Displaying 11 results from an estimated 11 matches for "dh_generate_parameters".
2017 Apr 26
2
[BUG] OpenSSL function has been deprecated
In src/lib-ssl-iostream/iostream-openssl-params.c a call is made to DH_generate_parameters. This function has been deprecated since OpenSSL 0.9.8. With OpenSSL 1.1 compilation will throw an error.
Not sure how to send patches, I don't even know if the patch I wrote actually works (I don't program in C, but gave it a shot anyway) but below is the patch.
--- a/src/lib-ssl-iostrea...
2017 Apr 25
0
building Dovecot in Debian 9
...liasing=2 -MT iostream-openssl-params.lo -MD -MP -MF .deps/iostream-openssl-params.Tpo -c iostream-openssl-params.c -fPIC -DPIC -o .libs/iostream-openssl-params.o
^[[91miostream-openssl-params.c: In function 'generate_dh_parameters':
^[[0m^[[91miostream-openssl-params.c:18:2: warning: 'DH_generate_parameters' is deprecated [-Wdeprecated-declarations]
dh = DH_generate_parameters(bitsize, DH_GENERATOR, NULL, NULL);
^~
^[[0m^[[91mIn file included from /usr/include/openssl/dh.h:13:0,
from /usr/include/openssl/dsa.h:31,
from /usr/include/openssl/x509.h:32,...
2017 Apr 25
2
building Dovecot in Debian 9
> On Apr 25, 2017, at 4:30 PM, Peter van der Does <peter at avirtualhome.com> wrote:
>
> The problem with making the Dovecot check for libmysqlclient.so.20 would
> be that you have have to make sure older/newer packages are also
> supported. The 20 extension is subject to changes.
>
> If I check the Oracle DEB file for Debian 9, it seems they do use the
> name
2017 Apr 26
0
[BUG] OpenSSL function has been deprecated
...arams.c
+++ b/src/lib-ssl-iostream/iostream-openssl-params.c
@@ -13,10 +13,19 @@ generate_dh_parameters(int bitsize, buffer_t *output, const char **error_r)
{
DH *dh;
unsigned char *p;
- int len, len2;
+ int len, len2, success;
+#if OPENSSL_VERSION_NUMBER >= 0x00908000L
+ success = DH_generate_parameters_ex(dh, bitsize, DH_GENERATOR, NULL);
+#else
+ success = 1;
dh = DH_generate_parameters(bitsize, DH_GENERATOR, NULL, NULL);
if (dh == NULL) {
+ success = 0;
+ }
+#endif
+
+ if (success == 0) {
*error_r = t_strdup_printf(
"DH_generate_parameters(bits=%d, gen=%d) failed: %s",...
2017 Apr 26
1
[BUG] OpenSSL function has been deprecated
...penssl-params.c
> @@ -13,10 +13,19 @@ generate_dh_parameters(int bitsize, buffer_t *output, const char **error_r)
> {
> DH *dh;
> unsigned char *p;
> - int len, len2;
> + int len, len2, success;
>
> +#if OPENSSL_VERSION_NUMBER >= 0x00908000L
> + success = DH_generate_parameters_ex(dh, bitsize, DH_GENERATOR, NULL);
> +#else
> + success = 1;
> dh = DH_generate_parameters(bitsize, DH_GENERATOR, NULL, NULL);
> if (dh == NULL) {
> + success = 0;
> + }
> +#endif
> +
> + if (success == 0) {
> *error_r = t_strdup_printf(
> "DH_gen...
2015 Nov 04
1
ssl-params: slow startup (patch for consideration)
...3 16:08:38 2015
+++ iostream-openssl-params.c Tue Nov 3 15:43:39 2015
@@ -6,5 +6,2 @@
-/* 2 or 5. Haven't seen their difference explained anywhere, but 2 is the
- default.. */
-#define DH_GENERATOR 2
@@ -14,2 +11,3 @@
DH *dh;
+ DSA *dsa;
unsigned char *p;
@@ -17,3 +15,13 @@
- dh = DH_generate_parameters(bitsize, DH_GENERATOR, NULL, NULL);
+ dsa = DSA_generate_parameters(bitsize, NULL, 0, NULL, NULL, NULL, NULL);
+ if (dsa == NULL) {
+ *error_r = t_strdup_printf(
+ "DSA_generate_parameters(bits=%d) failed: %s",
+ bitsize, openssl_iostream_error());
+ return -1;
+ }
+
+ dh = DSA_dup_...
2001 Apr 03
2
the "primes" file
In message <Pine.LNX.4.30.0104031615270.8678-100000 at holly.crl.go.jp>, Tom Holro
yd writes:
>SRP has different requirements from Diffie-Hellman. In particular,
>for SRP the generator must be primitive. It turns out that the "primes"
>file contains only safe primes with primitive generators, and is thus
>ideal for SRP, but so far in OpenSSH it has only been used for
2006 Aug 21
2
Dovecot SSL issue on Solaris 10 x64 (64-bit)
...enssl.o ssl-init-gnutls.o ../lib/liblib.a
-L/usr/local/ssl/lib -lssl -lcrypto -ldl -lsocket -lnsl -lrt -lsendfile
ld: warning: file /usr/local/ssl/lib/libcrypto.a(dh_asn1.o): wrong ELF
class: ELFCLASS64
Undefined first referenced
symbol in file
DH_generate_parameters ssl-init-openssl.o
ERR_get_error ssl-init-openssl.o
ERR_error_string_n ssl-init-openssl.o
i2d_DHparams ssl-init-openssl.o
ld: fatal: Symbol referencing errors. No output written to ssl-build-param
collect2: ld returned 1 exi...
2006 Apr 02
5
1.0.beta4 released
I haven't had yet time to read all the mails in this list which I
skipped in the last few of weeks. I'll try to get to them eventually.
This release contains several new features which haven't been fully
tested yet, such as ACLs, master users and Maildir++ quota. If you
intend to use them, test them properly first.
This is the first Dovecot release where it's supposed to work
2012 Oct 30
5
Pigeonhole 3.3 broken against Dovecot 2.1.10
...sr/local/lib/dovecot/libdovecot-storage.so: undefined reference to
`SSL_state_string_long at OPENSSL_1.0.0'
/usr/local/lib/dovecot/libdovecot-storage.so: undefined reference to
`PEM_X509_INFO_read_bio at OPENSSL_1.0.0'
/usr/local/lib/dovecot/libdovecot-storage.so: undefined reference to
`DH_generate_parameters at OPENSSL_1.0.0'
/usr/local/lib/dovecot/libdovecot-storage.so: undefined reference to
`X509_free at OPENSSL_1.0.0'
collect2: ld returned 1 exit status
make[3]: *** [sieve-dump] Error 1
make[3]: *** Waiting for unfinished jobs....
--
Daniel
2017 Aug 25
3
trouble compiling Dovecot 2.2.31 on Solaris 10 SPARC - libssl_iostream_openssl.so is not portable!
....so
SSL_use_PrivateKey ../lib-ssl-iostream/.libs/libssl_iostream_openssl.so
SSL_get_peer_certificate ../lib-ssl-iostream/.libs/libssl_iostream_openssl.so
SSL_CIPHER_get_bits ../lib-ssl-iostream/.libs/libssl_iostream_openssl.so
SSL_CIPHER_get_name ../lib-ssl-iostream/.libs/libssl_iostream_openssl.so
DH_generate_parameters ../lib-ssl-iostream/.libs/libssl_iostream_openssl.so
sk_value ../lib-ssl-iostream/.libs/libssl_iostream_openssl.so
PEM_X509_INFO_read_bio ../lib-ssl-iostream/.libs/libssl_iostream_openssl.so
X509_NAME_oneline ../lib-ssl-iostream/.libs/libssl_iostream_openssl.so
ERR_get_error_line_data ../lib-ssl-io...