hi

classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|

hi

Shashidhar RP
 
Hi ,
      I have a problem while establishing a session using ssl.. I have a client and when the session is establised
i found that the client version is V3 but the ssl version is v2, due to which i am facing other problem.
 
I saw the ssl code - s3_cln.c is which i saw a part of this code
 
           /* s->version = SSL3_VERSION */
 
  This is there in ssl3_connect code.
Is there any chance of a V2 client becoming V3 and while connect its version is
not updated?
And
where does this version wil be set? and when it can change?
 
Plz give some I/p on this so that ican move further.
 
 
Regards
shashidhar
 
 


::DISCLAIMER::
-----------------------------------------------------------------------------------------------------------------------

The contents of this e-mail and any attachment(s) are confidential and intended for the named recipient(s) only.
It shall not attach any liability on the originator or HCL or its affiliates. Any views or opinions presented in
this email are solely those of the author and may not necessarily reflect the opinions of HCL or its affiliates.
Any form of reproduction, dissemination, copying, disclosure, modification, distribution and / or publication of
this message without the prior written consent of the author of this e-mail is strictly prohibited. If you have
received this email in error please delete it and notify the sender immediately. Before opening any mail and
attachments please check them for viruses and defect.

-----------------------------------------------------------------------------------------------------------------------
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [hidden email] Automated List Manager [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: hi

Shashidhar RP
forgot to mention that
 
 /* s->version = SSL3_VERSION */
the above line is commented in the code.... of ssl3_connect ();
is there any issue with this as the client version is updating  and ssl version not updating ??
 
 

From: [hidden email] [[hidden email]] On Behalf Of Shashidhar RP [[hidden email]]
Sent: Thursday, August 18, 2011 3:24 PM
To: [hidden email]
Subject: hi

 
Hi ,
      I have a problem while establishing a session using ssl.. I have a client and when the session is establised
i found that the client version is V3 but the ssl version is v2, due to which i am facing other problem.
 
I saw the ssl code - s3_cln.c is which i saw a part of this code
 
           /* s->version = SSL3_VERSION */
 
  This is there in ssl3_connect code.
Is there any chance of a V2 client becoming V3 and while connect its version is
not updated?
And
where does this version wil be set? and when it can change?
 
Plz give some I/p on this so that ican move further.
 
 
Regards
shashidhar
 
 


::DISCLAIMER::
-----------------------------------------------------------------------------------------------------------------------

The contents of this e-mail and any attachment(s) are confidential and intended for the named recipient(s) only.
It shall not attach any liability on the originator or HCL or its affiliates. Any views or opinions presented in
this email are solely those of the author and may not necessarily reflect the opinions of HCL or its affiliates.
Any form of reproduction, dissemination, copying, disclosure, modification, distribution and / or publication of
this message without the prior written consent of the author of this e-mail is strictly prohibited. If you have
received this email in error please delete it and notify the sender immediately. Before opening any mail and
attachments please check them for viruses and defect.

-----------------------------------------------------------------------------------------------------------------------
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [hidden email] Automated List Manager [hidden email]
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [hidden email] Automated List Manager [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: hi

Gayathri Sundar-3
Hi,

First of all your question is really strange. Please check your client and server settings as to which highest ssl version is enabled. Generally SSLv2 should be disabled and never negotiated.
The code your referring to is a piece of code that would be called when sslv3 is negotiated during the handshake.

Disable sslv2 on ur client, enable tls on both sides, and you will see that the highest common version is selected automatically by the server. Check your client hello message on the wire and see what versions are actually sent out.

Thanks
--Gayathri

On Thu, Aug 18, 2011 at 5:46 AM, Shashidhar RP <[hidden email]> wrote:
forgot to mention that
 
 /* s->version = SSL3_VERSION */
the above line is commented in the code.... of ssl3_connect ();
is there any issue with this as the client version is updating  and ssl version not updating ??
 
 

From: [hidden email] [[hidden email]] On Behalf Of Shashidhar RP [[hidden email]]
Sent: Thursday, August 18, 2011 3:24 PM
To: [hidden email]
Subject: hi

 
Hi ,
      I have a problem while establishing a session using ssl.. I have a client and when the session is establised
i found that the client version is V3 but the ssl version is v2, due to which i am facing other problem.
 
I saw the ssl code - s3_cln.c is which i saw a part of this code
 
           /* s->version = SSL3_VERSION */
 
  This is there in ssl3_connect code.
Is there any chance of a V2 client becoming V3 and while connect its version is
not updated?
And
where does this version wil be set? and when it can change?
 
Plz give some I/p on this so that ican move further.
 
 
Regards
shashidhar
 
 


::DISCLAIMER::
-----------------------------------------------------------------------------------------------------------------------

The contents of this e-mail and any attachment(s) are confidential and intended for the named recipient(s) only.
It shall not attach any liability on the originator or HCL or its affiliates. Any views or opinions presented in
this email are solely those of the author and may not necessarily reflect the opinions of HCL or its affiliates.
Any form of reproduction, dissemination, copying, disclosure, modification, distribution and / or publication of
this message without the prior written consent of the author of this e-mail is strictly prohibited. If you have
received this email in error please delete it and notify the sender immediately. Before opening any mail and
attachments please check them for viruses and defect.

-----------------------------------------------------------------------------------------------------------------------
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [hidden email] Automated List Manager [hidden email]
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [hidden email] Automated List Manager [hidden email]

Reply | Threaded
Open this post in threaded view
|

RE: hi

Shashidhar RP
Hi,
    Thanks for your quich response.
One more question.
1) Can you please tell us is there any want to check wat version client and server is using?
2) If the client rollback happens the client can rollback form version 3 to version 2 rt? In this case will it send
     V2 hello handshake or V3 hello handshake.?
3) Is there a possiblility that the client version is V3 but it can send V2 hello msg to the server? If yes then will the server treat it as V2 client and server will rollback to V2?
4) At any point of time to check the server and client version wat is the command?
5)and to check weather the client/server has rollbacked to different verion is there any way to figure out??
6)Is there any chance of server getting rollback from V3 to V2? If yes plz tell us in which cases?
 
Plz help with the answers for the above questions.
 
Regards
Shashidhar
 
 
 

From: [hidden email] [[hidden email]] On Behalf Of Gayathri Sundar [[hidden email]]
Sent: Thursday, August 18, 2011 8:14 PM
To: [hidden email]
Subject: Re: hi

Hi,

First of all your question is really strange. Please check your client and server settings as to which highest ssl version is enabled. Generally SSLv2 should be disabled and never negotiated.
The code your referring to is a piece of code that would be called when sslv3 is negotiated during the handshake.

Disable sslv2 on ur client, enable tls on both sides, and you will see that the highest common version is selected automatically by the server. Check your client hello message on the wire and see what versions are actually sent out.

Thanks
--Gayathri

On Thu, Aug 18, 2011 at 5:46 AM, Shashidhar RP <[hidden email]> wrote:
forgot to mention that
 
 /* s->version = SSL3_VERSION */
the above line is commented in the code.... of ssl3_connect ();
is there any issue with this as the client version is updating  and ssl version not updating ??
 
 

From: [hidden email] [[hidden email]] On Behalf Of Shashidhar RP [[hidden email]]
Sent: Thursday, August 18, 2011 3:24 PM
To: [hidden email]
Subject: hi

 
Hi ,
      I have a problem while establishing a session using ssl.. I have a client and when the session is establised
i found that the client version is V3 but the ssl version is v2, due to which i am facing other problem.
 
I saw the ssl code - s3_cln.c is which i saw a part of this code
 
           /* s->version = SSL3_VERSION */
 
  This is there in ssl3_connect code.
Is there any chance of a V2 client becoming V3 and while connect its version is
not updated?
And
where does this version wil be set? and when it can change?
 
Plz give some I/p on this so that ican move further.
 
 
Regards
shashidhar
 
 


::DISCLAIMER::
-----------------------------------------------------------------------------------------------------------------------

The contents of this e-mail and any attachment(s) are confidential and intended for the named recipient(s) only.
It shall not attach any liability on the originator or HCL or its affiliates. Any views or opinions presented in
this email are solely those of the author and may not necessarily reflect the opinions of HCL or its affiliates.
Any form of reproduction, dissemination, copying, disclosure, modification, distribution and / or publication of
this message without the prior written consent of the author of this e-mail is strictly prohibited. If you have
received this email in error please delete it and notify the sender immediately. Before opening any mail and
attachments please check them for viruses and defect.

-----------------------------------------------------------------------------------------------------------------------
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [hidden email] Automated List Manager [hidden email]
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [hidden email] Automated List Manager [hidden email]

______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [hidden email] Automated List Manager [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: hi

Gayathri Sundar-3
Ethereal, pls listen on port 443 and check out the handshake messages.
Btw the initial client hello (for the very 1st time) would be sent in sslv3 (assuming u have disabled v2, am not sure why ur bothered abt that version, pls disable on ur client and server). Once the initial client hello is sent,  the highest supported protocol version would be selected automatically by the server, choosing of a lower version is not allowed.
 
Thanks
--Gayathri

On Mon, Aug 22, 2011 at 5:58 AM, Shashidhar RP <[hidden email]> wrote:
Hi,
    Thanks for your quich response.
One more question.
1) Can you please tell us is there any want to check wat version client and server is using?
2) If the client rollback happens the client can rollback form version 3 to version 2 rt? In this case will it send
     V2 hello handshake or V3 hello handshake.?
3) Is there a possiblility that the client version is V3 but it can send V2 hello msg to the server? If yes then will the server treat it as V2 client and server will rollback to V2?
4) At any point of time to check the server and client version wat is the command?
5)and to check weather the client/server has rollbacked to different verion is there any way to figure out??
6)Is there any chance of server getting rollback from V3 to V2? If yes plz tell us in which cases?
 
Plz help with the answers for the above questions.
 
Regards
Shashidhar
 
 
 

From: [hidden email] [[hidden email]] On Behalf Of Gayathri Sundar [[hidden email]]
Sent: Thursday, August 18, 2011 8:14 PM
To: [hidden email]
Subject: Re: hi

Hi,

First of all your question is really strange. Please check your client and server settings as to which highest ssl version is enabled. Generally SSLv2 should be disabled and never negotiated.
The code your referring to is a piece of code that would be called when sslv3 is negotiated during the handshake.

Disable sslv2 on ur client, enable tls on both sides, and you will see that the highest common version is selected automatically by the server. Check your client hello message on the wire and see what versions are actually sent out.

Thanks
--Gayathri

On Thu, Aug 18, 2011 at 5:46 AM, Shashidhar RP <[hidden email]> wrote:
forgot to mention that
 
 /* s->version = SSL3_VERSION */
the above line is commented in the code.... of ssl3_connect ();
is there any issue with this as the client version is updating  and ssl version not updating ??
 
 

From: [hidden email] [[hidden email]] On Behalf Of Shashidhar RP [[hidden email]]
Sent: Thursday, August 18, 2011 3:24 PM
To: [hidden email]
Subject: hi

 
Hi ,
      I have a problem while establishing a session using ssl.. I have a client and when the session is establised
i found that the client version is V3 but the ssl version is v2, due to which i am facing other problem.
 
I saw the ssl code - s3_cln.c is which i saw a part of this code
 
           /* s->version = SSL3_VERSION */
 
  This is there in ssl3_connect code.
Is there any chance of a V2 client becoming V3 and while connect its version is
not updated?
And
where does this version wil be set? and when it can change?
 
Plz give some I/p on this so that ican move further.
 
 
Regards
shashidhar
 
 


::DISCLAIMER::
-----------------------------------------------------------------------------------------------------------------------

The contents of this e-mail and any attachment(s) are confidential and intended for the named recipient(s) only.
It shall not attach any liability on the originator or HCL or its affiliates. Any views or opinions presented in
this email are solely those of the author and may not necessarily reflect the opinions of HCL or its affiliates.
Any form of reproduction, dissemination, copying, disclosure, modification, distribution and / or publication of
this message without the prior written consent of the author of this e-mail is strictly prohibited. If you have
received this email in error please delete it and notify the sender immediately. Before opening any mail and
attachments please check them for viruses and defect.

-----------------------------------------------------------------------------------------------------------------------
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [hidden email] Automated List Manager [hidden email]
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [hidden email] Automated List Manager [hidden email]

______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [hidden email] Automated List Manager [hidden email]

Reply | Threaded
Open this post in threaded view
|

RE: hi

Shashidhar RP
In reply to this post by Gayathri Sundar-3
hi Gayatri,
                  Can you please tell me where can i find the ssl.conf file for windows.
will it be the same ssl.conf file or a different .conf file.?
for my linux client i found in "/etc/httpd/conf.d"
I have searched over the net i couldnt find this. For windows will it be openssl.conf or some thing else?
Please give the appropriate configuration file and the location it will/might be.
 
-shashidhar
 
 

From: [hidden email] [[hidden email]] On Behalf Of Gayathri Sundar [[hidden email]]
Sent: Thursday, August 18, 2011 8:14 PM
To: [hidden email]
Subject: Re: hi

Hi,

First of all your question is really strange. Please check your client and server settings as to which highest ssl version is enabled. Generally SSLv2 should be disabled and never negotiated.
The code your referring to is a piece of code that would be called when sslv3 is negotiated during the handshake.

Disable sslv2 on ur client, enable tls on both sides, and you will see that the highest common version is selected automatically by the server. Check your client hello message on the wire and see what versions are actually sent out.

Thanks
--Gayathri

On Thu, Aug 18, 2011 at 5:46 AM, Shashidhar RP <[hidden email]> wrote:
forgot to mention that
 
 /* s->version = SSL3_VERSION */
the above line is commented in the code.... of ssl3_connect ();
is there any issue with this as the client version is updating  and ssl version not updating ??
 
 

From: [hidden email] [[hidden email]] On Behalf Of Shashidhar RP [[hidden email]]
Sent: Thursday, August 18, 2011 3:24 PM
To: [hidden email]
Subject: hi

 
Hi ,
      I have a problem while establishing a session using ssl.. I have a client and when the session is establised
i found that the client version is V3 but the ssl version is v2, due to which i am facing other problem.
 
I saw the ssl code - s3_cln.c is which i saw a part of this code
 
           /* s->version = SSL3_VERSION */
 
  This is there in ssl3_connect code.
Is there any chance of a V2 client becoming V3 and while connect its version is
not updated?
And
where does this version wil be set? and when it can change?
 
Plz give some I/p on this so that ican move further.
 
 
Regards
shashidhar
 
 


::DISCLAIMER::
-----------------------------------------------------------------------------------------------------------------------

The contents of this e-mail and any attachment(s) are confidential and intended for the named recipient(s) only.
It shall not attach any liability on the originator or HCL or its affiliates. Any views or opinions presented in
this email are solely those of the author and may not necessarily reflect the opinions of HCL or its affiliates.
Any form of reproduction, dissemination, copying, disclosure, modification, distribution and / or publication of
this message without the prior written consent of the author of this e-mail is strictly prohibited. If you have
received this email in error please delete it and notify the sender immediately. Before opening any mail and
attachments please check them for viruses and defect.

-----------------------------------------------------------------------------------------------------------------------
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [hidden email] Automated List Manager [hidden email]
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [hidden email] Automated List Manager [hidden email]

______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [hidden email] Automated List Manager [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: hi

Gayathri Sundar-3
My windows knowlegde is at zero. sorry cant help there ..

 
On Wed, Aug 24, 2011 at 2:35 AM, Shashidhar RP <[hidden email]> wrote:
hi Gayatri,
                  Can you please tell me where can i find the ssl.conf file for windows.
will it be the same ssl.conf file or a different .conf file.?
for my linux client i found in "/etc/httpd/conf.d"
I have searched over the net i couldnt find this. For windows will it be openssl.conf or some thing else?
Please give the appropriate configuration file and the location it will/might be.
 
-shashidhar
 
 

From: [hidden email] [[hidden email]] On Behalf Of Gayathri Sundar [[hidden email]]
Sent: Thursday, August 18, 2011 8:14 PM
To: [hidden email]
Subject: Re: hi

Hi,

First of all your question is really strange. Please check your client and server settings as to which highest ssl version is enabled. Generally SSLv2 should be disabled and never negotiated.
The code your referring to is a piece of code that would be called when sslv3 is negotiated during the handshake.

Disable sslv2 on ur client, enable tls on both sides, and you will see that the highest common version is selected automatically by the server. Check your client hello message on the wire and see what versions are actually sent out.

Thanks
--Gayathri

On Thu, Aug 18, 2011 at 5:46 AM, Shashidhar RP <[hidden email]> wrote:
forgot to mention that
 
 /* s->version = SSL3_VERSION */
the above line is commented in the code.... of ssl3_connect ();
is there any issue with this as the client version is updating  and ssl version not updating ??
 
 

From: [hidden email] [[hidden email]] On Behalf Of Shashidhar RP [[hidden email]]
Sent: Thursday, August 18, 2011 3:24 PM
To: [hidden email]
Subject: hi

 
Hi ,
      I have a problem while establishing a session using ssl.. I have a client and when the session is establised
i found that the client version is V3 but the ssl version is v2, due to which i am facing other problem.
 
I saw the ssl code - s3_cln.c is which i saw a part of this code
 
           /* s->version = SSL3_VERSION */
 
  This is there in ssl3_connect code.
Is there any chance of a V2 client becoming V3 and while connect its version is
not updated?
And
where does this version wil be set? and when it can change?
 
Plz give some I/p on this so that ican move further.
 
 
Regards
shashidhar
 
 


::DISCLAIMER::
-----------------------------------------------------------------------------------------------------------------------

The contents of this e-mail and any attachment(s) are confidential and intended for the named recipient(s) only.
It shall not attach any liability on the originator or HCL or its affiliates. Any views or opinions presented in
this email are solely those of the author and may not necessarily reflect the opinions of HCL or its affiliates.
Any form of reproduction, dissemination, copying, disclosure, modification, distribution and / or publication of
this message without the prior written consent of the author of this e-mail is strictly prohibited. If you have
received this email in error please delete it and notify the sender immediately. Before opening any mail and
attachments please check them for viruses and defect.

-----------------------------------------------------------------------------------------------------------------------
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [hidden email] Automated List Manager [hidden email]
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [hidden email] Automated List Manager [hidden email]

______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [hidden email] Automated List Manager [hidden email]

Reply | Threaded
Open this post in threaded view
|

RE: hi

Shashidhar RP
Hi Gayatri,
   
        Can u tell me wat is the cmd to disconnect from the ssl session.
The problem is as follows:

 1) while disconnecting ssl session, in ssl_writepending() there we get an exception because we are de-referencing a null pointer.
 2) when we see the code we found that the ssl->version is showing as V2 but client->version is V3. we are checking the ssl version and de-referencing the pointer which seems to be Null pointer.Actual data is there in V3
 3) To debug that from the client i establised ssl session using below command.
             openssl s_client -connect <server>:443
       for connection from the client.In my gdb it hit on one ssl23_get_client_hello().
 4) In order to disconnect this i tried Ctrl-C on the client. I have put a break point in ssl_usrdisconnect(). It did not hit there. I have put break points in couple of places as well but did not hit.
 5) I think it did not disconnect. Can u suggest on this.

   

-shashidhar
________________________________________
From: [hidden email] [[hidden email]] On Behalf Of Gayathri Sundar [[hidden email]]
Sent: Wednesday, August 24, 2011 10:06 PM
To: [hidden email]
Subject: Re: hi

My windows knowlegde is at zero. sorry cant help there ..


On Wed, Aug 24, 2011 at 2:35 AM, Shashidhar RP <[hidden email]<mailto:[hidden email]>> wrote:
hi Gayatri,
                  Can you please tell me where can i find the ssl.conf file for windows.
will it be the same ssl.conf file or a different .conf file.?
for my linux client i found in "/etc/httpd/conf.d"
I have searched over the net i couldnt find this. For windows will it be openssl.conf or some thing else?
Please give the appropriate configuration file and the location it will/might be.

-shashidhar


________________________________
From: [hidden email]<mailto:[hidden email]> [[hidden email]<mailto:[hidden email]>] On Behalf Of Gayathri Sundar [[hidden email]<mailto:[hidden email]>]
Sent: Thursday, August 18, 2011 8:14 PM
To: [hidden email]<mailto:[hidden email]>
Subject: Re: hi

Hi,

First of all your question is really strange. Please check your client and server settings as to which highest ssl version is enabled. Generally SSLv2 should be disabled and never negotiated.
The code your referring to is a piece of code that would be called when sslv3 is negotiated during the handshake.

Disable sslv2 on ur client, enable tls on both sides, and you will see that the highest common version is selected automatically by the server. Check your client hello message on the wire and see what versions are actually sent out.

Thanks
--Gayathri

On Thu, Aug 18, 2011 at 5:46 AM, Shashidhar RP <[hidden email]<mailto:[hidden email]>> wrote:
forgot to mention that

 /* s->version = SSL3_VERSION */
the above line is commented in the code.... of ssl3_connect ();
is there any issue with this as the client version is updating  and ssl version not updating ??


________________________________
From: [hidden email]<mailto:[hidden email]> [[hidden email]<mailto:[hidden email]>] On Behalf Of Shashidhar RP [[hidden email]<mailto:[hidden email]>]
Sent: Thursday, August 18, 2011 3:24 PM
To: [hidden email]<mailto:[hidden email]>
Subject: hi


Hi ,
      I have a problem while establishing a session using ssl.. I have a client and when the session is establised
i found that the client version is V3 but the ssl version is v2, due to which i am facing other problem.

I saw the ssl code - s3_cln.c is which i saw a part of this code

           /* s->version = SSL3_VERSION */

  This is there in ssl3_connect code.
Is there any chance of a V2 client becoming V3 and while connect its version is
not updated?
And
where does this version wil be set? and when it can change?

Plz give some I/p on this so that ican move further.


Regards
shashidhar



________________________________
::DISCLAIMER::
-----------------------------------------------------------------------------------------------------------------------

The contents of this e-mail and any attachment(s) are confidential and intended for the named recipient(s) only.
It shall not attach any liability on the originator or HCL or its affiliates. Any views or opinions presented in
this email are solely those of the author and may not necessarily reflect the opinions of HCL or its affiliates.
Any form of reproduction, dissemination, copying, disclosure, modification, distribution and / or publication of
this message without the prior written consent of the author of this e-mail is strictly prohibited. If you have
received this email in error please delete it and notify the sender immediately. Before opening any mail and
attachments please check them for viruses and defect.

-----------------------------------------------------------------------------------------------------------------------
______________________________________________________________________ OpenSSL Project http://www.openssl.org<http://www.openssl.org/> User Support Mailing List [hidden email]<mailto:[hidden email]> Automated List Manager [hidden email]<mailto:[hidden email]>
______________________________________________________________________ OpenSSL Project http://www.openssl.org<http://www.openssl.org/> User Support Mailing List [hidden email]<mailto:[hidden email]> Automated List Manager [hidden email]<mailto:[hidden email]>

______________________________________________________________________ OpenSSL Project http://www.openssl.org<http://www.openssl.org/> User Support Mailing List [hidden email]<mailto:[hidden email]> Automated List Manager [hidden email]<mailto:[hidden email]>

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]