On Fri, Jan 08, 2010 at 10:25:06PM +, wrote:
>
> Dr.Henson, Thank you for you reminding. I am cross compiling the
> openssl into an arm board with kerberos support. My cross compiling
> for openssl is following the article written by David Sayada in
> http://www.crosscompile.org/static
Dr.Henson, Thank you for you reminding. I am cross compiling the openssl into
an arm board with kerberos support. My cross compiling for openssl is following
the article written by David Sayada in
http://www.crosscompile.org/static/pages/OpenSSL.html. Before executing my
modified Makefile, I
On Fri, Jan 08, 2010, wrote:
>
> Hi,
>
> If the openssl-0.9.8l is compatible with krb5-1.7 from MIT according to
> RFC2712? If the "OPTIONS=no-krb5" in Makefile will prevent the functions
> related with krb5-1.7? How should I modify the Makefile to handle the
> integration of the tw
This is straight out of the openssl verify program, and seems to be
exactly what you need:
static X509_CRL *load_crl(char *infile, int format)
{
X509_CRL *x=NULL;
BIO *in=NULL;
in=BIO_new(BIO_s_file());
if (in == NULL)
{
ERR_print_errors(bio_err);
goto end;
}
if (infile == NULL)
BIO_set_fp(in,st
Hi,
If the openssl-0.9.8l is compatible with krb5-1.7 from MIT according to
RFC2712? If the "OPTIONS=no-krb5" in Makefile will prevent the functions
related with krb5-1.7? How should I modify the Makefile to handle the
integration of the two security systems. Thank you.
On Fri, Jan 08, 2010, David wrote:
> Thanks. Are there any others which are mentioned under
> http://www.openssl.org/support/faq.html#PROG13 which I should be wary of
> for similar reasons?
>
Yes all of those should really only be called once on application exit. As it
says: "These internal tab
Thanks. Are there any others which are mentioned under
http://www.openssl.org/support/faq.html#PROG13 which I should be wary of
for similar reasons?
David
--
From: "Dr. Stephen Henson"
Sent: Friday, January 08, 2010 10:55 AM
To:
Subject: Re: m
On Thu, Jan 07, 2010, David wrote:
> Hi,
>
> I'm using tn3270 sessions running over SSL. I may have up to 124 sessions
> activated concurrently, although I plan to get up to 250 sessions at some
> point.
>
> Whenever the sessions are stopped and restarted, I notice intermittently that
> memo
Jeremy,
I'm not sure if I've tried the EVP_cleanup() routine. I'll give it a shot.
Thanks,
David
--
From: "Jeremy Hunt"
Sent: Thursday, January 07, 2010 5:34 PM
To: ;
Subject: Re: memory growing when using SSL connections
Hi David,
After rea
Jeremy,
Thanks for the comments. The ctx stays around for the life of the
process, so I never free it unless the process is about to exit. Only the
ssl connections are freed and new ones are created. There are multiple ssl
connections per ctx. I've actually tried using one ssl connection per
Hello,
As always, I appreciate all the help.
Based on the old message snippet below, two questions:
1) Are the session keys then used by the symmetric cipher going forward?
Or is there another step used to get those keys.
For example, if I am using 192 bit ECC, and using AES-128, what do
I use f
On 08.01.2010 07:11, Kyle Hamilton wrote:
On Thu, Jan 7, 2010 at 5:20 PM, Lou Picciano wrote:
Kyle,
Meanwhile, as we now gird our loins for the impending reversion of many big
apps on our servers (only to re-implement updates when openSSL 0.0.8m
becomes available!), is there any tweaking of a
* Dr. Stephen Henson wrote on Tue, Jan 05, 2010 at 20:26 +0100:
> Trying both types to see which (if any) worked would be one
> strategy to handle this automatically or seeing if the initial
> SEQUENCE header looked like it covered the whole file. There
> would be exceptions to both cases though.
Hi
I am trying to run speed test on my board with MPC8313E and 2.6.29 linux on
it. I am using following command : "openssl speed -evp aes-128-cbc -engine
cryptodev" It gets hanged while running.
# ./openssl speed -evp aes128 -engine cryptodev
engine "cryptodev" set.
Doing aes-128-cbc for 3s on 1
Hi David,
After reading this
[http://www.nlnetlabs.nl/downloads/publications/hsm/hsm_node21.html] ,
it occurs to me that you might need EVP_cleanup() too. You might
consider his clean_up() routine in general, or at least consider his
comments on it.
I think it is true to say that for ever
Hi David,
Off the top of my head I notice that you do not call this as part of the
cleanup: SSL_CTX_free() [
http://www.openssl.org/docs/ssl/SSL_CTX_free.html# ]
There is also this: [ http://www.openssl.org/support/faq.html#PROG13 ]
Regards,
Jeremy
David wrote:
*[safeTgram (safetgram-in
16 matches
Mail list logo
