Hallo,
I'm trying to compile openSSL for a system without network and filesystem
support.
(L4-microkernel)
Is there a kown combination of compiler options to do this?
On the moment I try it with this one
Configure linux-perseus -DOPENSSL_NO_SSL3 -DOPENSSL_NO_SSL2 -DOPENSSL_NO_T
Hi there,
One of our projects uses an OpenSSL based plug-in which, according to
the OpenSSL memory debug logs, is leaking about 585 bytes. The log is
as follows:
[10:57:19] 1856 file=err.c, line=949, thread=16384, number=332,
address=08087550
[10:57:19] 1859 file=lhash.c, line=193, thread=1638
A question:
If you use a web-mail client to access a mail server via an SSL connection,
is the entire data stream encrypted -- or only the authentication data?
Thanks for the input.
Daniel Lyman
System Administrator
Kit Carson Internet
505.770.3929
_
I created a cert and it's fine, but the client app is rejecting it because it's 5
hours off GMT Does anyone know what I need to change, (timezone settings??) so my
cert is valid now and not 5 hours from now (EST)
The call to SSL_get_verify_result(ssl) is failing w/
case X509_V_ERR_CERT_N
I figured it out... The times on the two boxes were a little out-a-wack by 10
minutes...
FYI to everybody doing their own Certs, make sure the Time is the same across the
board clients/servers.
Also, it appears that all cert time comparisions are in GMT, is this correct?
Thanks,
Fred Crable
Is anyone using openssl with Cisco VPN gadgets? I could use some instructions
(anything on the web?) with the steps involved in setting up our own CA to
test the possibilty of this. I have setup a self-signed root CA. But, what to
do next is a little unclear. Cisco's use of the term "identity certi
Daniel Lyman <[EMAIL PROTECTED]> writes:
> If you use a web-mail client to access a mail server via an SSL connection,
> is the entire data stream encrypted -- or only the authentication data?
I'm not quite sure what you mean by a web-mail client, but I
assume you mean a web browser.
As long as
Sly Upah wrote:
Is anyone using openssl with Cisco VPN gadgets? I could use some instructions
(anything on the web?) with the steps involved in setting up our own CA to
test the possibilty of this. I have setup a self-signed root CA. But, what to
do next is a little unclear. Cisco's use of the ter
You are missing calls to:
ERR_free_strings();
ERR_remove_state(0);
-Original Message-
From: Anthony Neal [mailto:[EMAIL PROTECTED]
Sent: Friday, December 12, 2003 9:32 AM
To: [EMAIL PROTECTED]
Subject: OpenSSL 0.9.7a - Small (585 byte) memory leak
Hi there,
One of our proje
Thanks for the info. We've looked at OpenCA but it utilizes
openssl so I figured it would be possible to do some command-line
testing. I think OpenSCEP is dead from what I gleaned...
hasn't been updated in quite a while anyway last time I looked.
I've looked over OpenCA and I must say, the docs are
Thanks for the response! :)
Nope, they're in there, in shutdown():
ERR_free_strings();
for_each(_threadIdCache.begin(), _threadIdCache.end(),
ERR_remove_state);
We actually maintain a cache of all threads that access the plugin and
remove the error state for them.
Unless we have to do a
> Thanks for the info. We've looked at OpenCA but it utilizes
> openssl so I figured it would be possible to do some command-line
> testing. I think OpenSCEP is dead from what I gleaned...
> hasn't been updated in quite a while anyway last time I looked.
neither had SCEP as far as I remember. I ha
Couldn't hurt to do the state(0) :)
-Original Message-
From: Anthony Neal [mailto:[EMAIL PROTECTED]
Sent: Friday, December 12, 2003 10:40 AM
To: [EMAIL PROTECTED]
Subject: Re: OpenSSL 0.9.7a - Small (585 byte) memory leak
Thanks for the response! :)
Nope, they're in there, in shutdown()
FYI - Here's my shutdown w/o any leaks... Hope this helps... make sure to check the
SSL_shutdown completes, free the context & ssl pointers ;)
void http::disco(){
int shuttries=0;
if ( m_url.isSSL() && m_ssl ) {
while(SSL_shutdown(m_ssl)==0){
// Call SSL_shutdown() ag
Jostein Tveit wrote:
Daniel Lyman <[EMAIL PROTECTED]> writes:
If you use a web-mail client to access a mail server via an SSL connection,
is the entire data stream encrypted -- or only the authentication data?
I'm not quite sure what you mean by a web-mail client, but I
assume you mean a
Hey Fred,
Thanks for the example! We seem to be doing pretty much the same shutdown (I do the
connection and context stuff in another place, but it is being
done, honest! ;) ), and I added the ERR_remove_state(0) as you suggested, but I still
get the leak. :(
Again, thanks for the help. If yo
Daniel Lyman wrote:
A question:
If you use a web-mail client to access a mail server via an SSL connection,
is the entire data stream encrypted -- or only the authentication data?
If by SSL connection, you mean the browser shows https:// in the
location, then this means the connection between you
www.web.de
provides encrypted and signed mail services for free and the connection
is encrypted by ssl
Robert Kutsch
Jostein Tveit wrote:
>Daniel Lyman <[EMAIL PROTECTED]> writes:
>
>
>
>>If you use a web-mail client to access a mail server via an SSL
connection,
>>is the entire data strea
Hello.
I'm trying to undesrtand OpenSSL API. But documentation on the web seems to be very
incomplete. Could please anybody suggest me where to look for better documentation
or easy to understand examples.
Thanks in advance
A.K.
book: Network Security with OpenSSL by Viega, Messier & Chandra (O'Reilly)
-Mike
>
>
> Hello.
>
> I'm trying to undesrtand OpenSSL API. But documentation on the web seems to be very
> incomplete. Could please anybody suggest me where to look for better documentation
> or easy to understa
Just try this, remove the debugging & memory leak check stuff & see if you still see a
leak.
-- Fred
-Original Message-
From: Anthony Neal [mailto:[EMAIL PROTECTED]
Sent: Friday, December 12, 2003 11:07 AM
To: [EMAIL PROTECTED]
Subject: Re: OpenSSL 0.9.7a - Small (585 byte) memory leak
21 matches
Mail list logo
