Hi All,
[Feel free to point me to an FAQ if I missed one; google did not yield any
useful result neither]
I tried to build OpenSSL from source but after the compilation, the make test
returns errors.
Where should I start to find what my problem could be? Could the fact that I
have a previous
On 2/22/06, Chris <[EMAIL PROTECTED]> wrote:
Decryption seg faults without e and is incorrect with e:
Seems strange to seg fault, doesn't it know something is
missing/incorrect? Does RSA_new not initialize the structure to a
clean state? Wouldn't an error be appropriate here?
OK, I worked this o
On Wed, 22 Feb 2006, Dusty Hendrickson wrote:
I've never really dealt with signals before, but I will definitely look into
it. Thanks for the heads up. Any idea if there is a way to circumvent this
in a cross-platform nature?
#if defined(unix)
{struct sigaction act;
act.sa_handler = SIG_
Most SMTP clients send client certificates even when the signing CA isnot solicited. The Postfix SMTP server does not complain if the client
certificate verification fails. The key issue is coding the server-sideverification callback correctly, so that the session is not rejecteddespite the unverif
I've never really dealt with signals before, but I will definitely look into
it. Thanks for the heads up. Any idea if there is a way to circumvent this
in a cross-platform nature?
Dusty
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kyle Hamilton
Sent:
On Mi, 22 Feb 2006, Kyle Hamilton wrote:
> (There's a list of wiki
> hosts at
> http://en.wikibooks.org/wiki/Wiki_Science:How_to_start_a_Wiki#.22Hosted_wiki.22_and_Wiki_hosts
> -- I haven't looked at them, except to say that I don't believe
> wikicities would be a good choice for this project.)
Chances are, you received a SIGPIPE. If not caught, that's a fatal
signal. (SIGPIPE occurs when you try to write to a socket that has
been closed by the other end.)
-Kyle H
On 2/22/06, Dusty Hendrickson <[EMAIL PROTECTED]> wrote:
> We currently have an SSL client/server setup that uses a basic
MediaWiki requires a MySQL backend, but it runs quite well and has a
fairly decent set of design templates included with it. (It's what
powers Wikipedia, among others.)
A wiki is, by its very nature, a multi-page, document-hotlink system.
This makes distilling it down for a paper publication muc
Hi,
On Mi, 22 Feb 2006, Jeff Wiegley wrote:
> Georg, I liked the idea for an advanced beginners HOWTO a lot. I
>am willing to organize or help with this.
yes, me too.
But - the idea now has a lot of strength and speed, but do the "old-men"
of
OpenSSL really want such a way? I don't know
We currently have an SSL client/server setup that uses a basic "send
request, receive response" architecture. In one scenario, we did something
similar to the following:
-
Client:
1. Send request
2. Delete connection
Server:
1. Wait for connection
2. Process request
On Wed, Feb 22, 2006 at 11:52:11AM -0700, Ken Johanson wrote:
> Apple/Safari browsers (all current versions) have a bug where if they
> attempt to connect to a SSL client-authenticated website, and have
> client certs in their keystore whos signers/chain is not solicited
> during SSL handshake.. t
I'm having a bit of trouble creating and using RSA keys from raw data.
I have the public exponent(e), public modulus(n), and private modulus(d).
Encryption seems to work (don't know for sure):
RSA* rsa = RSA_new();
rsa->e = BN_bin2bn(pubexp, pubexp_len, rsa->e);
rsa->n = BN_bin
Kyle,
That response was AWESOME! Though it did raise more questions
that I'll ask in a later post after I've digested more and tried
to play with some of the stuff you mentioned. (And you're right,
suffering is no reason to be rude. Sorry.)
Georg, I liked the idea for an advanced beginners HOW
Apple/Safari browsers (all current versions) have a bug where if they attempt to connect to a SSL client-authenticated website, and have client certs in their keystore whos signers/chain is not solicited during SSL handshake.. then Safari may send the unsolicited cert anyway.
This is a problem even
Reinstalled my MinGW and it works now. :)
--sk
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Dr.
> Stephen Henson
> Sent: Sonntag, 12. Februar 2006 02:20
> To: openssl-users@openssl.org
> Subject: Re: OpenSSL for Mingw
>
>
> On Sun, Feb 12, 20
I would be grateful if someone could help
me.
I have tried to parse the attached pkcs12 file
using the code below and openssl 0.9.8a. The PKCS12 file contains a private key,
the corresponding certificate and a root CA certificate. All of them have a
localKeyID field, which is the same in t
Title: Message
I have created a
program in Delphi that accesses a MYSQL database on an ISP's server. My
question is: Will open-ssl allow me to use a security certificate between
my application and the MYSQL server? If the answer is yes, could someone
point me in the right direction, so I
On Wed, Feb 22, 2006 at 03:34:05AM -0700, :
~> > Ok, but I need to know its upper bound limit in order to reject bad headers
~> > where the skey_len is > of the maximum allowed value.
~> > What is it for a key of 1024 bits?
~> > 700 bytes are sufficient?
~>
~> My "best-practice" suggestion is to n
On Wed, Feb 22, 2006, Alpt wrote:
> On Tue, Feb 21, 2006 at 01:49:25PM +0100, :
> ~> The way you are supposed to use this stuff is to first get the length, then
> ~> allocate enough memory and finally write out the encoding.
> ~>
> ~> It isn't a good idea to make assumptions about the maximum siz
Best to ask the client to sign off on it -- explain that he (it, in
the case of a corporation) benefitted from the technology, and
benefitted from you writing it to understand the technology, and that
it would a) retain a 'some material contributed by' acknowledgement,
thus being a form of free adv
Hi Kyle,
> > I had that exact thought and have already written such a
> document. It
> > is by no means complete so I haven't attempted to
> submit/publish it yet.
>
> Why not post what you've got, and we can work on it?
It was prepared while I was working for a client although I have
modifi
Just a comment, in-line...
On 2/22/06, Mark <[EMAIL PROTECTED]> wrote:
> Hi Jeff,
> > > The only thing I can offer is that if you help me then I
> > will attempt
> > > to write a very detailed and accurate description of the process so
> > > that newbs like me don't have such a difficult time adop
I've been trying to take a bit of load off of Dr. Henson, cuz he has
other work to do. I can't contribute to him financially,
unfortunately, but I do have what I think is a lot of knowledge on the
topic, and am willing to help out as much as I can.
However, there are some questions that only he c
Hi Jeff,
It sounds like you are going through exactly the same process I went
through a while back. I thoroughly emphasise!
It looks like you have already had a very thorough answer to your
questions so I'll let you digest these for now :-)
> > The only thing I can offer is that if you help me
Hi Kyle,
On Mi, 22 Feb 2006, Kyle Hamilton wrote:
[lots of interesting stuff snipped]
let me jump into your thread for a short remark.
Kyle, thank you very much for your patience with such rookies like myself and
maybe Jeff. As you wrote:
> The nomenclature of this stuff IS COMPLICATED. Th
On 2/21/06, Alpt <[EMAIL PROTECTED]> wrote:
> On Tue, Feb 21, 2006 at 01:49:25PM +0100, :
> ~> The way you are supposed to use this stuff is to first get the length, then
> ~> allocate enough memory and finally write out the encoding.
> ~>
> ~> It isn't a good idea to make assumptions about the max
Don't worry about the newb questions, and I can help you answer them.
I will reply inline, and I'm going to clear the background information
so that the answers I give you will be more readable. (I am, however,
going to take the background information into account.)
On 2/21/06, Jeff Wiegley <[EM
27 matches
Mail list logo
