[Date Prev][Date Next] [Chronological] [Thread] [Top]

Best version of OpenSSL?

To: OpenLDAP Software List <openldap-software@OpenLDAP.org>
Subject: Best version of OpenSSL?
From: Dave Horsfall <daveh@ci.com.au>
Date: Fri, 20 Aug 2004 14:41:52 +1000 (EST)
Archive: No

[ Yes, it's an OpenLDAP question ]

What's the "best" version of OpenSSL to use with OpenLDAP?  FreeBSD 4.10
ships with 0.9.7d, and I'm having trouble getting it to work with an old
server running 0.9.6a; I have no trouble getting 0.9.6g to work with
0.9.6a though.

I vaguely recall someone (Howard?) saying that 0.9.7 is buggy...

Yes, all servers are running OpenLDAP 2.0.25, as upgrading is not an
option right now.  The problem is ldap_pvt_tls_check_hostname() calling
method->ext_free(alt), and that function is null because the
"ASN1_ITEM_EXP *it" method is defined.  The certificate handed from the
ancient server in question has several Alternative Names, if that makes a
difference.

-- 
Dave Horsfall  DTM  VK2KFU  daveh@ci.com.au  Ph: +61 2 9906-7866  Fx: 9906-1556
Corinthian Engineering, Level 1, 401 Pacific Hwy, Artarmon, NSW 2064, Australia

Follow-Ups:
- Re: Best version of OpenSSL?
  - From: Howard Chu <hyc@symas.com>

Prev by Date: Re: openldap slowness...
Next by Date: Re: Best version of OpenSSL?
Index(es):
- Chronological
- Thread