[openssl-dev] [openssl.org #3150] Bug Report (with trivial fix): fips module segfault

2016-02-02 Thread Rich Salz via RT
If you sneeze on the FIPS code, you need a new CMVP change letter. Setting realistic expectations, there are no plans at this time for any FIPS work. -- Rich Salz, OpenSSL dev team; rs...@openssl.org ___ openssl-dev mailing list To unsubscribe:

Re: [openssl.org #3150] Bug Report (with trivial fix): fips module segfault

2013-10-24 Thread Micah Cowan
On 10/23/2013 06:16 AM, Stephen Henson via RT wrote: What version of OpenSSL are you using? This was worked around in 1.0.1e due to the difficulty of changing the FIPS module. Ah, okay; I see the drbg_free_entropy functions are checking for NULL there now, which works (even though it's probably

RE: [openssl.org #3150] Bug Report (with trivial fix): fips module segfault

2013-10-24 Thread Watson, Patrick
, 2013 3:06 PM To: r...@openssl.org Cc: openssl-dev@openssl.org Subject: Re: [openssl.org #3150] Bug Report (with trivial fix): fips module segfault On 10/23/2013 06:16 AM, Stephen Henson via RT wrote: What version of OpenSSL are you using? This was worked around in 1.0.1e due to the difficulty

RE: [openssl.org #3150] Bug Report (with trivial fix): fips module segfault

2013-10-24 Thread Watson, Patrick via RT
, 2013 3:06 PM To: r...@openssl.org Cc: openssl-dev@openssl.org Subject: Re: [openssl.org #3150] Bug Report (with trivial fix): fips module segfault On 10/23/2013 06:16 AM, Stephen Henson via RT wrote: What version of OpenSSL are you using? This was worked around in 1.0.1e due to the difficulty

[openssl.org #3150] Bug Report (with trivial fix): fips module segfault

2013-10-23 Thread Micah Cowan via RT
*Version: *This bug was found in openssl-fips 2.0.2; I looked in 2.0.5, and the problem appears to be present there still. * Issue:* The fips module has a bug that can result in segfaults when fips_get_entropy() fails during initialization of openssl-linked-with-fips. *Fix: *Because the fix is

[openssl.org #3150] Bug Report (with trivial fix): fips module segfault

2013-10-23 Thread Stephen Henson via RT
On Wed Oct 23 08:59:59 2013, mco...@akamai.com wrote: * Issue:* The fips module has a bug that can result in segfaults when fips_get_entropy() fails during initialization of openssl-linked-with-fips. What version of OpenSSL are you using? This was worked around in 1.0.1e due to the

Re: [openssl.org #3150] Bug Report (with trivial fix): fips module segfault

2013-10-23 Thread Micah Cowan via RT
On 10/23/2013 06:16 AM, Stephen Henson via RT wrote: What version of OpenSSL are you using? This was worked around in 1.0.1e due to the difficulty of changing the FIPS module. Ah, okay; I see the drbg_free_entropy functions are checking for NULL there now, which works (even though it's probably

[openssl.org #3150] Bug Report (with trivial fix): fips module segfault

2013-10-23 Thread Stephen Henson via RT
On Wed Oct 23 21:06:00 2013, mco...@akamai.com wrote: For my curiosity, what's difficult about modifying FIPS? More involved change-vetting process? Any change has to be approved as part of a change letter process with labs which takes time and costs real money. We normally try to include any