://msdn.microsoft.com/en-us/library/windows/desktop/aa378149(v=vs.85).aspx
--
Kurt Cancemi
https://www.x64architecture.com
On Fri, Jan 27, 2017 at 12:13 AM, Rod Falck <r.fa...@comforte.com> wrote:
> Hi,
>
>
>
> I have an OpenSSL based client which fails when validating a certificate
&g
) returns NULL and SSL_CTX_new()
returns NULL because the input argument (the server method) is NULL. You should
check the return value of SSL_CTX_new() no matter what because it can fail.
Kurt Cancemi
k...@x64architecture.com
> On Jul 11, 2016, at 08:10, Dmytro Shamatrin via RT <r.
) returns NULL and SSL_CTX_new()
returns NULL because the input argument (the server method) is NULL. You should
check the return value of SSL_CTX_new() no matter what because it can fail.
Kurt Cancemi
k...@x64architecture.com
> On Jul 11, 2016, at 08:10, Dmytro Shamatrin via RT <r.
Link to GitHub PR: https://github.com/openssl/openssl/pull/1039
--
Kurt Cancemi
https://www.x64architecture.com
On Mon, May 9, 2016 at 5:41 AM, Matt Caswell <m...@openssl.org> wrote:
> Looks ok to me. I suggest you raise it as a GitHub PR.
>
> Matt
>
--
openssl-dev mailing l
@@ -135,10 +135,10 @@
int CRYPTO_THREAD_run_once(CRYPTO_ONCE *once, void (*init)(void))
{
-if (InitOnceExecuteOnce(once, once_cb, init, NULL))
-return 1;
+if (!InitOnceExecuteOnce(once, once_cb, init, NULL))
+return 0;
-return 0;
+return 1;
}
# endif
--
Kurt
Attached is the patch to fix the issue, also please close RT#4534 I
sent an invalid reply which got translated into another RT issue.
--
Kurt Cancemi
https://www.x64architecture.com
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4533
Please log in as guest with password guest
Attached is the patch to fix the issue
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4534
Please log in as guest with password guest if prompted
>From c27b3a648532388cf59ee55c41ad433c8f323542 Mon Sep 17 00:00:00 2001
From: Kurt Cancemi <k...@x64architecture.com>
Date: W
The attached patch adds a missing NULL check in i2d_PrivateKey(), it
also removes the parentheses around the last return value to be
consistent with the rest of the function.
--
Kurt Cancemi
https://www.x64architecture.com
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4533
the stdout issue
(I don't know if its proper) that uses the method from the
x86_64 perl files if thats the way to go I'll make a complete patch.
(see aes-armv4.pl.patch)
--
Kurt Cancemi
https://www.x64architecture.com
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4325
Please log
Rich,
I think he was asking if the OpenSSL team would say if a new vulnerability
affected 0.9.8 after support has ended.
On Jul 21, 2015, at 7:04 AM, Salz, Rich rs...@akamai.com wrote:
could we (0.9.8 users!) expect patch suggestions from the community on
potential vulnerabilities found
NASM (http://nasm.us) is the only officially supported assembler for
OpenSSL on Windows. So install NASM and add it to your path and then
retry.
--
Kurt Cancemi
https://www.x64architecture.com
On Thu, Jul 2, 2015 at 11:19 AM, Amit Shil via RT r...@openssl.org wrote:
Hello OpenSSL,
I can
NASM (http://nasm.us) is the only officially supported assembler for
OpenSSL on Windows. So install NASM and add it to your path and then
retry.
--
Kurt Cancemi
https://www.x64architecture.com
On Thu, Jul 2, 2015 at 11:19 AM, Amit Shil via RT r...@openssl.org wrote:
Hello OpenSSL,
I can
doesn't count as an
argument in the opt_num_rest() function.
See the attached patch
--
Kurt Cancemi
https://www.x64architecture.com
From db7179922b901f9ad935bf6324e108656f0c33b5 Mon Sep 17 00:00:00 2001
From: Kurt Cancemi k...@x64architecture.com
Date: Fri, 26 Jun 2015 02:13:45 -0400
Subject: [PATCH
This ticket can be closed I think, not sure why I haven't received a
response maybe the random RT issues. But it appears that it has been
fixed in response to this ticket in
f2dc4d517fa11208b90ba0e92a2590f8cfdafb28.
---
Kurt Cancemi
https://www.x64architecture.com
--;
}
--
Kurt Cancemi
https://www.x64architecture.com
___
openssl-bugs-mod mailing list
openssl-bugs-...@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod
___
openssl-dev mailing list
I don't think its optimizing it out I agree with you, but your
suggested change resolved the error so Wim was right about it being
undefined behaviour, and the tool which uses clang 3.4 was warning us
about that.
I added my own debugging statement and ran ectest and it is indeed
undefined
Found by the https://github.com/xiw/stack tool and then I checked the
generated asm (gcc and clang) to confirm.
In the check if (d0 tmp_ulong) tmp_ulong always evaluates to true
because the compiler optimizes out the tmp_ulong value to true because
(tmp_ulong = zz d1;) zz d1 has according
to the compiler (LLVM)
a logical right-shift overflow. The commit don't write beyond buffer
(c237de0) added this check.
---
Kurt Cancemi
https://www.x64architecture.com
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo
to
not be NULL because of the check (s-handshake_func == 0).
So is there supposed to be a NULL check before the check
(s-handshake_func == 0) or no?
Note: This behavior was changed in commit b31b04 in 1999.
---
Kurt Cancemi
https://www.x64architecture.com
Could this be the issue your seeing? It was fixed in boringssl I think.
https://boringssl.googlesource.com/boringssl/+/bf681a40d6142edfa44a27dc0d6e07e0c37865a4
https://boringssl-review.googlesource.com/#/c/1393/
---
Kurt Cancemi
https://www.x64architecture.com
On Wed, May 13, 2015 at 1:19 PM
Attached updated patch according to openssl style.
---
Kurt Cancemi
https://www.x64architecture.com
On Thu, May 7, 2015 at 6:15 PM, Kurt Cancemi k...@x64architecture.com wrote:
Add missing terminating NULL to speed_options table. This would cause
memory corruption by opt_init() because
The return value of BUF_strdup is unchecked in X509V3_parse_list() the
attached patch fixes the issue.
---
Kurt Cancemi
From a42d8f0e5dbc7d56268a06a99133957d09ac8a21 Mon Sep 17 00:00:00 2001
From: Kurt Cancemi k...@x64architecture.com
Date: Thu, 7 May 2015 16:12:33 -0400
Subject: [PATCH] Add
Add missing terminating NULL to speed_options table. This would cause
memory corruption by opt_init() because it relies on the terminating
NULL.
---
Kurt Cancemi
From 2cbdcd038245df7c78b25a2c22f802d26e030684 Mon Sep 17 00:00:00 2001
From: Kurt Cancemi k...@x64architecture.com
Date: Thu, 7 May
In the commit Rewrite ssl_asn1.c using new ASN.1 code. (cc5b6a0) the
wrong ifdef is used to gaurd usage of PSK code.
---
Kurt Cancemi
From 32533cb9cf698745171ff7d74413156bfef7036f Mon Sep 17 00:00:00 2001
From: Kurt Cancemi k...@x64architecture.com
Date: Thu, 9 Apr 2015 09:54:38 -0400
Subject
The attached patch uses warning/fatal constants instead of numbers with
comments for warning/alerts in d1_pkt.c and s3_pkt.c
---
Kurt Cancemi
https://www.x64architecture.com
From 1b07f801c5eb1ef05c50575e800ebf16a6bd69fb Mon Sep 17 00:00:00 2001
From: Kurt Cancemi k...@x64architecture.com
Date
error:x_pubkey.c:154:
Kurt Cancemi
https://www.x64architecture.com https://www.x64architecture.com/
On Feb 17, 2015, at 4:49 PM, Brian Carpenter via RT r...@openssl.org wrote:
Good morning. I'm reporting a segfault in openssl via the command line
openssl x509 -x509toreq -in testcase -out /dev/null
The problem appears to be a NULL pointer dereference inX509_PUBKEY_set() when pkey is NULL,I attached a patch that fixes the issue.After patch output (openssl x509 -x509toreq -in test76crash -out /dev/null -signkey test.key):Getting request Private KeyGenerating certificate
I can confirm the patch works.
Though it throws some unrelated warnings:
*WARNING: mkdef.pl http://mkdef.pl doesn't know the following
algorithms:RMD160APPLINK*
---
Kurt Cancemi
https://www.x64architecture.com
On Mon, Feb 2, 2015 at 10:27 PM, Salz, Rich rs...@akamai.com wrote
thost is freed causing a double free.
---
Kurt Cancemi
https://www.x64architecture.com
From 51c092fc2c05091ae874b91a1d53b378d39422e7 Mon Sep 17 00:00:00 2001
From: Kurt Cancemi k...@x64architecture.com
Date: Thu, 29 Jan 2015 20:33:06 -0500
Subject: [PATCH] Fix double free in ocsp_main
Add missing static qualifier to constant_time_select_int that was
introduced in 294d1e36c2495ff00e697c9ff622856d3114f14f
--
Kurt Cancemi
https://www.x64architecture.com
From 183bd1581c15a164cc2e511e839452401571f05b Mon Sep 17 00:00:00 2001
From: Kurt Cancemi k...@x64architecture.com
Date: Sun
Hello,
The following patch removes an unused variable introduced by b09eb24,
this also fixes the build with -Werror.
From 6e347fded0c050f4049e5bcbc2647bfdb742c48f Mon Sep 17 00:00:00 2001
From: Kurt Cancemi k...@x64architecture.com
Date: Thu, 28 Aug 2014 21:43:04 -0400
Subject: [PATCH] Remove
Hello,
The attached patch fixes some memory leaks that were found via Coverity.
---
Kurt Cancemi
https://www.x64architecture.com
From 3d2c713113545255b61efe433e130078d4cf2e22 Mon Sep 17 00:00:00 2001
From: Kurt Cancemi k...@x64architecture.com
Date: Wed, 27 Aug 2014 20:21:33 -0400
Subject
The attached updated patch fixes a style error.
---
Kurt Cancemi
https://www.x64architecture.com
From d112c3f7b36a60f8af109b90fe5299f7ac049cc6 Mon Sep 17 00:00:00 2001
From: Kurt Cancemi k...@x64architecture.com
Date: Wed, 27 Aug 2014 20:37:45 -0400
Subject: [PATCH] Fix memory leaks
I ran make which regenerated the objects, thanks for pointing that
out, I attached an updated patch without the change.
---
Kurt Cancemi
https://www.x64architecture.com
On Thu, Aug 28, 2014 at 12:41 PM, Kurt Roeckx k...@roeckx.be wrote:
On Thu, Aug 28, 2014 at 03:11:14PM +0200, Kurt Cancemi
Hello,
The attached patch fixes some typos in ssltest.c.
---
Kurt Cancemi
https://www.x64architecture.com
From ea36aa8516e6e8b16896a089d58b216d38302885 Mon Sep 17 00:00:00 2001
From: Kurt Cancemi k...@x64architecture.com
Date: Tue, 26 Aug 2014 17:48:43 -0400
Subject: [PATCH] Fix typos
Hello,
I noticed in the commit details you put an invalid email address.
The email address is k...@64architecture.com instead of the correct kurt@
*x*64architecture.com.
---
Kurt Cancemi
https://www.x64Architecture.com https://www.x64architecture.com/
On Fri, Aug 22, 2014 at 5:24 PM, Rich
Update patch, the previous version of the patch had corrections to
words that were correct in UK English but not in US English, unless
the OpenSSL project wants to use US English only now then disregard
this updated patch.
---
Kurt Cancemi
https://www.x64Architecture.com
From
Your using a SHA-1 signed certificate, the current FIPS standard
mandates a SHA-256 (SHA-2) signed certificate with a bit size = 2048.
---
Kurt Cancemi
https://www.x64Architecture.com
On Mon, Aug 11, 2014 at 5:24 AM, Abdul Anshad ab...@visolve.com wrote:
Hello All,
I have a set up which runs
and fixing the issue goes to the OpenBSD team.
Regards,
Kurt Cancemi
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List
Hello,
The attached patch removes a duplicate or check (the first problem listed
in this ticket).
Regards,
Kurt Cancemi
From 395cd71ac22028da8545e1796e34b757c91c48d3 Mon Sep 17 00:00:00 2001
From: Kurt Cancemi k...@x64architecture.com
Date: Wed, 18 Jun 2014 04:54:52 -0400
Subject: [PATCH
Hi, In the ssl_cipher_get_evp() function, there are two off-by-one
errors in index validation before accessing arrays. The attached patch
fixes the problem.
Regards,
Kurt Cancemi
From 72e339f36be4a40436b95a0d07d68167605c31e2 Mon Sep 17 00:00:00 2001
From: Kurt Cancemi k...@x64architecture.com
Somehow the patch got a prepended to it, the attached patch removes it.
---
Kurt Cancemi
http://www.getwnmp.org
0001-Fix-off-by-one-errors-in-ssl_cipher_get_evp.patch
Description: Binary data
42 matches
Mail list logo
