similar to: [PATCH] Fix for client certificate validation does not work

Hi! I'm new to this list and i could not find a way to search through the already posted articles, so please forgive me if this subject has been discussed before. Our security scanner stumbled over the IMAPs server i've set up recently using dovecot on a RedHat Enterprise 64bit Server. The security scanner found an error regarding a new SSL security leak named "BEAST". The

# HG changeset patch # User David Hicks <david at hicks.id.au> # Date 1373085976 -36000 # Sat Jul 06 14:46:16 2013 +1000 # Node ID ccd83f38e4b484ae18f69ea08631eefcaf6a4a4e # Parent 1fbac590b9d4dc05d81247515477bfe6192c262c login-common: Add support for ECDH/ECDHE cipher suites ECDH temporary key parameter selection must be performed during OpenSSL context initialisation before ECDH and

# HG changeset patch # User Cristian Rodr?guez <crrodriguez at opensuse.org> # Date 1318533592 10800 # Node ID c15d6befe20082009cb40926afa208ab4b684818 # Parent 962df5d9413a4a0fcc68aacc1df0dca7a44a0240 Use SSL_MODE_RELEASE_BUFFERS if available to keep memory usage low. diff -r 962df5d9413a -r c15d6befe200 src/login-common/ssl-proxy-openssl.c --- a/src/login-common/ssl-proxy-openssl.c Wed

Skipped content of type multipart/alternative-------------- next part -------------- --- ssl-proxy-openssl.c.orig 2006-04-04 10:32:58.000000000 +0200 +++ ssl-proxy-openssl.c 2006-06-01 09:24:57.000000000 +0200 @@ -498,7 +498,7 @@ const char *ssl_proxy_get_peer_name(struct ssl_proxy *proxy) { X509 *x509; - char buf[1024]; + char buf[256]; const char *name; if

Full_Name: John Brzustowski Version: 2.8.1 OS: linux Submission from: (NULL) (67.71.250.146) When entering a debug()'ed function, the call printout is not limited by options()$deparse.max.lines as it is when one uses browser() or trace(). Should it be? If so, here's a patch: diff -cr R-2.8.1/src/library/base/man/options.Rd R-2.8.1-patched/src/library/base/man/options.Rd ***

I want to create a list of functions in a for loop, with the index of the loop appearing explicitly in the function code. After quite a bit of thrashing around I figured out how to do it. Here is a toy example: junk <- vector("list",4) for(i in 1:4) { itmp <- i junk[[i]] <- eval(bquote(function(x){42 + .(itmp)*x})) } So I'm *basically* happy, but there's

Hi, I came up with the following patch while trying to figure out a good solution for the situation described in Debian bug #871987[1]. In short, OpenSSL in Debian unstable has disabled TLSv1.0 and TLSv1.1 *by default*. That means that unless an application requests otherwise, only TLSv1.2 is supported. In the world of e-mail this is seemingly an issue, as there are still way too many old clients

Professor Ripley commented on LAPACK error codes: https://stat.ethz.ch/pipermail/r-help/2007-March/127702.html and says "Internal LAPACK errors are usually problems with arithmetic accuracy, and as such are compiler- and CPU-specific." Is there a listing for the error codes from Lapack routine 'dsyevr'? Especially I am interested about the meaning and handling of error codes 1

Dear all, I am looking for a way for creating a gui for managing qos in linux , i came across snmp extension to net snmp at http://x-ray.prokon.cz/data/snmp/ and i found qosd-0.0.1-13122003.tgz , in which there is a client server program using soap which was realy intresting but when i tried to compile it ended up with many errors ,, does and one have tried it , or have

The openssl library in Debian unstable (targeting Buster) supports TLS1.2 by default. The library itself supports also TLS1.1 and TLS1.0. If the admin decides to also support TLS1.[01] users he can then enable the lower protocol version in case the users can't update their system. Signed-off-by: Sebastian Andrzej Siewior <sebastian at breakpoint.cc> --- src/config/all-settings.c

How do I configure dovecot-2.0.x to present a client SSL certificate when proxying? If dovecot on server1.example.com has: passdb { driver = static args = proxy=y host=server2.example.com nopassword=y ssl=yes } and dovecot on server2.example.com has: ssl_verify_client_cert = yes auth_ssl_require_client_cert = yes then when a client connects to server1 and authenticates, a connection is

In the file ./src/login-common/ssl-proxy-openssl.c appears the code: if (verbose_ssl) SSL_CTX_set_info_callback(ssl_ctx, ssl_info_callback); It appears the SSL_CTX_set_info_callback symbol only occurs in the openssl development branch starting with 0x00909000L as this symbol is missing from openssl 0.9.8b and 0.9.8e (no check of the latest nightly snapshot of the stable 0.9.8 branch).

All; I have a Fedora 26 server that I am trying to compile asterisk-certified-13.13-cert6 on. However, I'm getting the following errors. I'm also having a tough time trying to compile Dahdi. I'm not sure what I'm missing, but if anyone else is running Fedora, I'd really appreciate any help at all. Thanks Much; John V. make[1]: Leaving directory

Hi everyone, Windows XP Pro OpenSSL 0.9.8i Ruby 1.8.6-p114 Ok, I''m going a bit OT here, but I want to see if anyone knows the answer. I built Ruby with VC++ 8 (cl 14). I managed to build and install OpenSSL. I also managed to build the Ruby OpenSSL extension, after 1 minor tweak to x509.h to eliminate a macro conflict: --- x509.orig Thu Oct 02 11:30:10 2008 +++ x509.h Thu Oct

I've set up a list of ciphers that excludes SSLv2 ciphers (and other weak ones) in the hope of preventing SSLv2 connections: ssl_cipher_list = TLSv1+HIGH : !SSLv2 : RC4+MEDIUM : !aNULL : !eNULL : !3DES : @STRENGTH However, this doesn't prevent the SSLv2 connection being allowed as our Nessus scans show and I'm tasked with trying to plug that "hole". I see Dovecot2 had

Hi, the actual OpenSSL version detection in dovecot is insufficient. The implementation only checks for SSL_CTRL_SET_ECDH_AUTO. That was effective for OpenSSL 1.0.2, but in 1.1.0 it is removed. Thats the code part: #ifdef SSL_CTRL_SET_ECDH_AUTO /* OpenSSL >= 1.0.2 automatically handles ECDH temporary key parameter selection. */ SSL_CTX_set_ecdh_auto(ssl_ctx, 1);

The init functions are not longer required in OpenSSL 1.1 so I dropped them. TLSv1_client_method() should not be used because it enables only the TLSv1.0 protocol. Better is to use SSLv23_client_method() which enable all the protocols including TLSv1.2. With this functions SSLv2 and SSLv3 is theoretically possible but as of today those protocols are usually build-time disabled. To avoid all this

Hi list, I am unsuccessfully trying to produce a serious of trellis barcharts from within a for-loop. The barcharts work outside the loop. What am I missing? Example attached. Thanks Herry #XXXXXXXXXXXXXXXXXXXXXX trellis.device(bg="white") trellis.par.get("fontsize")->fontsize fontsize$default<-16 trellis.par.set("fontsize",fontsize)

Dear all, I am working on modifying the R working matrix to commodate some other correlations that not included in the package. I am having problem to locate where the R matrix are defined for regular matrices, i.e. independence, exchangeable, AR and unstructure. it might have something within .C("Cgee",but don't understand it well enough to know. Can you anyone help? /*gee source

(cross-posted on SO: https://stackoverflow.com/questions/78022766) Hi all, I'm trying to compile R as a static library with the -fPIC flag so I can use it within java+JNI (is it only possible ?), but I cannot find the right flags in '.configure' to compile R this way. I tested various flags but I cannot find the correct syntax. for now, my latest attempt was ``` rm -rvf?