Re: (start_)tls and openssl-0.9.8a

2005-11-22 Thread Goetz Babin-Ebell
Nikola Milutinovic wrote: Goetz Babin-Ebell wrote: Nikola Milutinovic wrote: Hmm, first of all, why "no-idea, no-rc5"? You have better implementations on your system? I usually let OpenSSL be the provider of those algorithms. Because idea and rc5 have patent issues ? Heh, forgot about th

Re: (start_)tls and openssl-0.9.8a

2005-11-22 Thread Andreas Hasenack
On Tue, Nov 22, 2005 at 07:34:07AM +0100, Nikola Milutinovic wrote: > >What didn't work (./Configure); > >zlib no-idea no-mdc2 no-rc5 no-ec no-ecdh no-ecdsa shared > > > >What worked: > >no-idea no-rc5 shared > > > > Hmm, first of all, why "no-idea, no-rc5"? You have better Patents > If you hav

Re: (start_)tls and openssl-0.9.8a

2005-11-22 Thread Nikola Milutinovic
Goetz Babin-Ebell wrote: Nikola Milutinovic wrote: Hmm, first of all, why "no-idea, no-rc5"? You have better implementations on your system? I usually let OpenSSL be the provider of those algorithms. Because idea and rc5 have patent issues ? Heh, forgot about that one... Why does OpenSS

Re: (start_)tls and openssl-0.9.8a

2005-11-22 Thread Goetz Babin-Ebell
Nikola Milutinovic wrote: Andreas Hasenack wrote: On Mon, Nov 21, 2005 at 03:15:03PM +0100, Nikola Milutinovic wrote: Then there is a change in semantics of the OpenSSL API and somebody will have to dig through the docs. Just changed a build option for openssl. What didn't work (./Config

Re: (start_)tls and openssl-0.9.8a

2005-11-21 Thread Nikola Milutinovic
Andreas Hasenack wrote: On Mon, Nov 21, 2005 at 03:15:03PM +0100, Nikola Milutinovic wrote: Then there is a change in semantics of the OpenSSL API and somebody will have to dig through the docs. Just changed a build option for openssl. What didn't work (./Configure); zlib no-idea no-

Re: (start_)tls and openssl-0.9.8a

2005-11-21 Thread Andreas Hasenack
On Mon, Nov 21, 2005 at 03:15:03PM +0100, Nikola Milutinovic wrote: > Andreas Hasenack wrote: > > >On Mon, Nov 21, 2005 at 02:04:08PM +0100, Nikola Milutinovic wrote: > > > > > >>(sigh) we all hate when that happens... Have you ran OpenSSL tests after > >>building it? "gmake check" or "gmake tes

Re: (start_)tls and openssl-0.9.8a

2005-11-21 Thread Andreas Hasenack
On Mon, Nov 21, 2005 at 02:04:08PM +0100, Nikola Milutinovic wrote: > (sigh) we all hate when that happens... Have you ran OpenSSL tests after > building it? "gmake check" or "gmake test". make test in openssl just works, no errors. Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FA

(start_)tls and openssl-0.9.8a

2005-11-21 Thread Andreas Hasenack
Has anybody else got problems with tls and openssl-0.9.8a with cyrus-imapd-2.2.12? I just rebuilt it with that version of openssl and (start) tls stopped working: $ imtest mymachine -t "" -v (...) SSL3 alert read:fatal:bad record mac SSL_connect:failed in SSLv3 read finished A SSL_connect error 0