[I'm not subscribed to openssl-dev, please cc me on any replies]
All-
OpenSSL's platform knowledge continues to improve, such that shared
libraries were built by 0.9.6d when I configured it on
hppa1.1-hp-hpux10.20.
There's a very minor problem in the install process, though. OpenSSL
wants to
Hi (probably) Richard,
Compaq TCP/IP Services for OpenVMS Alpha Version V5.3
on a AlphaServer 1200 5/533 4MB running OpenVMS V7.3
Builds and tests OK.
When I go to build WASD against it the compiler complained SSL_LOCL.H
couldn't include e_os.h. I compared the 0.9.7 to previous
In message [EMAIL PROTECTED] on Wed, 03 Jul 2002 11:22:46 +0930,
[EMAIL PROTECTED] said:
Mark.Daniel 1) These had E_OS.H in the [.SSL] directory as well as
Mark.Danielthe top-level package directory. 0.9.7 only has it in
Mark.Danielthe top-level.
E_OS.H never existed in the [.SSL] as
[I'm not subscribed to openssl-dev, please cc me on any replies]
All-
OpenSSL's platform knowledge continues to improve, such that shared
libraries were built by 0.9.6d when I configured it on
hppa1.1-hp-hpux10.20.
There's a very minor problem in the install process, though. OpenSSL
wants
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
On Wed, Jul 03, 2002 at 09:54:15AM -0400, Jeffrey Altman wrote:
Is there a summary somewhere of the changes that were made to the
SSLv3 and TLSv1 message exchanges to avoid the vulnerability in the
CBC cipher suites?
I'm not aware of a proper summary of all the issues involved.
In
I have found nothing in the SSL 3.0 and TLS 1.0 specifications that
forbids fragments of length zero. The length is given as a 'uint16'
value; the specification defines upper limits, but no lower limits.
draft-freier-ssl-version3-02.txt (SSL 3.0):
5.2.1 Fragmentation
The record
On Wed, Jul 03, 2002 at 12:07:01PM -0400, Jeffrey Altman wrote:
Can they cite a particular provision in the specification that forbids
records with a fragment length of zero? I haven't found one, and
length-zero fragments are handled well by many implementations
(including Microsoft IIS).
When OpenSSL inserts an empty fragment, it fragments a single message
into multiple parts, the first of which happens to be empty. I
concede that this might appear pointless as long as one doesn't know
about the CBC security issues, but nothing in the specification speaks
against it.