> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
> Daniel-Constantin Mierla
> Sent: Monday, April 01, 2019 03:41
>
> 4) kamailio forks and each process is using its own SSL_CTX structure for
> accepting or
> connecting over tls -- each child process will also reconne
Hello,
> What had produced the signatures?
I received word from my end that the signatures may have been produced by
OpenSSL 1.0.2 (no idea which letter release) in the Cygwin environment but
I cannot confirm this.
> On Apr 2, 2019, at 11:17 AM, Jeremy Harris wrote:
>
> If I understand right from rfc5077 the next record from the server after
> the server-hello should have been an empty session_ticket, if it was
> going to accept the resumed session. But it goes on to a full handshake
> instead.
>
> Is the
On Tue, Apr 02, 2019 at 10:54:43AM +0100, Jeremy Harris wrote:
> > This is incorrect use of the api. You need to provide a NULL
> > buffer, obtain the length, then call again, after allocating
> > a buffer of the requisite size.
>
> Thanks (again). Perhaps a note of this in the manpage
> would
On Tuesday, 2 April 2019 15:02:29 CEST Srinivasan T wrote:
> Hi Team,
>
> Recently we have upgraded to CentOS 7.6.1810 and the OpenSSL comes along
> with CentOS 7.6 is openssl-1.0.2k-16.el7_6.1.x86_64. We understand there
> are no updates available / backported in CentOS 7.6 mirrors beyond
> opens
Matt Caswell wrote:
> Using the cert/data files you provided me off-list (thanks), I was able to
> confirm the above and narrow it down further to the following commit:
What had produced the signatures?
> In some cases, the damage is permanent and the spec deviation and
> securi
Hi Team,
Recently we have upgraded to CentOS 7.6.1810 and the OpenSSL comes along
with CentOS 7.6 is openssl-1.0.2k-16.el7_6.1.x86_64. We understand there
are no updates available / backported in CentOS 7.6 mirrors beyond
openssl-1.0.2k.
Can we upgrade OpenSSL to 1.0.2r (for CVE fixes)? Is it rig
On 02/04/2019 10:44, Matt Caswell wrote:
On 01/04/2019 22:23, Steffen wrote:
Hello,
I believe that I have narrowed the problem down to one specific version of
OpenSSL. Version 1.1.0b works as expected while OpenSSL 1.1.0c does not.
Using the cert/data files you provided me off-list (thanks),
Hello Matt,
Thank you for looking into this!
So it seems like I have to figure out why the signatures are incorrectly
formatted and then fix it at every source if possible, or convert the
structures somehow if it can be done correctly. The only immediate solution
I can see is to downgrade to Open
On 02/04/2019 00:31, Viktor Dukhovni wrote:
>> len = i2d_SSL_SESSION(ss, &sess_asn1);
>
> This is incorrect use of the api. You need to provide a NULL
> buffer, obtain the length, then call again, after allocating
> a buffer of the requisite size.
Thanks (again). Perhaps a note of this in the
On 01/04/2019 22:23, Steffen wrote:
> Hello,
>
> I believe that I have narrowed the problem down to one specific version of
> OpenSSL. Version 1.1.0b works as expected while OpenSSL 1.1.0c does not.
Using the cert/data files you provided me off-list (thanks), I was able to
confirm the above an
11 matches
Mail list logo
