On 2006-04-14, at 12.26, Nils Larsch wrote:
try a recent snapshot from the stable branch and let openssl
build shared libraries (see first problem mentioned in the
PROBLEM file).
i tried the workaround described in the PROBLEMS file with
openssl-0.9.8-stable-SNAP-20060417. openssl binary se
On 2006-02-14, at 16.44, Richard Eggert wrote:
Thanks. That worked perfectly (well, actually, it failed, but
that's what I wanted to happen). Is there any way for me to tell
within my code which SSL has been loaded, or am I pretty much stuck
having to both set the HTTPS_CA_FILE variable
On 2006-02-13, at 23.42, Richard Eggert wrote:
It seems that it first tries to load the SSL module from
Crypt::SSLeay first, and if that fails, it then tries to load
IO::Socket::SSL, which, as far as I can tell, doesn't use
HTTPS_CA_FILE (but may provide another mechanism for accomplishing
Richard Eggert wrote:
> ...
My best guess at what's happening is that mod_ssl is preloading libssl
and configuring it according to its own requirements (and mod_ssl
doesn't care about the certificates of other servers), and when my code
runs (later) under mod_perl, the variables I'm sending it
hi
I'm having problems with the OpenSSL SSL_CTX_load_verify_locations()
routine dumping core on Solaris 8 (sparc, 64-bit). I first noticed
this problem with Apache mod_ssl but it can be reproduced with a
minimal standalone C program which calls SSL_CTX_load_verify_locations
().
I've only
hi
I'm having problems with Apache 2.0.55 mod_ssl + OpenSSL on Solaris 8
(sparc, 64-bit). When I start Apache with SSL enabled the process
dumps core during initialization when client certificate verification
has been configured with a certain certificate bundle file. The can't
be reprodu
-parisc2-cc target. but it seems to compile fine
with aC++ 3.52 with the optimization level downgrade. also, makedepend
seems to be part of the imake package.
best regards,
aspa
Marko Asplund wrote:
i've upgraded my C compiler from an older version of HP aC++ to v3.52 on
HP-UX 11.0
i'm having a few problems building OpenSSL 0.9.7 on a HP-UX 11.00 machine
using the HP Ansi C compiler. here's a list of the issues i've noticed so
far (i've listed configuration options and error messages below):
1) when compiling for hpux-parisc2-cc target with no-asm option
BN_kronecker te
hi
are X509 certificate fields allowed to contain non-ASCII ISO 8859-1
characters?
--
aspa
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
On Tue, 26 Feb 2002, Lutz Jaenicke wrote:
> ...
> Hmm, hmm. I am not sure whether it is part of the assember code itself
> or of the flags.
> ...
> * As no ASFLAGS are specified, +z/+Z is nowhere set when building.
> I just tried to manually build pa-risc2.o calling
> as +Z -o pa-risc2.o pa
On Wed, 20 Feb 2002, Reiner Buehl wrote:
> it seems like you are using the wrong compiler flags. Try adding "-Ae +z"
> to your CFLAGS for the HP Ansi C-Compiler. Note that the standard compiler
> that ships with the OS can not be used! If you do not have the HP Ansi CC
> use gcc and replace the f
i'm trying to build Net::SSLeay v1.13 with OpenSSL v0.9.6c on HP-UX
B.11.00. first the compilation fails because the compiler doesn't
understand long long type used in include/openssl/bn.h include file. after
fixing this the compilation goes fine but linking fails with the following
error message
On Sun, 27 Jan 2002, Bear Giles wrote:
> ...
> Long term, it would be best to create an abstraction layer that
> would allow any backend to be used. I can think of multiple
> common storage formats: text files, DBM files, LDAP, RDBMS. But
> that's definitely not a 0.9.7 task!
why not use an ex
On Wed, 21 Nov 2001, Keary Suska wrote:
> ...
> It's your choice which to use, though the read me states that Net::SSLeay
> doesn't directly support LWP, so I imagine you will get better results with
> LWP if you use the library recommended by the author.
yes, this choice is a matter of opinion
On Tue, 20 Nov 2001, Keary Suska wrote:
> ...
> I would recommend that you remove Net::SSLeay and install Crypt::SSLeay. The
> former is no longer being maintained (and is considered deprecated), and may
> not function properly with newer openssl versions, but the latter is being
> actively maint
has anyone done an analysis of the OpenSSL PRNG which would be available
for public? i've read the Random Number Generation chapter of Peter
Gutmann's PhD thesis (The Design and Verification of a Cryptographic
Security Architecture, http://www.cryptoapps.com/~peter/06_random.pdf)
which contains a
On Wed, 25 Jul 2001, CJ Holmes wrote:
> ...
> prebind does a neat trick where is pre-resolves the location of all the
> symbols needed in the dynamic libraries used by a binary. This speeds up
> launch time dramatically. If you app is pre-bound to its dynamic libraries,
> and they are all pre-b
On Mon, 23 Jul 2001, hunter wrote:
> ...
> [agmacosx:~/openssl-0.9.6b] root# ./Configure rhapsody-ppc-cc shared
> Configuring for rhapsody-ppc-cc
> IsWindows=0
> CC=cc
> CFLAG =-O3 -DB_ENDIAN -DUSE_TOD -DPEDANTIC
> EX_LIBS =
> BN_ASM=bn_asm.o
> DES_ENC =des
On Mon, 23 Jul 2001, hunter wrote:
> no i have not, i took a previous suggestion and moved the libcryto amd
> libssl out of /usr/lib but now i get:
>
> cc -o openssl -DMONOLITH -I../include -O3 -DB_ENDIAN openssl.o verify.o
> asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o errstr.o
On Sun, 22 Jul 2001, hunter wrote:
> i used the patch and ran and received the following:
>
> [agmacosx:~/openssl-engine-0.9.6b] root# ./Configure rhapsody-ppc-cc
> shared
> Configuring for rhapsody-ppc-cc
> IsWindows=0
> CC=cc
> CFLAG =-O3 -DB_ENDIAN -DUSE_TOD -DPEDANTIC
> EX
On Mon, 23 Jul 2001, hunter wrote:
> ...
>
> cc -o openssl -DMONOLITH -I../include -O3 -DB_ENDIAN openssl.o verify.o
> asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o errstr.o
> ca.o pkcs7.o crl2p7.o crl.o rsa.o rsautl.o dsa.o dsaparam.o x509.o
> genrsa.o gendsa.o s_server.o s_clie
On Thu, 19 Jul 2001 [EMAIL PROTECTED] wrote:
> >How can I install OpenSSL on Mac OS X ? Running config it tells it does not
> >recognize the system ?
> >
> go here for some hints:
>
>
>http://www.macosxhints.com/search.php?query=openssl&mode=search&datestart=0&dateend=0&topic=0&type=stories&auth
does OpenSSL automatically resume SSL sessions on server side if the same
SSL_CTX object is used for all the client connections? or are some steps
required to enable session resumption?
what about on the client side? i've gotten the impression that the client
application needs to keep track of s
On Mon, 16 Jul 2001, Gazi Altafin wrote:
> How I'd to make a pop3+ssl server ?
do you want to implement the whole thing by yourself or are you just
looking for a pop server to use? the UW Imapd can speak pop3 over ssl:
http://www.washington.edu/imap/
--
aspa
__
On Fri, 13 Jul 2001, Noel Burton-Krahn wrote:
> That's my email. No, I didn't submit it to the Net::SSLeay
> maintainer. Sorry, I got distracted. They're welcome to it, I just
> don't know their address.
the Net::SSLeay homepage (http://www.bacus.pt/Net_SSLeay/index.html)
states Sampo Kellomä
On Wed, 6 Sep 2000 [EMAIL PROTECTED] wrote:
> when using the following combinations I got memory leaks
> by sending SSL-requests via LWP objects. I do not
> got such problems when using e.g. Net::SSLeay::get_https
> directly.
you mentioned having both Crypt-SSLeay and IO-Socket-SSL in your
envi
On Mon, 21 Aug 2000, Lutz Jaenicke wrote:
> ...
> The browsers don't have the slightest idea on the "server name". The only
> reliable information is the URL. A hostname being obtained by DNS lookup
> may already be faked by someone tampering with your DNS servers (or packets).
> A server name se
e URL used is not
https://puppa.huuhaa.org/? don't browsers match server name against the
certificate's CN field's value and not the URL through which the server is
accessed?
--
marko asplund
_
is there a way for checking the configuration options of an OpenSSL
installation?
--
aspa
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PRO
On Tue, 30 Nov 1999, Reiner Buehl wrote:
> I'd like to post some stuff to a https server from a perl script
> using client cert secured SSL v3 connections. At the moment everything
> works with server cert SSL v2 but I have no idea how to switch to
> SSL v3.
you can specify the prefered protocol
On Mon, 28 Jun 1999, Martin Kuba wrote:
> ...
> Thanks you all for help. I have found this link:
> http://www.columbia.edu/~ariel/good-certs/ns45/
> on www.openssl.org which leads to a page
> with certificates extracted from Netscape4.5
you can also try the attached perl script for exporting Net
On Wed, 26 May 1999, geoffrey wrote:
> ...
> this is the first apache+ssl server I have built; so, my knowledge
> of ssl servers, and ssl in general, is very limited. Is there an
> apache+ssl HOWTO, or a general primer on ssl servers? I would like to find
> a source of information on what t
in case someone is interested, i'm writing a perl interface (called
Net::SSL) to OpenSSL. at first, it was meant to be a Net::SSL (in Gisle
Aas's Crypt-SSLeay package) emulation library that would fix libwww-perl's
support for https scheme URLs. the library provides an interface similar
to that o
33 matches
Mail list logo