On Thu, Mar 25, 2010 at 06:16:22PM +0100, Gregory BELLIER wrote:
However, I didn't ask if new code was necessary in Postfix so it can be
aware of a new cipher. As you said, it's automatical. I asked if, in your
opinion, it would be necessary to build postfix (as is) against a new
OpenSSL.
Victor Duchovni a écrit :
On Wed, Mar 24, 2010 at 11:09:44AM +0100, Gregory BELLIER wrote:
if I copy an existing cipher in OpenSSL and rename it, it will act as if it
is a new cipher.
On the wire SSL ciphers have numeric ids, not names. If you rename
a cipher, it just changes how
mouss a écrit :
$ ldd /usr/local/libexec/postfix/smtpd
/usr/local/libexec/postfix/smtpd:
...
libssl.so.7 = /usr/local/lib/libssl.so.7 (0x2810a000)
libcrypto.so.7 = /usr/local/lib/libcrypto.so.7 (0x2815)
...
if you rebuild openssl but provide the same ABI, then it's ok. If
Gregory BELLIER:
At this point, you really need to step back, take a deep breath, and
use OpenSSL as-is.
As I said, it's to learn. If I do nothing then it's pointless.
What I ask is not your point on if it's relevant to do it or not because
we all know it's not.
With intense
Victor Duchovni a e'crit:
On Thu, Mar 25, 2010 at 10:31:40AM +0100, Gregory BELLIER wrote:
At this point, you really need to step back, take a deep breath, and
use OpenSSL as-is.
As I said, it's to learn. If I do nothing then it's pointless.
No need to change the OpenSSL
Hi.
if I copy an existing cipher in OpenSSL and rename it, it will act as if
it is a new cipher.
Would I need to build postfix against this new OpenSSL to be able to use
the new cipher? I think it's not required but I have a doubt.
How does the TLS negociation work ? I guess it is done by
Gregory BELLIER a écrit :
Hi.
if I copy an existing cipher in OpenSSL and rename it, it will act as if
it is a new cipher.
Would I need to build postfix against this new OpenSSL to be able to use
the new cipher? I think it's not required but I have a doubt.
How does the TLS negociation
On Wed, Mar 24, 2010 at 11:09:44AM +0100, Gregory BELLIER wrote:
if I copy an existing cipher in OpenSSL and rename it, it will act as if it
is a new cipher.
On the wire SSL ciphers have numeric ids, not names. If you rename
a cipher, it just changes how it is displayed in logs. Renaming
