Re: [openssl-users] default cipher suit

2016-02-28 Thread John Hunter
ok, thanks :) On Sun, Feb 28, 2016 at 10:33 PM, Salz, Rich wrote: > If no cipher suite is named, then the value of DEFAULT will be used. What > that is depends on which version of OpenSSL is used. > > > > -- > > Senior Architect, Akamai Technologies > > IM: richs...@jabber.at

[openssl-users] "These are not the patches you are looking for"

2016-02-28 Thread Salz, Rich
We recently posted some patches to to our public repo. Since they came out just before the announced security release, many people have been confused and thought that perhaps we posted CVE fixes prematurely. This is not the case. The commit were for fixing low-priority CVE issues, and

Re: [openssl-users] upgrade to 1.0.1r breaks script that worked for years. Config issue?

2016-02-28 Thread lists
On 02/24/2016 08:50 PM, Dr. Stephen Henson wrote: On Wed, Feb 24, 2016, lists wrote: extensions = x509v3 [ x509v3 ] keyUsage = digitalSignature extendedKeyUsage = clientAuth,emailProtection crlDistributionPoints = URI:http://ldap.secure-edge.com/secure-edge-ca.crl

Re: [openssl-users] upgrade to 1.0.1r breaks script that worked for years. Config issue?

2016-02-28 Thread lists
On 02/24/2016 07:46 PM, Kurt Roeckx wrote: On Wed, Feb 24, 2016 at 05:22:08PM +0100, lists wrote: Before I try some heavy debugging, does anybody know of a change from version 1.0.1e to 1.0.1r that would prevent the commands above from working? Can you try reverting commit

Re: [openssl-users] default cipher suit

2016-02-28 Thread Salz, Rich
If no cipher suite is named, then the value of DEFAULT will be used. What that is depends on which version of OpenSSL is used. -- Senior Architect, Akamai Technologies IM: richs...@jabber.at Twitter: RichSalz From: John Hunter [mailto:zhjw...@gmail.com] Sent: Sunday, February 28, 2016 8:11 AM

[openssl-users] default cipher suit

2016-02-28 Thread John Hunter
Hi guys, I have noticed that SPICE protocol use the openssl to provide secure transfer, and it can be named a cipher-suit, I'm wondering if I didn't specify any cipher-suit, which cipher suit will be used in that scene. BR, Zhao -- openssl-users mailing list To unsubscribe:

Re: [openssl-users] PEM_read and write SSL_SESSION

2016-02-28 Thread Shubham Chauhan
Okay so I have been trying to store session details in a file, haven't used BIO for now, but I guess my present method should work fine. This is on the server side - FILE * filePtr; char fileString[128]; sprintf(fileString, "/home/session_id"); if ((filePtr =

Re: [openssl-users] [openssl-dev] Failed TLSv1.2 handshake with error 67702888--bad signature

2016-02-28 Thread Dr. Stephen Henson
On Sun, Feb 28, 2016, Nounou Dadoun wrote: > > We're cross-compiling on a linux x86 vm, does "make test" produce something > that I can run on the target? "make test" wont be very useful then. The binary test/sha512t you can copy to the target and run it. I'd be interested in the output.