search for: tls

Displaying 20 results from an estimated 7173 matches for "tls".

Did you mean: tlb
2018 Jun 25
0
[PATCH nbdkit] tls: Implement Pre-Shared Keys (PSK) authentication.
.../docs/nbdkit.pod.in index 42e6e6b..80d1ecd 100644 --- a/docs/nbdkit.pod.in +++ b/docs/nbdkit.pod.in @@ -11,7 +11,7 @@ nbdkit - A toolkit for creating NBD servers [--newstyle] [--oldstyle] [-P PIDFILE] [-p PORT] [-r] [--run CMD] [-s] [--selinux-label LABEL] [-t THREADS] [--tls=off|on|require] [--tls-certificates /path/to/certificates] - [--tls-verify-peer] + [--tls-psk /path/to/pskfile] [--tls-verify-peer] [-U SOCKET] [-u USER] [-v] [-V] PLUGIN [key=value [key=value [...]]] @@ -288,6 +288,12 @@ support). See L</TLS> below. Set th...
2019 Jul 30
1
[nbdkit PATCH v2] tests: Accommodate qemu-img 4.1 output change
...n number without worrying about what comes after the number. Signed-off-by: Eric Blake <eblake@redhat.com> --- We could still use jq if desired, but it was easy enough to let these tests pass instead of skip when jq is not present. tests/test-ip.sh | 10 ++++++---- tests/test-nbd-tls-psk.sh | 6 +++--- tests/test-nbd-tls.sh | 6 +++--- tests/test-tls-psk.sh | 7 +++---- tests/test-tls.sh | 7 +++---- tests/test-truncate3.sh | 4 ++-- 6 files changed, 20 insertions(+), 20 deletions(-) diff --git a/tests/test-ip.sh b/tests/test-ip.sh index 636d3d3f..5a00a2...
2018 Jun 25
1
[PATCH v2 nbdkit] tls: Implement Pre-Shared Keys (PSK)
v2: * Improved documentation. * Added a test (interop with qemu client).
2018 Jun 25
2
[PATCH nbdkit] tls: Implement Pre-Shared Keys (PSK) authentication.
This is ready for review but needs a bit more real-world testing before I'd be happy about it going upstream. It also needs tests. It does interoperate with qemu, at least in my limited tests. Rich.
2019 Jul 30
1
[nbdkit PATCH] tests: Accommodate qemu-img 4.1 output change
...and we already depend on jq elsewhere in the testsuite. But since I'd already got this written up, I'm at least posting it (if nothing else, to have a list archive to point to when someone else complains about qemu-img changing output). tests/test-ip.sh | 4 ++-- tests/test-nbd-tls-psk.sh | 2 +- tests/test-nbd-tls.sh | 2 +- tests/test-tls-psk.sh | 2 +- tests/test-tls.sh | 2 +- tests/test-truncate3.sh | 2 +- 6 files changed, 7 insertions(+), 7 deletions(-) diff --git a/tests/test-ip.sh b/tests/test-ip.sh index 636d3d3f..60f2e066 100755 --- a/tests/test-...
2019 Sep 16
1
[libnbd PATCH] states: Avoid magic number for h->tls
When we moved to an enum instead of raw int for nbd_set_tls(), we should have also updated our code to prefer the enum values. While at it, improve the grammar of error messages (confusing since 632196ec, and copy-and-pasted into more locations since then). Fixes: 4488cf2a Thanks: Rich Jones --- Rich noticed this while reviewing the patch for today's...
2024 Jul 24
2
NSD 4.10.1rc2 pre-release
Am 23.07.24 um 17:28 schrieb Jeroen Koekkoek via nsd-users: > NSD 4.10.1rc2 pre-release is available: no compile time warnings while building on debian bookworm/x86_64 > @bilias implemented mutual TLS authentication for zone transfers. > Please consult the nsd.conf manual for details on the newly introduced > configuration options tls-auth-port and tls-auth-xfr-only. this is an nice feature that seem to work but have some nits. nsd serving as simple tls server is configured with server:...
2002 May 17
3
samba + openldap + tls
Hi, I using openldap 2.0.23 and samba 2.2.4 on a Redhat 7.2 Linux distrib. I've compiled with ldap support dans It works fine in clear mode. I've configured unix auth. in order to use ldap on TLS mode, and it works also. When I try to use TLS more (or SSL on 636), it doesn't work. LDAP doesn't seem to have an error (see logs below), but samba tells "Failed to issue the StartTLS instruction: Connect error". Any idea??? Have I to use the "--with-ssl" option? It...
2011 Nov 28
2
Samba 4 make fails
Hi Samba 4 git from 1 hour ago. openSUSE 12.1 make fails: [ 976/3909] Compiling source4/lib/tls/tls.c ../source4/lib/tls/tls.c: In function ?tls_init_server?: ../source4/lib/tls/tls.c:508:2: error: implicit declaration of function ?gnutls_transport_set_lowat? [-Werror=implicit-function-declaration] ../source4/lib/tls/tls.c: In function ?tls_init_client?: ../source4/lib/tls/tls.c:569:2: warni...
2019 Sep 17
7
[PATCH libnbd 0/5] interop: Check that LIBNBD_TLS_ALLOW works against nbdkit.
I was a little surprised to find that LIBNBD_TLS_ALLOW worked out of the box, so I had to examine the logs whereupon I saw the magic message ... libnbd: debug: nbd1: nbd_connect_command: server refused TLS (policy), continuing with unencrypted connection I don't believe this path has ever been tested before. It's possible the tests c...
2020 Mar 26
2
[nbdkit PATCH] tests: Swap nbdkit process order in test-nbd-tls-psk.sh
We're still seeing sporadic failures of 'nbdkit nbd tls=', and I'm still trying to come up with a root cause fix (it may involve smarter use of gnutls_bye() in libnbd). In the meantime, here's what we know: when the hang/failure happens, the 'nbdkit nbd tls=' client process is stuck in a poll() waiting to see EOF from the server, wh...
2020 Aug 17
2
couple of questions
Hey folks, I've been experimenting with native NBD live migration w/ TLS and have a couple of questions. 1) It appears that in some cases modified default_tls_x509_cert_dir from qemu.conf is not respected, seems like virsh always expects a default location and does not check default_tls_x509_cert_dir: virsh # migrate vm1 qemu+tls://ratchet.lan/system --live --persiste...
2017 Jun 17
2
LDAP ssl issue on port 636
...h -x -D "cn=user,ou=users,dc=dc,dc=local" -p 636 -h PDC -b "DC=dc,DC=local" -w pass output: ldap_result: Can't contact LDAP server (-1) ldapsearch -x -D "cn=user,ou=users,dc=dc,dc=local" -p 636 -h PDC -b "DC=dc,DC=local" -w pass -Z output: ldap_start_tls: Can't contact LDAP server (-1) ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) ldapsearch -x -D "cn=user,ou=users,dc=dc,dc=local" -p 636 -h PDC -b "DC=dc,DC=local" -w pass -ZZ output: ldap_start_tls: Can't contact LDAP server (-1) openssl s_client -conn...
2011 Mar 07
0
Fwd: STARTTLS bug - background story
-------- Original-Nachricht -------- Betreff: STARTTLS bug - background story Datum: Mon, 7 Mar 2011 15:08:09 -0500 (EST) Von: Wietse Venema <wietse at porcupine.org> An: Postfix users <postfix-users at postfix.org> CERT/CC announces a flaw today in multiple STARTTLS implementations. This problem was silently fixed in Postfix 2.8 and 2.9....
2019 Sep 17
0
[PATCH libnbd 5/5] interop: Add tests of nbdkit + LIBNBD_TLS_ALLOW.
Test both the TLS enabled and fallback paths. nbd-server doesn't appear to support TLS at all, and qemu-nbd is known not to allow fallback to unencrypted, and therefore it only makes sense to test nbdkit at the moment. --- .gitignore | 4 ++++ TODO | 3 --- interop/Makefile.am | 54 ++...
2006 Aug 22
6
/lib/tls.disabled or xen-friendly glibc?
Hi, until now I have run Xen with /lib/tls out of the way for both dom0 and domU''s, but now I''m trying to install OpenLDAP in a domU, which requires TLS as default. So now I have at least three options ahead of me: 1. mv /lib/tls.disabled back to /lib/tls and accept the performance penalty (is there any documentation o...
2019 Sep 23
4
testparm comaprison
Hi, Recently we have added 4.10.7 as additional dc, to our existing 4.4.5 samba AD DC, comparing output testparm I have detected that 4.4.5 has map readonly = no store dos attributes = Yes but 4.10.7 doesn't have Also compared smb.conf and both has the same configuration. Is this correct? Are required this configurations on 4.10.7? In a few day I want to upgrade this 4.4.5
2019 Jan 03
3
TLS ca/cert/key creation
...<samba at lists.samba.org> wrote: >> I'm working to put up a production FeeeNAS box tied to Samba/AD for >> authentication for users connecting to the FreeNAS share(s). In >> joining FreeNAS to the AD domain, one immediately runs into >> "problems" with TLS/encryption. RPvs> I do not know why, by default you will be using NTLM for authentication. The user and group queries, as best I can tell, from the FreeNAS box are occurring via LDAP. And the samba default, at least with the package provided with Ubunti 18.04 requires TLS for LDAP. I haven...
2010 Jul 20
1
Login process connection routing
...ed. I'm wondering if there are any performance issues with having a single process handle so many connections. It seems fine (system load is actually lower than with service_count = 1), but I thought I'd ask. /usr/sbin/dovecot \_ dovecot/imap-login \_ dovecot/imap-login [1 connections (1 TLS)] \_ dovecot/imap-login \_ dovecot/imap-login [5 connections (5 TLS)] \_ dovecot/imap-login [1 connections (1 TLS)] \_ dovecot/imap-login [4 connections (4 TLS)] \_ dovecot/imap-login [1 connections (1 TLS)] \_ dovecot/imap-login [1 connections (1 TLS)] \_ dovecot/imap-login [315 connections...
2017 Jan 11
4
SSL Certificate
Hello! Taking advantage of the email, I tried to make an ldap query with tls and I had an error .. Version Samba 4.4.4 samba-tool testparm -v --suppress-prompt|grep tls ldap ssl = start tls tls cafile = tls/ca.pem tls certfile = tls/cert.pem tls crlfile = tls dh params file = tls enabled = Yes tls keyfile = t...