search for: changecipherspec

...vant section. If anybody has any insights they would be greatly appreciated Darren ssldump tail.. ServerHelloDone 1 5 0.1128 (0.0838) C>SV3.1(7) Handshake Certificate 1 6 0.1629 (0.0500) C>SV3.1(134) Handshake ClientKeyExchange 1 7 0.1629 (0.0000) C>SV3.1(1) ChangeCipherSpec 1 8 0.1629 (0.0000) C>SV3.1(48) Handshake 1 9 0.1677 (0.0048) S>CV3.1(1) ChangeCipherSpec 1 10 0.1677 (0.0000) S>CV3.1(48) Handshake 1 11 0.1761 (0.0084) S>CV3.1(48) application_data 1 12 0.2650 (0.0889) C>SV3.1(32) Alert 1 13 0.2651 (0.0000) S>CV3.1(32) Alert 1 0...

Hi List ;-) I consider my question to be rather simple one ... nevertheless I could not find an answer to it up to now. I have an OpenLDAP-server which is the user-db for an samba3-server. I want to use TLS for secure communication, so I created a ca for this as well as keys/certificates for my LDAP and samba-server. Informing the LDAP-server about its certificate/key is easy ... but how do I

...ort to develop a robust, commercial- grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. II. Problem Description When processing an SSL/TLS ChangeCipherSpec message, OpenSSL may fail to check that a new cipher has been previously negotiated. This may result in a null pointer dereference. III. Impact A remote attacker could perform a specially crafted SSL/TLS handshake with an application that utilizes OpenSSL, triggering the null pointer dereference...

...ort to develop a robust, commercial- grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. II. Problem Description When processing an SSL/TLS ChangeCipherSpec message, OpenSSL may fail to check that a new cipher has been previously negotiated. This may result in a null pointer dereference. III. Impact A remote attacker could perform a specially crafted SSL/TLS handshake with an application that utilizes OpenSSL, triggering the null pointer dereference...