Re: Need help in removing secp521r1 from openssl-1.1.1g and adding TLS_GREASE_BA cipher.

2021-06-30 Thread vinod mg
Hi All, Please let know if my ask is even possible. Thanks, Vinod On Tue, Jun 29, 2021 at 4:42 PM vinod mg wrote: > Hi All, > > I am bit a newbie and need some assistance in couple of things - > > 1) Supress or a way to remove secp521r1 from the currenlty installed > openssl. > 2) Add the ciph

Re: openssl 1.1.1k: missing d2i_X509 function prototype

2021-06-30 Thread Viktor Dukhovni
On Thu, Jul 01, 2021 at 01:37:14AM +, Konstantin Boyandin via openssl-users wrote: > > Actually it is still declared, via: > > > > DECLARE_ASN1_FUNCTIONS(X509) > > But I can't find the function implementation anywhere in code! > > After I build .dll version of OpenSSL 1.1.1k, I get a

Re: openssl 1.1.1k: missing d2i_X509 function prototype

2021-06-30 Thread Konstantin Boyandin via openssl-users
On 01.07.2021 08:04, Viktor Dukhovni wrote: > On Thu, Jul 01, 2021 at 12:36:10AM +, Konstantin Boyandin via openssl-users wrote: > >> OpenSSL version: 1.1.1k. >> >> I noticed that >> >> X509 *d2i_X509(X509 **px, const unsigned char **in, long len); >> >> function is no longer defined in opens

Re: openssl 1.1.1k: missing d2i_X509 function prototype

2021-06-30 Thread Viktor Dukhovni
On Thu, Jul 01, 2021 at 12:36:10AM +, Konstantin Boyandin via openssl-users wrote: > OpenSSL version: 1.1.1k. > > I noticed that > > X509 *d2i_X509(X509 **px, const unsigned char **in, long len); > > function is no longer defined in openssl/x509.h available in 1.0.x > versions, the only o

openssl 1.1.1k: missing d2i_X509 function prototype

2021-06-30 Thread Konstantin Boyandin via openssl-users
Hello, OpenSSL version: 1.1.1k. I noticed that X509 *d2i_X509(X509 **px, const unsigned char **in, long len); function is no longer defined in openssl/x509.h available in 1.0.x versions, the only one available is now X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length); Do I u

Compilation error using OpenSSL 1.1.1i

2021-06-30 Thread Jayalakshmi bhat
Hi All, We are trying to compile OpenSSL 1.1.1i on our system. It is a hybrid system. Compiler is arm -gcc for WinCE 6.0 and the module that compiles openssl is on Vxworks 5.0 abstraction. I am getting the below error. Does anyone have inputs. Any help would be appreciated. openssl/safestack.h(

Re: client certificate error

2021-06-30 Thread Paulo Wollny
Hi, thank you for the answer. can you please point the right direction for solution, please? Regarding the "look suspicious - it means your client is connecting from 127.0.0.1 and your server is also listening on 127.0.0.1 ; is this really what you have in mind? " i'm testin on my local syst

Re: Compilation issues

2021-06-30 Thread Jan Just Keijser
Hi, On 29/06/21 18:31, david raingeard wrote: Ok, here it is. It compiled mostly ok (some fixes for solaris 2.6, like inttypes.h instead of stdint). The test suite fails (dubious error). *Tls 1.2 works* just fine (*openssl s_client -connect google.com:443 -tls1_2 -trac

Re: client certificate error

2021-06-30 Thread Jan Just Keijser
Hi, On 30/06/21 00:23, Paulo Wollny wrote: Dear @ll My environment: OpenSSL 1.1.1f  31 Mar 2020 Ubuntu 20.04 Server version: Apache/2.4.41 (Ubuntu) Server built:   2021-06-17T18:27:53 My problem: connecting to a secure server requiring client certificate, i get the following error when pr