similar to: Reg: Initialization of secure memory. Problem with libvirt-0.10.2

Hi, anybody else having isssues on updating package index from sernet's https debian package repostory? I'm on debian wheezy. 'apt-get update' results in: W: Failed to fetch https://download.sernet.de/packages/samba/4.1/debian/dists/wheezy/main/source/Sources gnutls_handshake() failed: A TLS warning alert has been received. W: Failed to fetch

Thank you, thank you, thank you. After doing as you suggested, all seems right with the world. At least a little bit more so. If I understood this thing better, I would be glad to join your documentation team. *sigh* -jimc On 7/3/2014 11:00 AM, samba-request at lists.samba.org wrote: > Send samba mailing list submissions to > samba at lists.samba.org > > To subscribe or

I have a new CentOS 7.4 (recently upgraded to 7.5) system that I have been struggling with in configuring vsftpd for FTPS Implicit (port 990). (The latest instructions I've used are at: https://www.unixmen.com/configure-vsftpd-ssltls-centos-7/) Using Filezilla client, I get: Error: GnuTLS error -15: An unexpected TLS packet was received. Error: Could not connect to

I'm trying to bring dovecot up on Debian/stable using Christof Meerwald's unofficial packages (cmeerw.org/debian/). This package seems to work fine on Debian/testing. There error I'm getting on the stable box is: gnutls_handshake: A TLS fatal alert has been received.(Bad record MAC) Any guesses? -- Jacob Elder

As said by Linus: A symmetric naming is only helpful if it implies symmetries in use. Otherwise it's actively misleading. In "kzalloc()", the z is meaningful and an important part of what the caller wants. In "kzfree()", the z is actively detrimental, because maybe in the future we really _might_ want to use that "memfill(0xdeadbeef)" or

As said by Linus: A symmetric naming is only helpful if it implies symmetries in use. Otherwise it's actively misleading. In "kzalloc()", the z is meaningful and an important part of what the caller wants. In "kzfree()", the z is actively detrimental, because maybe in the future we really _might_ want to use that "memfill(0xdeadbeef)" or

As said by Linus: A symmetric naming is only helpful if it implies symmetries in use. Otherwise it's actively misleading. In "kzalloc()", the z is meaningful and an important part of what the caller wants. In "kzfree()", the z is actively detrimental, because maybe in the future we really _might_ want to use that "memfill(0xdeadbeef)" or

Hi, I need to sign a bunch of RPM packages that have interdepencies: build #1, sign #1, install #1, build #2, sign #2, install #2 etc. Based on the info in bz436812 [1] I have created the key (RSA sign only, 4096bit, no sub keys) and put this in .rpmmacros: %_signature gpg %_gpg_path ~/.gnupg %_gpg_name <KEY_ID> %__gpg_sign_cmd %{__gpg} gpg --force-v3-sigs \ --digest-algo=sha1 --batch

Hi, I use Quandl package to download data from Quandl https://www.quandl.com Today when I tried to download data from there, I received below error : > Quandl('LME/PR_CO') Error in curl::curl_fetch_memory(url, handle = handle) : gnutls_handshake() failed: An unexpected TLS packet was received. I am using Quandl_2.8.0 in below platform R version 3.4.4 (2018-03-15) Platform:

Hi all, I am facing an error while connecting libvirt remotely using tls.. I have created CA, client and server certificates with RSA 1024 bit using Openssl. I am using debian linux flavor in both client and server. *Original Error:* (When trying to connect remote libvirt) virsh -c xen+tls://destinationipaddr/system error: failed to connect to the hypervisor error: authentication failed: TLS

Dear All, Please find few minutes from your time and guide us with some pointers if possible. We are facing a libvirtd crash when we are trying to connect to qemu by default TLS transport. # virsh -c qemu+tls://localhost/system version error: authentication failed: TLS handshake failed A TLS packet with unexpected length was received. error: failed to connect to the hypervisor I used my own CA

I doubt whether there is any fixed algorithm given while generating certificates. I used RSA 1024 bit. On Wed, Nov 19, 2014 at 11:42 AM, Ajitha Robert <ajitharobert01@gmail.com> wrote: > > Hi all, > > I am facing an error while connecting libvirt remotely using tls.. I have created CA, client and server certificates with RSA 1024 bit using Openssl. I am using debian linux

Greetings, I have had to reinstall my email server on another Linux (centos 7.6) VPS, with a newer version of dovecot, other software and a brand new letsencrypt certificate just for email withpostfix and dovecot (that certificate works fine with postfix). Output of dovecot --version and dovecot -n on the new server is below. Now, messages ARE delivered in the right IMAP mailboxes, but when I try

v5: - Break the btrfs patch out as a separate patch to be processed independently. - Update the commit log of patch 1 to make it less scary. - Add a kzfree backward compatibility macro in patch 2. v4: - Break out the memzero_explicit() change as suggested by Dan Carpenter so that it can be backported to stable. - Drop the "crypto: Remove unnecessary

Hi. I had working Exim 4.71 and Dovecot 1.2.9 SASL configuration on Ubuntu Lucid, but needed some features from dovecot2, so I installed 2.0.13 from https://launchpad.net/~carsten-uppenbrink-net/+archive/dovecot2 . Now I get Subj error while trying to authenticate via dovecot auth-client socket. However IMAP auth works fine with 2.0.13 and smtp auth worked fine until upgrade, so I think

v4: - Break out the memzero_explicit() change as suggested by Dan Carpenter so that it can be backported to stable. - Drop the "crypto: Remove unnecessary memzero_explicit()" patch for now as there can be a bit more discussion on what is best. It will be introduced as a separate patch later on after this one is merged. This patchset makes a global rename of the kzfree()

v4: - Break out the memzero_explicit() change as suggested by Dan Carpenter so that it can be backported to stable. - Drop the "crypto: Remove unnecessary memzero_explicit()" patch for now as there can be a bit more discussion on what is best. It will be introduced as a separate patch later on after this one is merged. This patchset makes a global rename of the kzfree()

On Wed, May 13, 2015 at 12:25:44AM +0300, Timo Sirainen wrote: > - mbox: Fixed crash/corruption in some situations when the first mail > was expunged. Once again: This is *not* fixed! I've just tested it on 2:2.2.17~rc1-1~auto+17 by Stephan Bosch, which is based on revision 18656:6f167f2e550d, and none of the changesets between 18656 and 18660 are related to this. Please try a

This patchset makes a global rename of the kzfree() to kfree_sensitive() to highlight the fact buffer clearing is only needed if the data objects contain sensitive information like encrpytion key. The fact that kzfree() uses memset() to do the clearing isn't totally safe either as compiler may compile out the clearing in their optimizer. Instead, the new kfree_sensitive() uses

samba 4.4..x version no problem. samba 4.5.rc1 4.5.rc2 4.5.-test all versions problem. winbind max clients = 2000 line. server crashes in 1 day.. :((( my smb file here. winbindd:use external pipes = true winbind cache time = 300 winbind reconnect delay = 30 winbind request timeout = 60 winbind max clients = 2000 # winbind max clients = 200 winbind max domain