I am using:
OpenSSL 0.9.5a 1 Apr 2000
OpenSSH_2.3.1p1
OS: NetBSD 1.4.2
I get ssh-keygen errors at runtime.
Here is output of two instances:
% gdb ./ssh-keygen
(gdb) r
Starting program: ./ssh-keygen
Program received signal SIGSEGV, Segmentation fault.
0x2ddce in expand (lh=0xd3080) at
openssl/
Hi,
The problem happens most obviously when connecting large numbers
of sockets at once, and it happens on the accepting (server) side.
In the example where I have a test client application opening 500
sockets at maximum speed to a test server, almost every single
connection will get set up prop
Rodney Thayer wrote:
>
> the hardware vendors claim speeds of 300-2000 RSA operations
> per second. One would like to think that, with that sort of
> hardware, one can productively offload even an 800 MHZ CPU.
Kinda depends on what kind of "operations" I would think -- verifying
signatures with
about random numbers.
I use sun 5.6 and there are ports of the linux /dev/urandom to sun 5.6
OR you can also use... cpu info to get a fairly random number.
This method will allow your code to port to other sun boxes without
having to install the /dev/urandom
prusage_t prusage;
prstatus_t prst
Lutz
The openssl application does work just fine. I figured I would ask
here before I went and recompiled the debug on.
As for the not checking of return codes, I actually do have checks in
my code but I removed them to simplify what I was posting. Thanks for
the catch on ERR_print_errors!
On Fri, Jan 19, 2001 at 04:05:19PM -0500, Jason Scharlach wrote:
> Has anyone else had any issues with SunOS and openSSL?
I don't have SunOS, but I also do not remember having seen reports about
special problems with SunOS...
Does the openssl application work? You can use "openssl s_client ..."
the hardware vendors claim speeds of 300-2000 RSA operations
per second. One would like to think that, with that sort of
hardware, one can productively offload even an 800 MHZ CPU.
At 07:59 AM 1/19/01 -0800, David Lang wrote:
>when I was evaluating similar products a couple years ago I found tha
Title:
Help Beta Test Our Site and Be Eligible to Purchase Shares of
Future IPOs In Which We Participate**
eMedsecurities has selected you as a possible participant to help
test our online stock-trading engine for knowledge-based investing in the
Date sent: Fri, 19 Jan 2001 20:01:53 +
From: Dr S N Henson <[EMAIL PROTECTED]>
Organization: S N Henson
To: [EMAIL PROTECTED]
Subject:Re: Win32 CA signed Apache Server-Netscape .CRT Problem
Send reply to: [EM
Has anyone else had any issues with SunOS and openSSL?
I'm running OpenSSL 0.9.6 and I've written an extremely simple program
that just tries to connect to the secure port of a webserver. On my
Linux box it appears to work fine but when I run it on my SunOS box the
connect always fails. Not
"Kenneth R. Robinette" wrote:
>
>
> The .csr/.key is generated using the following commands:
>
> openssl genrsa -out server.key 1024
> openssl req -new -config /tmp/openssl.cnf -key server.key -out
> server.csr
>
> I then sign it with the openssl ca progam with a self generated/self
> signed c
well... sort of. the 7 January snapshot, which includes working
Broadcom engine support, has CryptoSwift, Compaq Atalla, nCipher CHIL and Nuron
listed. I thought there was Hifn support too?
So... I guess the list is, approximately, in alphabetical order:
Broadcom 5805
Compaq Atalla
nC
I don't see a list. Broadcom is there, but nCipher and Rainbow are not.
At 03:09 PM 1/19/01 +, you wrote:
>There's a list of supported cards in the openssl changelog at
>http://www.openssl.org/news/changelog.html
__
OpenSS
Hi Grant! Thanks for your reply.
Is your apache web server installed on a SCO unix platform? If so, did you encounter
any problems compiling openssl unto it. If you did, what were those?
I actually have the sources compiling. But for some reason the object files never get
linked to the librari
David Lang wrote:
>
> when I was evaluating similar products a couple years ago I found that it
> really didn't help to try and worry about spilling the load over to the
> main CPU.
>
> benchmarks from the time were
>
> pentium 200 linux 19 connections/sec 100% CPU
> RS/6000 233 (RISC) 29 conne
From: "Jennifer Arden" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Subject:RE: Win32 CA signed Apache Server-Netscape .CRT Problem
Date sent: Fri, 19 Jan 2001 13:21:20 -0500
Send reply to: [EMAIL PROTECTED]
No, as I state
I think with Apache server. The cert must have the extension of .pem
I hope this help
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Kenneth R.
Robinette
Sent: Friday, January 19, 2001 1:14 PM
To: [EMAIL PROTECTED]
Subject: Re: Win32 CA signed Apache S
Date sent: Fri, 19 Jan 2001 17:24:55 +
From: Dr S N Henson <[EMAIL PROTECTED]>
Organization: S N Henson
To: [EMAIL PROTECTED]
Subject:Re: Win32 CA signed Apache Server-Netscape .CRT Problem
Send reply to: [EM
I am trying to sign certificates with a future start date (Using OpenSSL
0.95a).
The documentation says that use -startdate date (which is in YYMMDDhhmmssZ
format) but ca command seems to ignore dates in the form 010601010101Z and
sets the startdate to the default current time.
Just wondering
1.
I have noted a server problem with IE 5 and keep alives. I've actually
turned off all keep alives for IE on SSL connections. That might help.
Jeff
On Fri, 19 Jan 2001, Oliver Fromme wrote:
>
> Hi,
>
> I have set up an Apache 1.3.14 + mod_ssl 2.7.1 on a box
> which acts as an https-to-http pr
Hi,
I have set up an Apache 1.3.14 + mod_ssl 2.7.1 on a box
which acts as an https-to-http proxy (i.e. it proxies https
connections from the outside world to a http server in the
intranet which is not capable of doing https itself).
It works very well, except when accessed via MS Internet
Explo
"Kenneth R. Robinette" wrote:
>
> Problem:
>
> An Unix Apache/mod-ssl server .crt/.key pair
> generated from a .csr/.key signed by a self
> generated CA Cert on 32 bit Windows will not work
> with the Netscape 4.72 client running on Linux
> Redhat 6.2.
>
> However the same .csr/.key signed by t
These are normal if you have compiled the openssl crypto libraries for Win32
with the debugging options enabled.
__
Greg Stark
Ethentica, Inc.
[EMAIL PROTECTED]
__
- Original Message -
From: "Hellan,Kim KHE" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent
when I was evaluating similar products a couple years ago I found that it
really didn't help to try and worry about spilling the load over to the
main CPU.
benchmarks from the time were
pentium 200 linux 19 connections/sec 100% CPU
RS/6000 233 (RISC) 29 connections/sec 100% CPU
install SSL accel
Have you heard of the nCipher card?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Rodney Thayer
Sent: Friday, January 19, 2001 9:52 AM
To: [EMAIL PROTECTED]
Subject: Re: Rainbow Cryptoswift cards
is there somewhere one can get a list of the supported
> is there somewhere one can get a list of the supported engine cards?
> I mean, there are vendors out there, other than Rainbow, who'd like
> to put their two milli-euro's worth into this conversation but
> that would be impolite and a commercial advertisement
The supported Crypto cards are
Dave,
See
http://www.openssl.org/docs/crypto/EVP_SignInit.html#
You should allocate the amount of storage indicated by the EVP_PKEY_size()
function. It may a little too much; the actual used is returned by
EVP_SignFinal.
_
Greg Stark
Ethentica, Inc.
[EM
> -Original Message-
> From: Rodney Thayer [mailto:[EMAIL PROTECTED]]
> Sent: 19 January 2001 14:52
> To: [EMAIL PROTECTED]
> Subject: Re: Rainbow Cryptoswift cards
>
>
> is there somewhere one can get a list of the supported engine cards?
> I mean, there are vendors out there, other tha
is there somewhere one can get a list of the supported engine cards?
I mean, there are vendors out there, other than Rainbow, who'd like
to put their two milli-euro's worth into this conversation but
that would be impolite and a commercial advertisement
(yeah, yeah, read the source. I mean a
Hi,
Just a quick question.
Is there anywhere I can find some examples of the code in use.
The code in the 'demos' directory doesn't include any of the new
calls, 'SSL_set_fd', 'SSL_connect' etc.
Any info gratefully appreciated.
Thanks
I do not know anything about the Rainbow Cryptoswift card. However, I do
know how to set it up with the nCipher card.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of
[EMAIL PROTECTED]
Sent: Friday, January 19, 2001 5:51 AM
To: [EMAIL PROTECTED]; [EMAIL P
I'd like to be able to work out the size of the signature that would be
returned by a call to EVP_SignFinal() so that I can dynamically allocate
the memory for the signature before actually calling the function.
Any info on how to do this? If I pass in a NULL pointer and 0 length,
I get a SEGV.
Problem:
An Unix Apache/mod-ssl server .crt/.key pair
generated from a .csr/.key signed by a self
generated CA Cert on 32 bit Windows will not work
with the Netscape 4.72 client running on Linux
Redhat 6.2.
However the same .csr/.key signed by the same
self generated CA Cert on Redhat 6.2 L
adrien mistretta wrote:
>
> > The cryptoswift card provides 'onboard' acceleration of SSL based
> > processing, but the card itself can only handle so many transactions per
> > second. What happens if your traffic load exceeds the cards ability?
> > can you easily 'spill' that extra work over to
Isn't there a trademark issue with the name "RC4" and thats why it's
called ARC4 or C4 in some implementations?
(I might be totally wrong here though...)
/Johan
-Original Message-
From: Rodney Thayer <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date: Thursday, January 18
[EMAIL PROTECTED] wrote:
>
> > -Original Message-
> > From: Louis LeBlanc [mailto:[EMAIL PROTECTED]]
> > Sent: 19 January 2001 12:39
> > To: [EMAIL PROTECTED]
> > Subject: Re: Rainbow Cryptoswift cards
> >
> >
> > One quick question, just so I know how to answer when this kind of
> > proj
I'm getting a Rainbow Cryptoswift card in the post today (thank you Santa,
although you are a bit late).
Does anyone have experience of setting this up with mod-ssl? If so, can you
let me know how I do it. I understand I need to use shm rather than dbm, but
how do I get openssl to recognise the
37 matches
Mail list logo
