Re: the nature of the heartbeat issue (was Re: OpenSSL Security Advisory)

On Apr 12, 2014, at 5:40 PM, Michael Tuexen wrote: >> >> "Introduced with intent" vs. "known to the NSA" -- two >> different things, right? > My statement was referring to the "Introduced with intend". Understood. I'm personally quite sure it *wasn't* introduced with intent, which is why I

Re: the nature of the heartbeat issue (was Re: OpenSSL Security Advisory)

On Apr 12, 2014, at 3:08 PM, Michael Tuexen wrote: >> > I have read the rumor. It is wrong. "Introduced with intent" vs. "known to the NSA" -- two different things, right? I don't have any direct knowledge of what goes on in the NSA, but if they don't have a whole cubicle farm full of p

Re: socket functions on fds

On Thu, 5 Jan 2012 13:45:33 + (GMT) Nathan Smyth wrote: > Can you use the standard socket functions (i.e. poll/select) on a fd > for a ssl connection? > I know you need to use the ssl_read/writes and other functions etc > to actually 'do stuff', but do the std socket state checking > funct

Re: openssl 0.9.7 and above break apache with firefox on solaris

e of a zlib size calculation change.However, the specifics are slightly different between that case and this one.-Kyle HOn 2/8/06, Dr. Stephen Henson <[EMAIL PROTECTED] > wrote:> On Wed, Feb 08, 2006, Michael Smith wrote:>> >> > A follow-up to my own post from last week.  I've

Re: openssl 0.9.7 and above break apache with firefox on solaris

tephen Henson <[EMAIL PROTECTED] > wrote:> On Wed, Feb 08, 2006, Michael Smith wrote:>> >> > A follow-up to my own post from last week.  I've done some more digging -> > hopefully this is enough for someone to offer some suggestions. > >> > I have been tryin

Re: openssl 0.9.7 and above break apache with firefox on solaris

broken SSL implementations that was found and quashed about aweek ago.  If you turn off backward-compatibility (including MSIEbroken SSL implementation), does the problem persist? -Kyle HOn 2/8/06, Michael Smith <[EMAIL PROTECTED]> wrote:> Hi there,>> A follow-up to my own post from

openssl 0.9.7 and above break apache with firefox on solaris

Hi there,   A follow-up to my own post from last week.  I've done some more digging - hopefully this is enough for someone to offer some suggestions.   I have been trying different versions of openssl with apache on solaris and sun cc.  With versions >= 0.9.7 (see below exact list of releases teste

Re: Errors with firefox

is always better not to use v2. Did u tried with SSLv23 ..? Samy Michael Smith <[EMAIL PROTECTED]> Sent by: [EMAIL PROTECTED] 07.02.2006 14:47 Please respond to openssl-users@openssl.org To openssl-users@openssl.org cc Subject Re: Errors with firefox Classificati

Re: Errors with firefox

OK I have been able to 'fix' this by adding the following directive:   SSLProtocol SSLv2  Does this suggest a buggy SSL v3 implementation in openssl on my platform?  Odd that nobody else is experiencing it.   Michael  On 1/31/06, Michael Smith <[EMAIL PROTECTED]> wrote: Hello ther

Errors with firefox

Hello thereI've previously sent this to the mod_ssl list with no success.  Sorry if you've seen it before:I have apache compiled on solaris with sun cc with mod_ssl- 2.8.25-1.3.34 and openssl-0.9.8a (I've also tried 0.9.7i and the nightly build).When accessing the site using Internet Explorer I hav