similar to: ssl_require_crl does not work as expected

Hi all, As I reported earlier (with a typo in the work [BUG]) client certification validation *does not* work even if you do everything exactly according to all documentation and attempts at helpful advice. I have seen this issue with both startssl.com and self-signed certificates, and based on what I've seen from searching the web, this is a problem that has gotten little attention because

Skipped content of type multipart/alternative-------------- next part -------------- --- ssl-proxy-openssl.c.orig 2006-04-04 10:32:58.000000000 +0200 +++ ssl-proxy-openssl.c 2006-06-01 09:24:57.000000000 +0200 @@ -498,7 +498,7 @@ const char *ssl_proxy_get_peer_name(struct ssl_proxy *proxy) { X509 *x509; - char buf[1024]; + char buf[256]; const char *name; if

imap-login processes are hanging (using 100% of CPU) when connected from a client that is partially blocked by a firewall. It appears that imap-login is stuck in a loop trying to complete an ssl handshake. imap-login is working fine for other clients not blocked by the firewall (including localhost). This is dovecot 2.1.10 under Mac OS X 10.8.2 (compiled from sources); the firewall is Little

On December 5, 2012 2:07:14 AM PST, Ben Morrow <ben at morrow.me.uk> wrote: > At 1AM -0800 on 5/12/12 Erik A Johnson wrote: >> FYI, the tcpdump I sent previously was with one of our >> previously-discussed patches in place: >> >> if (!proxy->client_proxy && net_geterror(proxy->fd_ssl) == EBADF) { >> >> I'm attaching that dump

I have a Dell Latitude D600 with Windows XPsp2 on the first partition and Ubuntu Feisty (Linux kernel 2.6.20) with Wine 0.9.30 on the second partition, set up to dual-boot. The XP share is NTFS and mounted read-only for Linux. What I want to do is run my Windows apps from the XP partition under Wine, because I really hate using Windows. A lot of the apps seem to ask for DLLs they can't find.

I've bought my 12 yr old son a used laptop (Dell Latitude D600) and convinced him to use a version of linux unstead of Windows. The laptop came with PCLinuxOS release 2007. He really wants to be able to run some of his games, so I used the Synaptic Package Manager to install Wine. The version available for PCLinuxOS was Wine 0.9.58. So far I've tried two games, and I've struck out

Hi, I just installed Red Hat 9 on a Dell Latitude D600 laptop. Then I installed VMware 4 and installed Windows XP as the guest operating system. I want to run Samba on the Red Hat 9 host to share files with the Windows XP guest. Each OS individually is running fine. I compiled Samba 3.0.2 on the Red Hat host, but I can't start Samba. I try starting it with "/usr/sbin/smbd -D",

On 11/22/2016 1:14 PM, wwp wrote: > D800 series (810, etc.), E6500 series (E6500, E6530, etc.), at least. D series are 10 years or more old. ancient in laptop terms. I had a D600 for a long time (new in 2003). The E6x00, '10, '20, and '30 are also fairly old (2008, 2010, 2011, and 2012, respectively). The current models branded like Latitude 15 5000, 14 7000, etc, are in

Hi All, I''m using shorewall on my laptop(2 NIC) to connect my desktop to the Internal LAN. For some reason, MS''s SQL query analyser is not able to connect to the SQL server. I alway get the "Server does not exist" I even tried to connect to it using IP address rather than netbios name and it still doesn''t work. All of the access is fine. (eg: WEB/ping etc)

Platform: Dell Latitude D600 laptop, Pentium M debian sarge (testing/unstable) samba 3.0.2a-1 VMWare Workstation 4.5.1-7568 w/XP Professional I'm running XP under VMWare. The directory I'm working on, is actually a network share exported by samba from the linux host. The reason is that I don't wish to fill up my disk with VMWare virtual disk images. Performancewise this

On Tuesday 22 November 2016 21:49:52 John R Pierce wrote: > On 11/22/2016 1:14 PM, wwp wrote: > > D800 series (810, etc.), E6500 series (E6500, E6530, etc.), at > > least. > > D series are 10 years or more old. ancient in laptop terms. I > had a D600 for a long time (new in 2003). > > The E6x00, '10, '20, and '30 are also fairly old (2008, 2010,

Hello all! I have tried and tried to resolve this one to no avail. Hopefully one of you can help... The system in question is a Compaq Evo D600 (iirc) business desktop, with a 1.4GHz Pentium 4 and 512mb of RAM, running a stock install of PoundKey 1.2. It has two Digium cards installed: a TDM400P with four FXO modules, and a TE110P hooked to a Carrier Access Adit 600 which serves 8

Hi all, Whenever I start up TC and implement traffic policing using ingress, I get logs that goes something like this: Classifier actions preferred over ingress. What does that mean?? This are the relevent lines : tc qdisc add dev $DEV handle ffff: ingress tc filter add dev $DEV parent ffff: protocol ip prio 50 u32 match ip src 0.0.0.0/0 police rate ${DOWNLINK}kbit burst 10k drop flowid :1

Today I've been trying to get dovecot (1.0 rc2) to use certificates for client side authentication. If my memory serves right, beta8 had no problems with it (although it was some time ago and on different machine). Similar setup works perfectly well for postfix (for authentication that is, on the same machine). Originally I thought I overdid some certificate settings (keyUsage, nsCertType,

Hi all, Can anyone show me pointers on how to get this implemented on a Linux box with tc rules? I also want to know, just how efficient is this Algorithm. AFAIK, inbound traffic control can''t really be achieved without losing bandwidth. In some of the howtos'' I''ve read, one guy had to limit his downspeed to 1/2 his bandwidth to actually control it. And he was saying

On 2015/2/16 16:28, Jochen Bern wrote: > On 02/16/2015 04:23 PM, Reindl Harald wrote: >>> "The CA file should contain the certificate(s) followed by the >>> matching CRL(s). Note that the CRLs are required to exist. For a >>> multi-level CA place the certificates in this order: >>> >>> Issuing CA cert >>> Issuing CA CRL

Thanks for the note. I had never seen anything in the postfix and apache documentation that the CRLs could be intermingled with the CRTs in the CRT file. The documentation for those programs suggests putting the CRLs in a separate file (e.g. apache SSLCARevocationFile) or doesn't talk about putting CRLs in with the certs (e.g. postfix smtpd_tls_cert_file). If it works to put them all in one

Why not /etc/dovecot/private? That's where I put my dovecot certs. Dovecot's needs are a bit different from other software, and so it is unclear whether the files won't be unique to it. For example, I haven't seen the following before I read it on the Dovecot wiki: "The CA file should contain the certificate(s) followed by the matching CRL(s). Note that the CRLs are required

Hi experts I have a trouble in access rights I am running Samba 3.0.31 on Solaris 10 x86 64 bits as member server of an Active Directory 2003 R2 domain (MYDOMAIN) using Identity Management for Unix I set rights to access a sub folder of a Samba share. On Solaris the user "toto" jdoe can write a new file. From Windows, the same user can't. Itlooks like OK when the primary group

Hi all, I have pleasure to announce new version f of "X.509 certificates support in OpenSSH" Please to update your bookmarks/favorites with new location: http://roumenpetrov.info/openssh Old location is available too: http://satva.skalasoft.com/~rumen/openssh What's new: * support "Certificate Revocation Lists" (CRLs) * ssh-keyscan can show hostkey with