{SSL,SSL_CTX}_set_tmp_{ecdh,dh,rsa}_callback userdata

2012-11-27 Thread Karel Sedláček
It would be nice to have these in the same way as SSL_CTX_set_default_passwd_cb_userdata. k __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@opens

Re: Is PKCS5_PBKDF2_HMAC() thread safe?

2012-11-27 Thread Jeffrey Walton
On Mon, Nov 26, 2012 at 5:59 PM, Bill Durant wrote: > Hello: > > Is PKCS5_PBKDF2_HMAC() thread safe? See the "Is OpenSSL thread-safe?" under the PROG section: http://www.openssl.org/support/faq.html. Jeff __ OpenSSL Project

OpenSSL test for SSL renegotiation

2012-11-27 Thread Hermes Flying
How can I test if my server is vulnerable for SSL renegotiation?  I tried the following (using `OpenSSL 0.9.8j-fips 07 Jan 2009`:    `openssl s_client -connect 10.2.10.54:443`  I see it connects, it brings the certificate chain, it shows the server certificate, and last:      SSL handshake

Strange output of -purpose with the x509 command

2012-11-27 Thread Mat Arge
Hello! I have a certificate, which is supposed to be used for s/mime signatures and tls-client authentication: Certificate: Data: Version: 3 (0x2) Serial Number: 157 (0x9d) Signature Algorithm: sha1WithRSAEncryption Issuer: CN=Foo Validity Not