciated.
This could be one of two problems. First, it could be an issue with
your code and the way you handle cleanup. To help diagnose this,
please show us your cleanup code.
Second, it could be the memory leak from the compression methods. This
is a well known problem da
Hello,
I have noticed a small and consistent memory leak in my multithreaded openssl
server and am wondering if somebody can help me figure out what I need to do to
free it when my application closes. I am on OpenSSL version 1.0.1j. Here's how
I reproduce the leak:
1) Start up my server
2) Loa
On Thu, Nov 20, 2014 at 12:16:41PM -0700, Philip Prindeville wrote:
> I'm also looking for a function to generate a fingerprint (either MD5 or
> SHA-1 digest)
> over a public key DER string.
C or command-line? On the command-line:
$ pkey_digest() {
openssl x509 -in "$1" -noout -pub
Did you ever get anywhere on this?
I’m also looking for a function to generate a fingerprint (either MD5 or SHA-1
digest) over a public key DER string.
Thanks.
On Aug 15, 2012, at 2:53 AM, Curt Sampson wrote:
> I'm designing a protocol that requests certificates for specific public
> keys kn
> Would any one be able to let me know what versions of SSL (if applicable)
> and TLS is supported in openssl 1.0.1g
>
All of them. Its up to you to trim what you don't want.
You can remove protocols (and other features) at compile time with, for example:
./config no-ssl2 no-ssl3 no-comp
Or,
> Even assuming he figures out how to tis his algorithm into Openssl, how
> would he even being to specify his custom algorithm in the cert? Wouldn't
> he have to define his own OID for the algorithm?
Yup.Getting an OID arc is pretty easy:
http://www.alvestrand.no/objectid/1.3.6.1.4.1.html
On Thu, Nov 20, 2014, Salz, Rich wrote:
> > If, I want to use my own algorithm instead of rsa or sha1 in the digital
> > certificates, is it possible ?
> > if yes then how ?
>
> I thought I answered this. It is hard work, it is not documented, you're on
> your own.
I agree with the "ha
On Thu, Nov 20, 2014 at 10:42:01PM +0530, Niraj Sorathiya wrote:
> Any API or software tool can help me ?
NO. And likely you're not even asking the right question. If you
really wish to pursue this line of inquiry, post a detailed
description of your algorithm, and why you want to extend OpenSS
On 19/11/2014 22:37, Gilles Vollant wrote:
On https://support.microsoft.com/kb/2992611 we can read
Some customers have reported an issue that is related to the changes
in this release. These changes added the following new cipher suites
to Windows Server 2008 R2 and Windows Server 2012. In orde
Hi,
Any API or software tool can help me ?
-Niraj
On 20-Nov-2014 9:06 PM, "Salz, Rich" wrote:
> > If, I want to use my own algorithm instead of rsa or sha1 in the
> digital certificates, is it possible ?
> > if yes then how ?
>
> I thought I answered this. It is hard work, it is not document
Even assuming he figures out how to tis his algorithm into Openssl, how would
he even being to specify his custom algorithm in the cert? Wouldn't he have to
define his own OID for the algorithm?
-Original Message-
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl
Should probably be asked on the OpenSSH mailing lists. My guess is that you
will need to install a newer version of OpenSSL.
-Original Message-
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of David Flatley
Sent: Wednesday, November 19, 2014 12
Hello,
Would any one be able to let me know what versions of SSL (if applicable) and
TLS is supported in openssl 1.0.1g
Thank you in advance.
> If, I want to use my own algorithm instead of rsa or sha1 in the digital
> certificates, is it possible ?
> if yes then how ?
I thought I answered this. It is hard work, it is not documented, you're on
your own.
Download OpenSSL 0.9.8f and install it somewhere it stays separate from the
RHEL system package, say /opt/openssl098f. Building it would be something like
this:
./config --prefixdir=/opt/openssl098f --openssldir=/opt/openssl098f
make
make install
Then whatever you have to do for OpenSSH to poin
> From: owner-openssl-us...@openssl.org On Behalf Of Joerg Schmitz
> Sent: Saturday, November 15, 2014 12:16
> I hope you can help me. I'm about to sign jar-files with a self created
> certificate
> using OpenSSL. The jar-File contains an old Java-Applet which Java is
> blocking
> (as long as
> From: owner-openssl-us...@openssl.org On Behalf Of Malatesh Ankasapur
> Sent: Tuesday, November 18, 2014 23:17
Note: you should post a new topic as a new message, not a reply. subject fixed
> citrix reciever using the symbolic link .pem certificate so i did c_rehash
> for my ceritficate
> 1. op
Hi,
Thanks for your suggestion..
If, I want to use my own algorithm instead of rsa or sha1 in the digital
certificates, is it possible ?
if yes then how ?
And it is like a learning exercise for me.
Regards,
Niraj.
On 19-Nov-2014 9:28 PM, "Salz, Rich" wrote:
> > I have developed one algorit
Am 19.11.14 um 17:20 schrieb Stephan Mühlstrasser:
Hi,
via X509_LOOKUP_load_file() resp. X509_LOOKUP_add_dir() I'm adding a PEM
file containing multiple CRLs and/or a directory containing hashed CRL
files to a X509_STORE.
Then I'm using the X509_verify_cert() function to verify a certificate.
A
I am trying to build Openssh 6.7p1 on a Red Hat 5.6 x86_64 system
with Red Hat openssl-0.9.8e-31, which is the latest Red Hat openssl
version. The Openssh build checks openssl versions and requires 0.9.8f.
Is there a work around for this?
Thanks.
David Flatley
_
22 matches
Mail list logo