similar to: [PATCH] Fix for client certificate validation does not work

Displaying 20 results from an estimated 300 matches similar to: "[PATCH] Fix for client certificate validation does not work"

2012 Mar 20
1
IMAP and POP3 per SSL
Hi! I'm new to this list and i could not find a way to search through the already posted articles, so please forgive me if this subject has been discussed before. Our security scanner stumbled over the IMAPs server i've set up recently using dovecot on a RedHat Enterprise 64bit Server. The security scanner found an error regarding a new SSL security leak named "BEAST". The
2013 Jul 06
1
[PATCH] login-common: Add support for ECDH/ECDHE cipher suites
# HG changeset patch # User David Hicks <david at hicks.id.au> # Date 1373085976 -36000 # Sat Jul 06 14:46:16 2013 +1000 # Node ID ccd83f38e4b484ae18f69ea08631eefcaf6a4a4e # Parent 1fbac590b9d4dc05d81247515477bfe6192c262c login-common: Add support for ECDH/ECDHE cipher suites ECDH temporary key parameter selection must be performed during OpenSSL context initialisation before ECDH and
2011 Oct 13
1
[PATCH] Use SSL_MODE_RELEASE_BUFFERS if available to keep memory usage low
# HG changeset patch # User Cristian Rodr?guez <crrodriguez at opensuse.org> # Date 1318533592 10800 # Node ID c15d6befe20082009cb40926afa208ab4b684818 # Parent 962df5d9413a4a0fcc68aacc1df0dca7a44a0240 Use SSL_MODE_RELEASE_BUFFERS if available to keep memory usage low. diff -r 962df5d9413a -r c15d6befe200 src/login-common/ssl-proxy-openssl.c --- a/src/login-common/ssl-proxy-openssl.c Wed
2006 Jun 01
1
ssl-proxy: client certificates and crl check
Skipped content of type multipart/alternative-------------- next part -------------- --- ssl-proxy-openssl.c.orig 2006-04-04 10:32:58.000000000 +0200 +++ ssl-proxy-openssl.c 2006-06-01 09:24:57.000000000 +0200 @@ -498,7 +498,7 @@ const char *ssl_proxy_get_peer_name(struct ssl_proxy *proxy) { X509 *x509; - char buf[1024]; + char buf[256]; const char *name; if
2009 Apr 09
0
bug/suggestion: debugger should respect option "deparse.max.lines" when printing the call (PR#13647)
Full_Name: John Brzustowski Version: 2.8.1 OS: linux Submission from: (NULL) (67.71.250.146) When entering a debug()'ed function, the call printout is not limited by options()$deparse.max.lines as it is when one uses browser() or trace(). Should it be? If so, here's a patch: diff -cr R-2.8.1/src/library/base/man/options.Rd R-2.8.1-patched/src/library/base/man/options.Rd ***
2012 Jan 07
3
Putting an index explicitly into function code --- a curiosity.
I want to create a list of functions in a for loop, with the index of the loop appearing explicitly in the function code. After quite a bit of thrashing around I figured out how to do it. Here is a toy example: junk <- vector("list",4) for(i in 1:4) { itmp <- i junk[[i]] <- eval(bquote(function(x){42 + .(itmp)*x})) } So I'm *basically* happy, but there's
2017 Sep 13
2
[RFC master-2.2 0/1] Support OpenSSL 1.1 API for setting allowed TLS versions
Hi, I came up with the following patch while trying to figure out a good solution for the situation described in Debian bug #871987[1]. In short, OpenSSL in Debian unstable has disabled TLSv1.0 and TLSv1.1 *by default*. That means that unless an application requests otherwise, only TLSv1.2 is supported. In the world of e-mail this is seemingly an issue, as there are still way too many old clients
2009 Mar 25
2
Listing of LAPACK error codes
Professor Ripley commented on LAPACK error codes: https://stat.ethz.ch/pipermail/r-help/2007-March/127702.html and says "Internal LAPACK errors are usually problems with arithmetic accuracy, and as such are compiler- and CPU-specific." Is there a listing for the error codes from Lapack routine 'dsyevr'? Especially I am interested about the meaning and handling of error codes 1
2006 May 08
2
have any one tried Snmp extension to Net-SNMP daemon
Dear all, I am looking for a way for creating a gui for managing qos in linux , i came across snmp extension to net snmp at http://x-ray.prokon.cz/data/snmp/ and i found qosd-0.0.1-13122003.tgz , in which there is a client server program using soap which was realy intresting but when i tried to compile it ended up with many errors ,, does and one have tried it , or have
2017 Aug 26
3
[PATCH] Add support for lower TLS version than default
The openssl library in Debian unstable (targeting Buster) supports TLS1.2 by default. The library itself supports also TLS1.1 and TLS1.0. If the admin decides to also support TLS1.[01] users he can then enable the lower protocol version in case the users can't update their system. Signed-off-by: Sebastian Andrzej Siewior <sebastian at breakpoint.cc> --- src/config/all-settings.c
2011 Dec 22
1
proxying, SSL, and client certificate
How do I configure dovecot-2.0.x to present a client SSL certificate when proxying? If dovecot on server1.example.com has: passdb { driver = static args = proxy=y host=server2.example.com nopassword=y ssl=yes } and dovecot on server2.example.com has: ssl_verify_client_cert = yes auth_ssl_require_client_cert = yes then when a client connects to server1 and authenticates, a connection is
2007 Jun 11
2
SSL_CTX_set_info_callback problem in latest source
In the file ./src/login-common/ssl-proxy-openssl.c appears the code: if (verbose_ssl) SSL_CTX_set_info_callback(ssl_ctx, ssl_info_callback); It appears the SSL_CTX_set_info_callback symbol only occurs in the openssl development branch starting with 0x00909000L as this symbol is missing from openssl 0.9.8b and 0.9.8e (no check of the latest nightly snapshot of the stable 0.9.8 branch).
2018 Jan 10
3
Can't compile Asterisk on Fedora server
All; I have a Fedora 26 server that I am trying to compile asterisk-certified-13.13-cert6 on. However, I'm getting the following errors. I'm also having a tough time trying to compile Dahdi. I'm not sure what I'm missing, but if anyone else is running Fedora, I'd really appreciate any help at all. Thanks Much; John V. make[1]: Leaving directory
2008 Oct 02
1
Problems using a hand built OpenSSL on Windows
Hi everyone, Windows XP Pro OpenSSL 0.9.8i Ruby 1.8.6-p114 Ok, I''m going a bit OT here, but I want to see if anyone knows the answer. I built Ruby with VC++ 8 (cl 14). I managed to build and install OpenSSL. I also managed to build the Ruby OpenSSL extension, after 1 minor tweak to x509.h to eliminate a macro conflict: --- x509.orig Thu Oct 02 11:30:10 2008 +++ x509.h Thu Oct
2012 Mar 08
1
disabling SSLv2 in dovecot 1.2.17
I've set up a list of ciphers that excludes SSLv2 ciphers (and other weak ones) in the hope of preventing SSLv2 connections: ssl_cipher_list = TLSv1+HIGH : !SSLv2 : RC4+MEDIUM : !aNULL : !eNULL : !3DES : @STRENGTH However, this doesn't prevent the SSLv2 connection being allowed as our Nessus scans show and I'm tasked with trying to plug that "hole". I see Dovecot2 had
2017 Feb 14
0
openssl 1.1.0d breaks Android7 TLS connects
Hi, the actual OpenSSL version detection in dovecot is insufficient. The implementation only checks for SSL_CTRL_SET_ECDH_AUTO. That was effective for OpenSSL 1.0.2, but in 1.1.0 it is removed. Thats the code part: #ifdef SSL_CTRL_SET_ECDH_AUTO /* OpenSSL >= 1.0.2 automatically handles ECDH temporary key parameter selection. */ SSL_CTX_set_ecdh_auto(ssl_ctx, 1);
2017 Nov 16
0
[PATCH] [libshout] tls: compile with OpenSSL 1.1.0
The init functions are not longer required in OpenSSL 1.1 so I dropped them. TLSv1_client_method() should not be used because it enables only the TLSv1.0 protocol. Better is to use SSLv23_client_method() which enable all the protocols including TLSv1.2. With this functions SSLv2 and SSLv3 is theoretically possible but as of today those protocols are usually build-time disabled. To avoid all this
2003 Apr 04
3
trellis.graphic in for-loop
Hi list, I am unsuccessfully trying to produce a serious of trellis barcharts from within a for-loop. The barcharts work outside the loop. What am I missing? Example attached. Thanks Herry #XXXXXXXXXXXXXXXXXXXXXX trellis.device(bg="white") trellis.par.get("fontsize")->fontsize fontsize$default<-16 trellis.par.set("fontsize",fontsize)
2010 Jun 17
0
Modifyiing R working matrix within "gee" source code
Dear all, I am working on modifying the R working matrix to commodate some other correlations that not included in the package. I am having problem to locate where the R matrix are defined for regular matrices, i.e. independence, exchangeable, AR and unstructure. it might have something within .C("Cgee",but don't understand it well enough to know. Can you anyone help? /*gee source
2024 Feb 20
1
Compiling libR as a standalone C library for java+jni (-fPIC)
(cross-posted on SO: https://stackoverflow.com/questions/78022766) Hi all, I'm trying to compile R as a static library with the -fPIC flag so I can use it within java+JNI (is it only possible ?), but I cannot find the right flags in '.configure' to compile R this way. I tested various flags but I cannot find the correct syntax. for now, my latest attempt was ``` rm -rvf?