https://bz.apache.org/bugzilla/show_bug.cgi?id=56108
Rainer Jung changed:
What|Removed |Added
Status|NEW |RESOLVED
Resolution|---
https://bz.apache.org/bugzilla/show_bug.cgi?id=56108
--- Comment #9 from Michael Osipov <1983-01...@gmx.net> ---
We have recently upgraded to Tomcat 6.0.45 which has libtcnative 1.1.34
included. I scanned the endpoint with sslscan and I can confirm that DHE is now
serverd with 2048 bits. Rainer, t
https://bz.apache.org/bugzilla/show_bug.cgi?id=56108
--- Comment #8 from Bruno Campolo ---
Hi Rainer, it sounds like this fix is in 1.2.2, but missed in the changelog and
will be in the upcoming 1.1.34. Is this a correct summary?
If so, can the changelog for 1.2.2 be updated to include these no
https://bz.apache.org/bugzilla/show_bug.cgi?id=56108
Bruno Campolo changed:
What|Removed |Added
CC||bcamp...@mmm.com
--
You are receiving
https://bz.apache.org/bugzilla/show_bug.cgi?id=56108
--- Comment #7 from Rainer Jung ---
It is in 1.2.2, but the change had already also been backported to the 1.1
branch for the forthcoming 1.1.34.
The changelog of 1.2.2 starts on top of 1.1 but unfirtunately not on top of the
last released 1.1
https://bz.apache.org/bugzilla/show_bug.cgi?id=56108
--- Comment #6 from Michael Osipov <1983-01...@gmx.net> ---
Hi Rainer, 1.2.2 has been released
(http://tomcat.apache.org/native-doc/miscellaneous/changelog.html). I cannot
see the changes you have made. Has this been postponed to 1.2.3?
--
You
https://bz.apache.org/bugzilla/show_bug.cgi?id=56108
--- Comment #5 from Rainer Jung ---
Yes. A release vote for the first public release 1.2.2 is in progress. The
release should be available in a few days.
--
You are receiving this mail because:
You are the assignee for the bug.
-
https://bz.apache.org/bugzilla/show_bug.cgi?id=56108
--- Comment #4 from Robert Paasche ---
Is this part of tcnativ 1.2.x ?
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: de
https://bz.apache.org/bugzilla/show_bug.cgi?id=56108
MichaĆ Staruch changed:
What|Removed |Added
CC||m...@cinkciarz.pl
--
You are receivi
https://bz.apache.org/bugzilla/show_bug.cgi?id=56108
--- Comment #3 from Rainer Jung ---
I have ported the current mod_ssl code from httpd to tcnative with the
following features:
- by default use the same size for DH as the key used in the certificate. So
certificate strength reflects in key ex
https://bz.apache.org/bugzilla/show_bug.cgi?id=56108
bpoy...@ccac.edu changed:
What|Removed |Added
CC||bpoy...@ccac.edu
--
You are receivi
https://bz.apache.org/bugzilla/show_bug.cgi?id=56108
--- Comment #2 from Robert Paasche ---
Removed switch key, to handle more private keylenght (e.g. 3072 bits).
DH *SSL_callback_tmp_DH(SSL *ssl, int export, int keylen)
{
EVP_PKEY *pkey;
int type;
pkey = SSL_get_privatekey(ssl);
https://bz.apache.org/bugzilla/show_bug.cgi?id=56108
Robert Paasche changed:
What|Removed |Added
CC||r.paas...@pripares.com
--
You are re
https://bz.apache.org/bugzilla/show_bug.cgi?id=56108
Robert Paasche changed:
What|Removed |Added
Summary|Allow user-defined |Allow user-defined
https://bz.apache.org/bugzilla/show_bug.cgi?id=56108
--- Comment #1 from Robert Paasche ---
This would not change anything.
The real solution (based on mod_ssl) would to change the callbackmethod to:
DH *SSL_callback_tmp_DH(SSL *ssl, int export, int keylen)
{
EVP_PKEY *pkey;
int type;
15 matches
Mail list logo
