> You know you are going from something horribly out of date to something
very out of date, right?
Yes.
> Can’t you at least move to 1.0.2?
That is out of my hands and is almost entirely irrelevant to the
information I asked for and need. Even if I could upgrade to 1.0.2 the same
problem and sam
Hi Everyone,
1.
I am trying to upgrade some libraries of an older version of openssl
(~0.9.7) with the libraries of a less old version of openssl (1.0.0e).
2.
When I perform a dynamic openssl build with the following commands, I get
(among other files) a libssl.a file.
cd /joe/openssl-1.0.1e/dy
https://www.openssl.org/source/openssl-fips-2.0.16.tar.gz
>
> (c) The FIPS-140 User Guide here, which covers how to build first the FIPS
> module and then fips-enabled OpenSSL:
>
> https://www.openssl.org/docs/fips/UserGuide-2.0.pdf
>
> Andrew
>
> From: openssl-users [mailto:o
Hello Everyone,
Will someone tell me where the source code is to build this version of
openssl, please?
"OpenSSL 1.0.1e-fips 11 Feb 2013"
Thanks!
Joe
-
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Thanks, Matt!
I did not know that OpenSSL.org is the only organization that creates
CVEs for OpenSSL.
Thanks for clearing this up for me!
Joe
--
On 12/01/16 22:43, Joe Flowers wrote:
>* Hello OpenSSL Developers,
*> > >* I understand through your previous announ
Hello OpenSSL Developers,
I understand through your previous announcements that OpenSSL 0.9.8 is no
longer "supported", and no more "security fixes", nor "security updates"
will be provided by OpenSSL.org.
Does this mean that we can expect no more CVEs to be generated or listed
for OpenSSL 0.9.8
Hello OpenSSL Developers,
I understand through your previous announcements that OpenSSL 0.9.8 is
no longer "supported", and no more "security fixes", nor "security
updates" will be provided by OpenSSL.org.
Does this mean that we can expect no more CVEs to be generated or
listed for OpenSSL 0.9.
PGP?
On Wed, Nov 2, 2011 at 8:27 AM, Joe Flowers wrote:
> Hello Everyone,
>
> I would like recommendations and suggestions for encrypting a document on
> a distributed CD. I would like someone to be able to open and read the
> document only if they have a "password"
Hello Everyone,
I would like recommendations and suggestions for encrypting a document on a
distributed CD. I would like someone to be able to open and read the
document only if they have a "password" or secret string or other(?).
I understand there is a limit to how secure this really is, but I w
Thanks a lot Steve! We'll definitely be keeping Globalsign is mind.
Joe
-
On Fri, Sep 12, 2008 at 1:49 PM, Lutz Jaenicke <[EMAIL PROTECTED]>wrote:
> Hi!
>
> I have just installed a new (2048bit) certificate and key to the
> OpenSSL Project webserver. It is a wildcard certifcate for *
> We're thinking of using openssl in our company but wondering about the
version number.
Rach,
OpenSSL is a great product. It is very widely used and adopted throughout
the world. If you ripped it off the face of the planet right now, it would
be catastrophic because so many people and systems
ll the HTTP traffic they pass. My favorite is burp:
> http://portswigger.net/proxy/
> OWASP also has WebScarab:
> http://www.owasp.org/index.php/OWASP_WebScarab_Project
> or even Paros:
> http://www.parosproxy.org/index.shtml
>
> HTH.
>
> -- Matt Tesauro
>
> On Mo
Thanks Jean-Marc.
Do you think that because my OpenSSL app uses AES-256 for the cipher that
that could be the problem?
Joe
Hello everyone,
Does anyone have ideas on how I can get Wireshark to decrypt my OpenSSL
HTTPS client application data?
I can decrypt the HTTPS traffic OK to the server machine from the client
machine with Wireshark installed on the client machine, where the HTTPS
traffic is initiated from a web b
Zack,
This is what I got back from a different friend:
"
http://www.novell.com/documentation/oes/nlm_list/index.html?page=/documentation/oes/nlm_list/data/ai39ik3.html
Search for NTLS.NLM.
Novell TLS Library
* SSL stack based on OpenSSL.
* If unloaded, there is no SSL servi
.
The netware readme file makes mention of this but documentation
suggests that Code Warrior is a requirement (which I do not have).
I will take a look at the borland stuff, but I was trying to wing it
without having to purchase anything as this was a one time shot.
Thanks,
Zack
On 6/1/07, Joe Fl
Zack,
I've done a lot of NetWare programming but have never heard of a
"OpenSSL .lib for Novell Netware's CLIB library". I don't think such a
beast exists.
If you are looking to make .exe files then you can probably use the free
Borland compiler
(http://www.johnsmiley.com/cis18.notfree/smil
Gary,
Have you tried running your application in a Dependency Walker profile?
http://support.microsoft.com/kb/256872
Joe
gary clark wrote:
Hey Victor,
Thanks for the response. I dont think its an attribute
issue of dlls or files. I checked and they seem to be
ok. Not read only. The two dlls
Dr. Stephen Henson wrote:
Note that the two errors are produced when generating the WinCE makefiles
which aren't used so they can be safely ignored.
Steve,
Yeah, I noticed the "ce" warning messages too and tried to continue on
to the next step (nmake -f ms\ntdll.mak) but it failed repeatedl
Hello All-
I can't remember getting this error the last time I built OpenSSL from
source.
I saw a recent archived post where Steve said that this is caused by the
MS VC++ v6.0 SP6 environment not being setup correctly, but I'm not sure
this is the case here. This is my second development machi
Lars,
I assume you are running this inside a loop inside of main() and that is
how you can tell there is a leak?
Joe
Lars Uhlmann wrote:
Please reference http://www.openssl.org/support/faq.html#PROG13 --
> "I think I've detected a memory leak, is this a bug?"
Thanks!
It doesn't matte
Marek,
I really appreciate this code snippet **a lot**. It looks like an
excellent snippet of code...as best as I can tell.
Can anyone else please confirm that these functions (listed below) are
what I need to implement for making OpenSSL thead-safe?
No offense intended Marek. I'm just looking
David Schwartz wrote:
Make sure that you protect the SSL session with a
mutex. You are not allowed to call SSL_read and SSL_write at the same time
on the same session from different threads.
DS
David,
Does "same session" mean, same instance of an ssl object, or same
instance of a
quot;\nbuf=(%s).\0", buf);
} else {
printf("\nFatal Error!\0");
}
-
Good luck!
Joe
Steven Young wrote:
Apologies if this is a duplicate; I was messing around wi
Joe Flowers wrote:
It means the exactly same SSL function you just did with the exact
same parameters as you ust did that produced this SSL_ERROR_WANT_WRITE
return. Again, it's clearly explained in the docs.
Joe
Good grief. Pardon my grammar.
The sentence should have read:
It means
I wouldn't advise that. Read the docs:
"When calling |SSL_write()| with num=0 bytes to be sent the behaviour is
undefined."
I still stand by me first reply on this thread, as I believe it follows
directly from the docs.
Read the docs on SSL_read() and SSL_write().
SSL_ERROR_WANT_WRITE does n
Steve,
You need to put select(ready to read or write) inside each (BOTH
SSL_read() and SSL_write()) of your while loops at the beginning, and
then cycle on WANT_READ or WANT_WRITE for BOTH SSL_read() and
SSL_write() loops.
You're getting high utilization because you are not putting select
i
Joe Flowers wrote:
In any case, does it hurt anything if I try to implement these two
OpenSSL functions anyway?
And, if it's quick and easy to do, can someone sent code snippets of
implementations of these two functions?
In my parent thread, should I just call the following two Op
Help please.
I have a program/parent thread that launches 4 child threads. It's a
Win32 application that has to be linked using the /MT VC compiler option
for reasons other than OpenSSL. The parent thread calls the following
OpenSSL calls.
CRYPTO_malloc_init();
SSL_library_init();
SSL_load_e
David,
If I can get 999% guarantee, I'd be happy. Not looking for the
impossible 100%.
In any case, yes, you've pegged the heart of my real question. And, your
answer is not the one I was hoping for but it has the authoritative
flavor that I ultimately really wanted, regardless of the answer
David Schwartz wrote:
I have never done anything like this, however.
DS
H. Then, I'm curious to know at what point (between what socket
functions) you put your socket in the non-blocking state and when/if you
ever set it back to blocking?
Joe
___
I am not 100% sure I understand your question.
It is necessary that I make a very simple HTTPS "browser" in one thread
and a very simple HTTPS "server" in another thread.
I'd like to make the HTTPS "browser" thread impervious (not get hung in
a blocking state) to web servers that are rebooted
Is it "safe" to put just SSL_read() and SSL_write() inside the
non-blocking BIO regions and leaving SSL_accept(), SSL_connect(),
SSL_shutdown(), accept(), socket(), bind(), listen(), connect(),
shutdown(), close(), SSL_CTX_new(meth), SSL_new(ctx),
SSL_CTX_free(ctx), etc. in the blocking BIO re
Should I call SSL_load_error_strings() at the beginning of each thread?
Or, can I call it once in the parent thread before any child threads are
launched, so the strings are shared globally across all threads?
Thanks!
Joe
__
David Schwartz wrote:
God I hope so.. I'm right in the middle of trying to get this
non-blocking stuff to work consistently (with a timeline fast
approachingarg!) and I can't tell if it's something I am doing wrong
and what exactly that is. Too many variables to be easy.
If you
Darryl Miles wrote:
David Schwartz wrote:
I don't get it.
DS
Ah, finally something concrete.
Hey thats ok; sit back and relax. I'm sure a patch is on its way.
God I hope so.. I'm right in the middle of trying to get this
non-blocking stuff to work consistently (with a timeli
I'm watching this thread with great interest as I have not figured out
the correct way to handling OpenSSL with non-blocking sockets which are
a requirement in my case.
Can anyone expand on the correct way to handle OpenSSL over non-blocking
sockets please?
I haven't been able to find any reli
Please help me understand what's going on.
I've successfully used OpenSSL (latest released version - 0.9.7f) to
communicate with a https:// site. (See my pseudo-code at the bottom of
this message.) However, nowhere in my code is a public key for the
https:// site specified.
But, when I look at t
Mohamed:
Add an extra NULL parameter to the end of the arguments in each of these
two functions in the loadkeys.h and/or loadkeys.c files.
Joe
//---
Mohamed Nadjar wrote:
>
> I am a new user of openssl and I try to understand how it works by
> looking at the demos!
> But I have the
I am trying to port pieces of OpenSSL to NetWare.
I have been able to compile and link a program with the following
function OK.
RSA_private_decrypt(pubKeySize, input, buf_dec, privKey->pkey.rsa,
RSA_PKCS1_PADDING);
However, I would like alternative functions to
ERR_load_crypto_strings(); //We
40 matches
Mail list logo