
	Where results make sense

Topic: OpenSSL

Related Topics

GnuTLS

Https

Monokote

Session Initiation Protocol

X3D Fritz

ETAOIN SHRDLU

Partido Solidaridad Democratica

Eavesdropping

National Arbor Day Foundation

Menial

Pavel Axelrod

Kerogen

Hernando County, Florida

Milton Township, Minnesota

Secure Sockets Layer

	OpenSSL: The Open Source toolkit for SSL/TLS
		The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the
		OpenSSL is based on the excellent SSLeay library developed by Eric A. Young and Tim J. Hudson.
		The OpenSSL toolkit is licensed under an Apache-style licence, which basically means that you are free to get and use it for commercial and non-commercial purposes subject to some simple license conditions.
	www.openssl.org (329 words)

	OpenSSL - Wikipedia, the free encyclopedia
		OpenSSL 0.9.7 was released on December 31, 2002.
		OpenSSL 0.9.6 was released on September 25, 2000.
		An alternative to this workaround, suggested by the OpenSSL Project in their FAQ, is to provide a dual license: allow users to choose to use your program under either the GPL (without OpenSSL) or a license that is compatible with the OpenSSL license.
	en.wikipedia.org /wiki/OpenSSL (1148 words)

	oreilly.com -- Online Catalog: Network Security with OpenSSL
		OpenSSL is a popular and effective open source version of SSL/TLS, the most widely used protocol for secure network communications.
		The OpenSSL library is seeing widespread adoption for web sites that require cryptographic functions to protect a broad range of sensitive information, such as credit card numbers and other financial transactions.
		Although OpenSSL is written in C, information on how to use OpenSSL with Perl, Python and PHP is also included.
	www.oreilly.com /catalog/openssl (1072 words)

	Security Alert: Remote Buffer Overflows in OpenSSL
		OpenSSL is subject to four remotely exploitable buffer overflows, as well as problems in the ASN.1 encoding library (included in the OpenSSL distribution) [2,3].
		To summarize, OpenSSL servers are subject to the SSLv2 handshake buffer overflow, the SSLv3 with Kerberos buffer overflow, the ASCII representation buffer overflow, and the ASN.1 denial-of-service exposure.
		OpenSSL clients are subject to the SSLv3 handshake buffer overflow, the ASCII representation buffer overflow, and the ASN.1 denial-of-service exposure.
	www.counterpane.com /alert-v20020731001.html (1051 words)

	Alexandra Vidas' Distributed Systems Installation: OpenSSL
		OpenSSL is a toolkit that uses Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, paired with a cryptography library.
		OpenSSL is used to generate and define certificates and cryptographic parameters, including public and private keys.
		It is also worth noting that due to the way Red Hat supplies its packages, updates to openssl on each distribution never change the package version, only the build number.
	www.unc.edu /~vidaa/inls183/183OpenSSL.html (1118 words)

	Dr. Dobb's \| Using OpenSSL with Asynchronous Sockets \| September 11, 2002 (Site not responding. Last check: 2007-09-17)
		OpenSSL is a higher level, open-source alternative that allows you to easily add the security of an SSL connection to TCP/IP clients and servers.
		The OpenSSL Project (www.openssl.org) is a collaborative effort to develop a robust, commercial-grade, full-featured, cross-platform, and open-source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and its successor, Transport Layer Security (TLS v1).
		The OpenSSL toolkit BIO interface includes a method of accessing the internal BIO data buffer directly, rather than passing in a new buffer for the data to be copied into or out of.
	www.ddj.com /dept/windows/184416574 (1858 words)

	CERT Advisory CA-2002-23 Multiple Vulnerabilities In OpenSSL
		OpenSSL clients using SSLv3 prior to version 0.9.6e and pre-release version 0.9.7-beta2 contain a buffer overflow vulnerability.
		Although these vulnerabilities affect OpenSSL, other implementations of the SSL protocol that use or share a common code base may be affected.
		OpenSSL advisory as well, sites running OpenSSL 0.9.6d servers on 32-bit platforms with SSLv2 handshaking disabled will not be affected by any of the buffer overflows described above.
	www.cert.org /advisories/CA-2002-23.html (1653 words)

	[No title]
		DESCRIPTION ----------- The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, fully featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.
		OpenSSL is based on the excellent SSLeay library developed from Eric A. Young and Tim J. Hudson.
		The OpenSSL toolkit is licensed under a dual-license (the OpenSSL license plus the SSLeay license) situation, which basically means that you are free to get and use it for commercial and non-commercial purposes as long as you fulfill the conditions of both licenses.
	www.sunfreeware.com /README.openssl (759 words)

	Secure programming with the OpenSSL API, Part 1: Overview of the API
		If the latest version of OpenSSL is not available for your distribution, then it is recommended that the only files you overwrite are the libraries, not the executable.
		OpenSSL uses an abstraction library called BIO to handle communication of various kinds, including files and sockets, both secure and not.
		You can download OpenSSL sources from the OpenSSL Project; be sure also to check on the current state of documentation.
	www-106.ibm.com /developerworks/linux/library/l-openssl.html (3759 words)

	openssl
		The openssl program is a command line tool for using the various cryptog- raphy functions of OpenSSL's crypto library from the shell.
		openssl enc -ciphername [-AadePp] [-debug] [-engine id] [-nopad] [-nosalt] [-salt] [-bufsize number] [-in file] [-iv IV] [-K key] [-k password] [-kfile file] [-out file] [-pass arg] [-S salt] The symmetric cipher commands allow data to be encrypted or decrypted us- ing various block and stream ciphers using keys based on passwords or ex- plicitly provided.
		openssl nseq [-toseq] [-in file] [-out file] The nseq command takes a file containing a Netscape certificate sequence and prints out the certificates contained in it or takes a file of cer- tificates and converts it into a Netscape certificate sequence.
	resin.csoft.net /cgi-bin/man.cgi?sektion=1&topic=openssl (14142 words)

	freshmeat.net: Project details for OpenSSL
		The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, fully featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) as well as a full-strength general-purpose cryptography library.
		It means that OpenSSL is becoming a non-free software project, because the code from Sun contains licenses which invoke patent litigation; the licence on the new code basically builds a contract that says "if you use this code, you cannot sue Sun".
		OpenSSL is easy to setup and use and compiles on a variety of systems.
	freshmeat.net /projects/openssl (568 words)

	ISS X-Force Database: openssl-ssl2-masterkey-bo(9714): OpenSSL SSL2 master key buffer overflow
		OpenSSL is an open-source implementation of the SSL (Secure Sockets Layer) and TLS (Transport Layer Security) protocols that is included with many Linux distributions.
		OpenSSL versions 0.9.6d and earlier, 0.9.7-beta2 and earlier, and the current development snapshots of 0.9.7 are vulnerable to a buffer overflow, caused by improper handling of SSL2 client master keys.
		CVE-2002-0656: Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3.
	xforce.iss.net /xforce/xfdb/9714 (856 words)

	CERT Advisory CA-2003-26 Multiple Vulnerabilities in SSL/TLS Implementations
		OpenSSL is a widely deployed open source implementation of the SSL and TLS protocols.
		For at least one vulnerability in OpenSSL (VU#935264), a remote attacker may be able to execute arbitrary code.
		The OpenSSL version in COS 3.4 and earlier is vulnerable.
	www.cert.org /advisories/CA-2003-26.html (2549 words)

	M-103: Multiple Vulnerabilities in OpenSSL
		Description OpenSSL is a widely deployed, open source implementation of the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.
		VU#102795 - OpenSSL servers contain a buffer overflow during the SSLv2 handshake process Versions of OpenSSL servers prior to 0.9.6e and pre-release version 0.9.7-beta2 contain a remotely exploitable buffer overflow vulnerability.
		As noted in the OpenSSL advisory, separate patches are available: Combined patches for OpenSSL 0.9.6d: http://www.openssl.org/news/patch_20020730_0_9_6d.txt After either applying the patches above or upgrading to 0.9.6e, recompile all applications using OpenSSL to support SSL or TLS services, and restart said services or systems.
	www.ciac.org /ciac/bulletins/m-103.shtml (1390 words)

	OpenSSL MPE/iX and BSAFE Crypto-C Patches
		These patches have not been submitted back to the OpenSSL mainline source tree because the OpenSSL developers are unwilling to accept patches that originate in the US until US crypto regulations are clarified and/or liberalized further.
		These patches modify OpenSSL to call the RSA BSAFE Crypto-C implementations of the RC2, RC4, RC5, and RSA algorithms.
		OpenSSL 0.9.4 BSAFE Crypto-C 4.2 patch (a little rough; not as well integrated with the config scripts compared to the 0.9.5a patch)
	jazz.external.hp.com /src/openssl (482 words)

	PHP: OpenSSL Functions - Manual (Site not responding. Last check: 2007-09-17)
		This is because the openssl library now requires you to load your ciphers manually -- all ciphers are not automatically loaded for you.
		The openssl functions were disabled in Debian release 3.0 (woody), but as of release 3.1 (sarge) they're available again.
		Debian maintainers have disabled the openssl support because it seems to help break apache on startup.
	php.net /openssl (1442 words)

	FreshPorts -- security/openssl
		The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
		The project is managed by a worldwide community of volunteers that use the Internet to communicate, plan, and develop the OpenSSL tookit and its related documentation.
		OpenSSL is based on the excellent SSLeay library developed by Eric A.
	www.freshports.org /security/openssl (1127 words)

	[No title]
		OpenSSL License --------------- /* ==================================================================== * Copyright (c) 1998-2004 The OpenSSL Project.
		The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to * endorse or promote products derived from this software without * prior written permission.
		Products derived from this software may not be called "OpenSSL" * nor may "OpenSSL" appear in their names without prior written * permission of the OpenSSL Project.
	insecure.org /nmap/data/COPYING.OpenSSL (602 words)

	OpenSSL - Free Standards Group
		The OpenSSL candidate is a toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.
		It may not be possible to create a highly sophisticated OpenSSL application without using full type information since not every detail of the library is available through accessor functions, however the common case appears to be well covered with accessor functions.
		At least one person - Paul Mackay has asked for a review on GnuTLS vs openssl although he seemed very reasonable in admitting that openssl was being adopted as it was de facto being used by many distributions.
	www.freestandards.org /en/OpenSSL (652 words)

	RPM resource openssl (Site not responding. Last check: 2007-09-17)
		The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography.
		Derivation and License OpenSSL is based on the excellent SSLeay library developed by Eric A. Young and Tim J. Hudson.
		The OpenSSL toolkit is licensed under an Apache-style licence which basically means that you are free to get it and to use it for commercial and non-commercial purposes.
	rpmfind.net /linux/rpm2html/search.php?query=openssl (666 words)

	OpenSSL Vulnerability
		OpenSSL is a widely deployed, open source implementation of the SSL and Transport Layer Security (TLS) protocols.
		Kerberos-enabled OpenSSL 0.9.7-beta2 servers have a buffer overflow on the stack that may allow a remote attacker to execute arbitrary code.
		OpenSSL is a software package that uses strong cryptography in authentication systems, mail servers, and web servers.
	www.iwar.org.uk /infocon/advisories/2002/02-006.htm (355 words)

	PHP: OpenSSL Functions - Manual
		OpenSSL offers many features that this module currently doesn't support.
		will be assumed to be found in the default certificate area, as configured at the time that the openssl DLL was compiled.
		Quite a few of the openssl functions require a key or a certificate parameter.
	www.phpbuilder.com /manual/ref.openssl.php (941 words)

	Fixes are in for OpenSSL \| Tech News on ZDNet (Site not responding. Last check: 2007-09-17)
		OpenSSL is an open implementation of Secure Sockets Layer (SSL) encryption, which is used by almost all Web browsers as a way to secure data that travels over the public Internet.
		A survey conducted last November found that nearly half of the Web servers involved in the study ran a version of OpenSSL that hadn't been recently patched.
		A flaw in the Web server component based of OpenSSL was responsible for allowing the Linux Slapper worm to spread in September 2002.
	news.zdnet.com /2100-1009_22-5174911.html (547 words)

	OpenSSL Command-Line HOWTO
		openssl application is somewhat scattered, however, so this article aims to provide some practical examples of its use.
		If you’ve already got a key and would like to use it for generating the request, the syntax is a bit simpler.
		To verify a signed digest you’ll need the file from which the digest was derived, the signed digest, and the signer’s public key.
	www.madboa.com /geek/openssl (4559 words)

Try your search on: Qwika (all wikis)