Re: How to help OpenSSL

I see. Thank you. 2014-04-28 0:48 GMT+08:00 Dr. Stephen Henson st...@openssl.org: On Sun, Apr 27, 2014, Weibin Yao wrote: Is it accessable for read (rt.openssl.org) ? I can't access it and don't know where to register. Read access is possible through the guest account:

Re: Which of HOW TO CONTRIBUTE TO OpenSSL in README is still relevant?

On Fri, Apr 25, 2014, Jeff Trawick wrote: Note: Glance at http://wiki.openssl.org/index.php/Main_Page#Feedback_and_Contributions for some context. Anyway, about that section in README: openssl-bugs is dead, right? (instead: https://www.openssl.org/support/rt.html) It still works but

Re: Which of HOW TO CONTRIBUTE TO OpenSSL in README is still relevant?

On 04/28/2014 07:31 AM, Dr. Stephen Henson wrote: ... Unknown. Can someone comment on this? With respect to U.S. export controls (EAR), open source cryptographic code contributions appearing on the publicly visible OpenSSL web site appear to fall under the TSU exception to ECCN 5D002. The

Re: [openssl.org #3328] [PATCH] Support for GOST R 34.10-2012 digital signature algorithm

Дмитрий, а есть ли у вас планы по внедрению TLS, основанного на новых ГОСТах, в OpenSSL ? Сам собирался занятся этим в начале лета, после отпуска. С вашей помощью, теперь, это совсем тривиально должно получиться. Можно скооперироваться как-нибудь. Если вы, конечно, всё сами не сделаете до этого.

RE: [openssl.org #3331] [PATCH] respect LDFLAGS during build

While rpaths are not needed in some contexts, they are important in others, please do not remove rpath support. Yes, such as cross-compiling or embedded systems. I think it's reasonable to make it a config option tho. /r$ -- Principal Security Engineer Akamai Technologies,

RE: [openssl.org #3133] AutoReply: minor make install improvement for Windows/Visual Studio in ms\nt.mak

Hi, It unfortunately took a long time that I was able to check the problem below again. The proposed fix is incorrect. Because the .mak file is generated by util/mk1mf.pl, the change should be done on top of that file. Both for openssl1.0.1e as well as for openssl1.0.1g the following diff can

Re: Which of HOW TO CONTRIBUTE TO OpenSSL in README is still relevant?

On Mon, Apr 28, 2014 at 8:33 AM, Steve Marquess marqu...@opensslfoundation.com wrote: On 04/28/2014 07:31 AM, Dr. Stephen Henson wrote: ... Unknown. Can someone comment on this? With respect to U.S. export controls (EAR), open source cryptographic code contributions appearing on the

Re: [openssl.org #3320] Invalid large memory access in openssl due

to a bug on the client side Reply-To: In-Reply-To: 2a0efb9c05d0164e98f19bb0af3708c7120c61f...@usmbx1.msg.corp.akamai.com On Sat, Apr 26, 2014 at 01:16:08PM -0400, Salz, Rich wrote: If the API requires the same buffer and count, then perhaps the SSL structure should hold those values, and

Re: [openssl.org #3320] Invalid large memory access in openssl due

to a bug on the client side Reply-To: In-Reply-To: 2a0efb9c05d0164e98f19bb0af3708c7120c61f...@usmbx1.msg.corp.akamai.com On Sat, Apr 26, 2014 at 01:16:08PM -0400, Salz, Rich wrote: If the API requires the same buffer and count, then perhaps the SSL structure should hold those values, and

Re: [openssl.org #3320] Invalid large memory access in openssl due

On 28 Apr 2014, at 4:20 PM, Kurt Roeckx wrote: To me this all sounds like an we end up in an inconsistent state. I'm expecting write(2) like behaviour of SSL_write(). You can request write(2)-like behavior from SSL_write() by setting SSL_MODE_ENABLE_PARTIAL_WRITE with SSL_CTX_set_mode().