Displaying 20 results from an estimated 10000 matches similar to: "Selectively allow non-SSL connections based on userdb"
2013 Nov 27
1
proxy_maybe & director incompatibility
Hi Folks,
I spent quite some time yesterday understanding how proxy works along with the director. I came to the conclusion that proxy_maybe and director cannot be used together, but this isn?t a true incompatibility so much as caused by the way things are handled and the order they are processed in.
The way proxy_maybe works is that it is processed by the auth provider once it gets the
2015 Oct 27
0
How to use different SASL mechanisms for ssl connections
Hi
I would like to set different SASL mechanisms for users trying to login
(POP3/IMAP/Managesieve) on encrypted channel, than for those on
unencrypted connection.
Specificaly:
For users on unencrypted channel, i need to allow login with CRAM-MD5
(to improve security - I have users who require unencrypted connection
but i cant let tem use PLAIN login, of course). But for users on
2007 Dec 12
2
Dump Unencrypted SSL Traffic
I've got an application that I can run under wine. It uses SSL to
communicate with a server. Since it's using SSL I can't just sniff
the network packets. What would be the best way to have wine be able
to dump the unencrypted data to a file for analysis? If this
requires modifying code, which files should I look at?
--
Anish Mistry
amistry at am-productions.biz
AM Productions
2016 Dec 27
0
How to secure IceCast (Secure login page and disable SSL/TLS versions.
I have used the options successfully to enable secure streams with icecast. This is so great because I don't have to loose the green lock on pages that have streams... However after reviewing the security, I have the following questions.
1. How do I require the login pop-up to be secure so I don't send creds unencrypted? If the answer is to disable or use firewall to restrict http,
2007 Nov 03
3
ANN: python-markdown2 -- another Python implementation of Markdown
Hello all,
I'm announcing python-markdown2 -- another Python implementation of
Markdown. (MIT license.)
http://code.google.com/p/python-markdown2/
It should be a drop-in replacement for
[markdown.py](http://www.freewisdom.org/projects/python-markdown/). It
fixes some issues that I ran into with markdown.py [^1]. I believe
that it is faster than markdown.py [^2] and on par or a little
2016 Jan 25
2
Disable Client Certificate Authentication for Unencrypted Connections?
I?m using dovecot to provide encrypted IMAP e-mail support for remote clients and it?s working great. However, I also need to set up a webmail front-end (Roundcube), which I?m hoping to have use unencrypted IMAP on port 143 (as only port 993 is available externally).
The problem I?m running into is that I want to require client certificate authentication on port 993, but dovecot is apparently
2019 Jul 31
2
SSL-Question
thanks, that makes sense and works!
btw: is port 8443 sort of standard, which clients do consider?
bests, uno
Per Gunnarsson:
> I have one listening socket for http and one separate for https.
>
> It looks like this:
>
>
> <listen-socket>
> <port>8000</port>
> </listen-socket>
>
>
>
>
2008 Jan 10
2
[Bug 1430] New: Restore support for "none" cipher, i.e., unencrypted connections
https://bugzilla.mindrot.org/show_bug.cgi?id=1430
Summary: Restore support for "none" cipher, i.e., unencrypted
connections
Classification: Unclassified
Product: Portable OpenSSH
Version: 4.7p1
Platform: Other
OS/Version: Other
Status: NEW
Severity: normal
Priority: P2
2007 Nov 01
2
FLAC downloads available for new album produced by Trent Reznor
Sorry, I'm sure it's terribly offtopic, but thought it was extremely
interesting that the new album[1] by Saul Williams, produced by Trent
Reznor, is available for download for 5 bucks. It's nice to see FLAC
getting some respect! ;)
[1] http://en.wikipedia.org/wiki/The_Inevitable_Rise_and_Liberation_of_NiggyTardust!
--
avuton
--
Anyone who quotes me in their sig is an idiot. --
2006 May 10
1
ssl_require_client_cert = yes for encrypted connections only
Hi,
is there any way to get dovecot to use "ssl_require_client_cert = yes"
for encrypted connections only? For unencrypted connections there can't
be any client certificate, and I can't disable unencrypted connections
altogether (I limit them by firewall to our own network).
Rainer Frey
--
Software Development
------------------------------------------------------
Inxmail
2014 Mar 27
1
Asterisk SSL support broken with update from openssl-1.0.0 to 1.0.1e, recompiling does *not* help
I am having an issue that prevents WebSockets over SSL/TLS (or any kind of encrypted HTTP traffic to Asterisk) from working after an openssl library update.
My setup is CentOS 6 x86_64, and initially, with openssl[-devel]-1.0.0-20.el6_2.5.x86_64 . With this openssl versions, https over TCP port 8089 initializes correctly with asterisk-11.7.0. After an upgrade to
2015 Jan 29
2
[LLVMdev] always-inline heuristic
I see that we do not inline a function marked as "always-inline" if it
contains indirect branches ? what are the reasons behind this criterion ?
Thanks
Trent
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20150129/92bf577a/attachment.html>
2017 May 30
0
SSL problem - no banner
Marcio Merlone <marcio.merlone at a1.ind.br> writes:
> Only openssl s_client -connect localhost:993 works fine and fast, while
> all MUA's and telnet does not. Telnet timeouts waiting for banner after
> a minute or so:
>
> root at netuno:~# openssl s_client -connect localhost:993
> ...
> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
> IDLE
2019 Jul 31
0
SSL-Question
Hi,
On 7/31/19 1:56 PM, unosonic wrote:
>
> thanks, that makes sense and works!
> btw: is port 8443 sort of standard, which clients do consider?
The RFC standardized ports for HTTP are:
80, alternatives: 8008, 8080
For HTTPS:
443
After all, Icecast is just another web server.
Please note the absence of 8000 and 8443. Neither are officially
specified for WWW type HTTP(S). They are
2015 Apr 19
2
[LLVMdev] function pointer alias analysis
Hi
I see when LLVM builds the CallGraph SCCs. a function calling through
a function pointer is conservatively assumed to call internal and
external functions. Therefore, it has an edges pointing to the
externalnode2, ie. the externalnode representing outgoing calls from
this module.
does LLVM have any function pointer analysis capabilities in the mainline ?
Thanks,
-Trent
2019 Jul 31
2
SSL-Question
Hello!
Where do I find tutorial how to install and setup ssl and which certificate
is for icecast?
Thank you
V V sre., 31. jul. 2019 ob 15:13 je oseba Per Gunnarsson <
per.gunnarsson at yandex.com> napisala:
> I have one listening socket for http and one separate for https.
>
> It looks like this:
>
>
> <listen-socket>
>
2009 Jan 05
1
New SSL certificate problem
Our DC has been using a Verisign certificate. Over the past year, we've
been using a Digicert Wildcard Plus certificate for almost all of our
machines, and I wanted to switched over our DC mailserver.
I used the following command to generate the CSR and key:
openssl req -new -newkey rsa:1024 -nodes -out star_bard_edu.csr -keyout star_bard_edu.key -subj "/C=US/ST=NY/L=ourtown/O=Bard
2004 Oct 31
9
Maquerading through IPSECed wireless dropping packets selectively?
Hello,
I''m stuck IPSECing my wireless network at home and would appreciate any
comments. I appologize in advance if I''m wasting your time with trivia -
I''m not a professional and staring at the problem for days from various
angles hasn''t done me any good ...
My home server/firewall (morannon) is hooked up through an USB to
ethernet adapter (eth1) to my DSL
2013 Nov 09
1
What's a sensible log level?
trentbuck at gmail.com (Trent W. Buck) writes:
> I had a samba 4.0.9 AD DC (no other DCs), and I'm trying to join Windows
> hosts to it. Most either automatically migrated, or worked fine when I
> changed them to "workgroup" and back again, as Administrator.
>
> Three of them aren't, the client side says
>
> The following error occurred attempting to
2004 Sep 01
0
encrypted passwords: what negotiation with what client?
Hello
man smb.conf encrypt passwords says:
"This boolean controls whether encrypted passwords will be negotiated
with the client. Note that Windows NT 4.0 SP3 and above and also
Windows 98 will by default expect encrypted passwords unless a registry
entry is changed."
What does this mean? From my point of view it can mean 4 totally
different things:
1) That when I run smbd with