Thanks for the reply. But I have already tried that option. It does not
work. I still get the same error.
On Wed, Jul 18, 2012 at 9:24 PM, Jijo wrote:
> you can enable using this directive SSLInsecureRenegotiation
>
> please refer
> http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslinsecurer
you can enable using this directive SSLInsecureRenegotiation
please refer
http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslinsecurerenegotiation
documentation.
On Mon, Jul 16, 2012 at 11:37 AM, Sebastian Raymond wrote:
> Hello,
>
> I was investigating the SSL renegotiation in Openssl.
>
> W
is even a
> word but I hope you know where I'm going with this...
>
> Saju
> -Original Message-
> From: owner-openssl-us...@openssl.org
> [mailto:owner-openssl-us...@openssl.org]on Behalf Of Eisenacher, Patrick
> Sent: Tuesday, February 02, 2010 9:07 AM
> To:
acher
> -Original Message-
> From: owner-openssl-us...@openssl.org
> [mailto:owner-openssl-us...@openssl.org] On Behalf Of Saju Paul
> Sent: Tuesday, February 02, 2010 4:24 PM
> To: openssl-users@openssl.org
> Subject: RE: SSL renegotiation clarifications
>
>
> Thank you
--Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org]on Behalf Of Eisenacher, Patrick
Sent: Tuesday, February 02, 2010 9:07 AM
To: 'openssl-users@openssl.org'
Subject: RE: SSL renegotiation clarifications
Hi Saju,
-Original Message-
Fro
Hi Saju,
-Original Message-
From: Saju Paul
Who as in Sender-encrypter or Receiver-decrypter should renegotiate an SSL
session? Can it be both or is it only the Sender? Is there a document that
describes the protocol?
Does renegotiation always require SSL handshake? (SSL_do_handshake)
> I noticed the custom server application I have to
> connect to tends to change connection port after a
> first handshake has been performed.
What does that mean?
> I disagree with the server application administrator
> which states this is a normal behaviour due to SSL
> regonation.
Hello,
> I noticed the custom server application I have to
> connect to tends to change connection port after a
> first handshake has been performed.
>
> I disagree with the server application administrator
> which states this is a normal behaviour due to SSL
> regonation.
My guess is that is rat
Hello,
> > Application layer do not see this.
>
> Right, that's why I suggested making it visible to the application
> layer.
> The application layer already has to have code to handle excessive load
> because there are many ways to place load that are not visible at the SSL
> layer. Bette
> > Real-world servers already do this. It's kind of redundant
> > for OpenSSL to
> > do this as well because almost all applications also support non-SSL
> > connections. A renegotiation callback might not be a bad idea though, so
> > that applications can better track the load clients are pl
Hello,
> > You can, for example, test this with command:
> >
> > "while true; do echo R; done | openssl s_client -connect ssl_host:443"
> >
> > Maybe there should be added something like "renegotiation_rate" ?
>
> Real-world servers already do this. It's kind of redundant for OpenSSL
> to
>
> You can, for example, test this with command:
>
> "while true; do echo R; done | openssl s_client -connect ssl_host:443"
>
> Maybe there should be added something like "renegotiation_rate" ?
Real-world servers already do this. It's kind of redundant for OpenSSL
to
do this as well becau
On Fri, Sep 21, 2001 at 10:09:37AM +0100, Andy Schneider wrote:
> This patch works. However it is also worth noting that my tests expose a
> minor caveat. If a client and server request handshakes thus:
>
> Server:
> Read
> Renegotiate
> Read
> Write
>
> Client:
>
}
while (skip_message);
> -Original Message-
> From: Bodo moeller [mailto:[EMAIL PROTECTED]]
> Sent: 21 September 2001 00:59
> To: [EMAIL PROTECTED]
> Cc: Andy Schneider
> Subject: Re: SSL renegotiation and SSL_bio (more data)
>
>
> Andy Sch
Bodo moeller <[EMAIL PROTECTED]>:
> Andy Schneider <[EMAIL PROTECTED]>:
>> I applied the patch and it has allowed me to perform a handshake even
>> when there are writes in-flight. [...]
> Please try the following patch instead. This should remove the cause
> of the problem.
Eric noticed that
Andy Schneider <[EMAIL PROTECTED]>:
> I applied the patch and it has allowed me to perform a handshake even
> when there are writes in-flight. For the record then (and those who have
> wrestled with SSL_renegotiate and have found this through a search):
>
> 1) I use SSL_renegotiate () and SSL_re
Lutz Jaenicke <[EMAIL PROTECTED]>:
> There exists an address "[EMAIL PROTECTED]", but in fact the
> email is just forwarded to openssl-dev. Therefore, please send bug
> bug reports to [EMAIL PROTECTED]
No, to openssl-bugs please (which can be treated specially by programs
such as procmail).
On Thu, Sep 20, 2001 at 06:43:23PM +0100, Andy Schneider wrote:
> BTW: I don't know if there is an official bug fix channel.
There exists an address "[EMAIL PROTECTED]", but in fact the
email is just forwarded to openssl-dev. Therefore, please send bug
bug reports to [EMAIL PROTECTED]
If a bug is
ic as above.
Regards,
Andy.
BTW: I don't know if there is an official bug fix channel.
-Original Message-
From: Eric Rescorla
Sent: Thu 9/20/2001 5:52 PM
To: [EMAIL PROTECTED]
Cc:
Subject: Re: SSL renegotiation and SSL_bio (more data)
"Andy Schneider&quo
"Andy Schneider" <[EMAIL PROTECTED]> writes:
> It looks like although it has the right data and probably the right
> frame (since it gets the MAC correctly) the client is in some state
> where it isn't using the correct data to compute the MAC. Anyone any
> hints as to why this maybe?
[...lots of
sounds like you are using the wrong IV but the correct key.
> -Original Message-
> From: Andy Schneider [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 20, 2001 11:54 AM
> To: [EMAIL PROTECTED]
> Subject: RE: SSL renegotiation and SSL_bio (more data)
>
>
&
-
From: Eric Rescorla
Sent: Thu 9/20/2001 4:09 PM
To: [EMAIL PROTECTED]
Cc:
Subject:Re: SSL renegotiation and SSL_bio (more data)
"Andy Schneider" <[EMAIL PROTECTED]> writes:
> With further instrumentation I can see what happens. The server sends
> the serve
"Andy Schneider" <[EMAIL PROTECTED]> writes:
> [1 ]
> I failed to get SSL BIO working. However I can get renogitiation working
> if I use the SSL_* functions and (when I need to) do the renegotiation
> calls _before_ an SSL_write from the server to the client. If I do the
> calls before an SSL_re
I failed to get SSL BIO working. However I can get renogitiation working
if I use the SSL_* functions and (when I need to) do the renegotiation
calls _before_ an SSL_write from the server to the client. If I do the
calls before an SSL_read I get problems. Can anyone confirm that
renegotiation shou
24 matches
Mail list logo
