Hello,
I’ve found there is issue in opensssl for timezone. As I understood if I add
time zone then it will be create as per that time zone but it has been created
by adding that much amount of time. As shown below.
When I am going to create certificate with –startdate and –enddate in format
Probably this strict aliasing 64-bit optimization bug for
crypto/bn/bn_nist.c
What bug are you talking about? There doesn't seem to be a strict
aliasing warning in that file, and they use a union to get around
the problem.
Mac OSX compiler fail test/ectest: cc [Apple LLVM version 4.2
Hi,
For reference. Why does it show up with no-asm? bn_nist.c is
collection of functions for specific moduli, but it's perfectly
possible to calculate the result using general-purpose subroutines.
It was found that general-purpose *assembly* code paths deliver
better performance and it was
On 02/07/13 23:35, Andy Polyakov via RT wrote:
The CVS repositories on cvs.openssl.org are still up and serving stale
data. Please turn them off
If you're referring to http://cvs.openssl.org, then removal would hardly
be appropriate, because there are references to it in lists and RT. It
On Thu Feb 14 04:35:05 2013, rs...@akamai.com wrote:
Unfortunately some platforms can't automatically build the files
e.g. WIN32, VMS.
Okay, so those targets shouldn't get invoked?
Or are you saying that you WANT the build to fail on those
platforms?
Ah so you're saying the files would
We extract a tarball and make everything read-only. Sometimes an item in the
distribution gets re-made. This can fail because of permissions. So, on
platforms where this would happen, we'd like to remove the file first. I
wasn't advocating to remove them from the distro, I understand we need
I see that we've used up all 32 bits of options in the SSL structure. Any
thought given on how to extend that? A 64-bit long long seems simplest, but
might have issues with some of your older platforms.
/r$
--
Principal Security Engineer
Akamai Technology
Cambridge, MA
Hi,
if openssl 1.0.1e is compiled with the -DOPENSSL_NO_TLS1_2_CLIENT
option make test fails with:
Testing AES256-GCM-SHA384
Available compression methods:
1: zlib compression
ERROR in CLIENT
4147160712:error:140740B5:SSL routines:SSL23_CLIENT_HELLO:no ciphers
available:s23_clnt.c:486:
This bug about an incompatibility of cms-test.pl with old Perl versions
has been fixed in 2011 for trunk by Andy (thanks!), but not been
backported to any release branch. I verified it today for 1.0.1 on
Solaris 8. It would be nice if the simple change could be applied to at
least some of the
Forwarding to dev team as well
-- Forwarded message --
From: Rajeswari K raji.kotamr...@gmail.com
Date: Thu, Feb 14, 2013 at 4:58 PM
Subject: Openssl-0.9.8q
To: openssl-us...@openssl.org
Hello Team,
Our project uses openssl to perform ssl handshake and uses hardware crypto
Hi,
there is a problem with certificate verification. Windows allows the generation
of CA certificates which uses RSA-SHA512 as the hash algorithm. But this hash
algorithm is currently not supported by OpenSSL. Will this issue be fixed in
future or is there a workaround for this?
Regards,
On Thu Feb 14 18:14:37 2013, woll...@igel.com wrote:
Hi,
there is a problem with certificate verification. Windows allows the
generation of CA certificates which uses RSA-SHA512 as the hash
algorithm. But this hash algorithm is currently not supported by
OpenSSL. Will this issue be fixed in
On Thu, Feb 14, 2013, Salz, Rich wrote:
I see that we've used up all 32 bits of options in the SSL structure. Any
thought given on how to extend that? A 64-bit long long seems simplest,
but might have issues with some of your older platforms.
OpenSSL 1.0.2 has added an extra cert_flags
OpenSSL 1.0.2 has added an extra cert_flags field as part of the CERT
structure. Adding things to
CERT has the advantage that it is one of the few structures in the ssl
library that has always been opaque.
And so do you change the options from a raw hex number (0x08000 etc) to a
bitnumber
14 matches
Mail list logo
