That is what I guessed, but I could not figure out the execution path from
X509_verify_cert() to this call. Actually I could not find out how
ctx->param->purpose in check_chain_extensions() is set which leads to call
X509_check_purpose().
By the way, shouldn't checking on 'ca' be called before
Hello OpenSSL gurus,
I found in my sendmail-8.14.7/Fedora-18-i386 queue undelivered mails,
log say 'TLS handshake failed', and when I captured traffic between
mine and destination mailserver, I got result as in attached text export
from wireshark.
And when I tried:
openssl s_client -starttls smt
This is the promised update to my message of February 4. As before, if
you don't know what FIPS 140-2 is then ignore this and count yourself lucky.
Effective Jan 1 some new FIPS 140-2 validation requirements were
introduced that failed to take into consideration the impact on "change
letter" updat
On Tue, Apr 01, 2014 at 10:01:16AM -0400, Jeffrey Walton wrote:
> > However, alternative flags that achieve the same effect are available:
> >
> > To build a library whose SONAME involves an rpath:
> >
> > $ cc -shared -Wl,-flat_namespace -Wl,-undefined,dynamic_lookup \
> > -Wl,-instal
On Tue, Apr 1, 2014 at 9:24 AM, Viktor Dukhovni
wrote:
> On Tue, Apr 01, 2014 at 05:37:05AM -0400, Jeffrey Walton wrote:
>
>> You can download OpenSSL, `./Configure darwin64-x86_64-cc`, `make`,
>> and then `sudo make install`. Your updated version will be located in
>> `/usr/local/ssl`.
>>
>> Usin
> From: owner-openssl-us...@openssl.org
> [mailto:owner-openssl-us...@openssl.org] On Behalf Of Bin Lu
> Sent: Monday, 31 March, 2014 16:34
>
> During SSL handshake with client cert auth, is openssl checking the key
> usages,
> such as digital signature, non-repudiation etc, for the client cert
On Tue, Apr 01, 2014 at 05:37:05AM -0400, Jeffrey Walton wrote:
> You can download OpenSSL, `./Configure darwin64-x86_64-cc`, `make`,
> and then `sudo make install`. Your updated version will be located in
> `/usr/local/ssl`.
>
> Using it in programs can be tricky, though. Apple's linkers do not
On Mon, Mar 31, 2014 at 01:15:47PM -0600, Landen Landens wrote:
> How do I verify the modulus of an openssl Elliptic Curve Cryptography (ECC)
> private key?
Elliptic curve keys don't have a "modulus", that's a property of RSA
keys.
> If this were RSA, I would run:
> openssl x509 -noout -modulus
On Tue, Apr 01, 2014, John Craft wrote:
> I am tasked with running CAVP test vectors for OpenSSL. I have
> encountered an issue with DRBG and am wondering if anyone has advice.
>
Try the fips_drbgvs.c source from the OpenSSL-fips-2_0-dev branch. This
determines the required output length by pa
Hello,
I have seen your update. Try Using SSLv3_client_method() instead of
SSLv23_client_method(),if you did not try it previously.
Refer this Link
https://rt.openssl.org/Ticket/Display.html?id=2240&user=guest&pass=guest
Regards
Gangadhar
--
View this message in context:
http://openssl.6102
On Mon, Mar 31, 2014 at 3:18 PM, Landen Landens wrote:
> My Mac still has OpenSSL 0.9.8. How may I update this to the latest stable
> version?
You can't because 0.9.8 and 1.0.1 are *not* binary compatible.
You can download OpenSSL, `./Configure darwin64-x86_64-cc`, `make`,
and then `sudo make in
Darwinports.
--
Erwann ABALEA
Le 31/03/2014 21:18, Landen Landens a écrit :
My Mac still has OpenSSL 0.9.8. How may I update this to the latest
stable version?
I believe the latest stable version is at least 1.0.01
__
Open
Just to add more details, here are the replies that my code prints out, when
trying to connect to smtp.gmail.com:587
*220 mx.google.com ESMTP x3sm39000551eep.17 - gsmtp
//EHLO//
250-mx.google.com at your service, [80.149.109.201]
250-SIZE 3588257
sorry for the late reply. I was on vacation.
Unfortunately, I returned and could not find the managed switch anymore.
Someone must've taken it. So I won't be able to post a .pcap file, since I
cannot remote capture.
However, it seems I managed to get rid of the "unknown protocol" error. I
was usi
I am tasked with running CAVP test vectors for OpenSSL. I have
encountered an issue with DRBG and am wondering if anyone has advice.
When OpenSSL was originally validated, the DRBG test only required 1
blocksize of output. Now, the default length is 4 blocks unless otherwise
requested. I have
How do I verify the modulus of an openssl Elliptic Curve Cryptography (ECC)
private key?
If this were RSA, I would run:
openssl x509 -noout -modulus -in certificateFileName.crt | openssl md5
openssl rsa -noout -modulus -in privateKeyFileName.key | openssl md5
openssl req -noout -modulus -in csrFil
My Mac still has OpenSSL 0.9.8. How may I update this to the latest stable
version?
I believe the latest stable version is at least 1.0.01
17 matches
Mail list logo
