The bug is in the file x509v3/v3_lib.c in the function X509V3_get_d2i() in
the 0.9.7b source code.
This bug affects all operating systems.
The problem: If the idx parameter points to an integer index, then the
function always returns NULL.
Here's the fixed code, with my addition marked with
Ok, the code would be something like this:
if(err-disable) return;
On a x86 cpu:
read err: 1 cycle
read disable: 1 cycle
if : 3/5 cycles
We don't count the return since it's conditional and in any events it will
be called.
I think that modern CPU will be capable of handling the 5/7 extra cycles,
I've made my own makefile for a target that isn't supported
by OpenSSL (Open Watcom for Win32 to be exact).
I'm wondering about the define in e.g. crypto/des/des_opts.c:
#if !defined(OPENSSL_SYS_MSDOS) (!defined(OPENSSL_SYS_VMS) || ...
#define TIMES
#endif
That assumption is IMHO way to
On Wed, May 28, 2003, p b wrote:
I had made some test: in fact when I changed the iv, I only changed few
bits, so the uncrypted file seams to be the same. (whatever the value of
iv, only the first bloc change). It's ok.
That's expected behaviour for CBC mode.
phbgt In the man, when
Hi,
I'm unable to connect via SSL with IBM Apache Web server (MUZO, the
card-payment company in the Czech Republic).
I'm using Red Hat 9 (openssl-0.9.7a-5) and the connection is closed
after sending HTTP request. Red Hat Linux version 8.0 is fine
(openssl-0.9.6b-33).
The error is 100%
[EMAIL PROTECTED] - Wed May 28 18:56:15 2003]:
Hi,
I'm unable to connect via SSL with IBM Apache Web server (MUZO, the
card-payment company in the Czech Republic).
I'm using Red Hat 9 (openssl-0.9.7a-5) and the connection is closed
after sending HTTP request. Red Hat Linux version 8.0
[EMAIL PROTECTED] - Sun May 25 12:30:38 2003]:
I have been trying to issue certificate containing AIA and
CertificatePolicies (only with UserNotice) extensions.
I have found the appropriate config file definitions for AIA and
CertificatePolicies extensions
and managed to issue
Patch committed, thanks for the report.
Steve.
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager
[EMAIL PROTECTED] - Sun May 25 18:07:32 2003]:
Hi,
Sorry to be nagging again about compilation issues. I get the
following
error when trying to build with MD2 disabled:
In file included from md2test.c:62:
../include/openssl/md2.h:63:2: #error MD2 is disabled.
In the EVP_SealInit() fonction, the secret key is generated by the random
number generator.
How can I use my own key ?
Thanks.
__
OpenSSL Project http://www.openssl.org
Development Mailing
[EMAIL PROTECTED] - Fri May 23 09:50:04 2003]:
openssl-0.9.7-stable-SNAP-20030522 and openssl-SNAP-20030522 can't
build
under WindowsXPsp1 with VisualStudio2003 because there's un
uncompatibility
signed/unsigned in crypto/bn/bn_mul.c
line 709 for SNAP, and line 379 for
On Wed, May 28, 2003, p b wrote:
In the EVP_SealInit() fonction, the secret key is generated by the random
number generator.
How can I use my own key ?
There's no way to use your own key with that function.
You could however use EVP_CipherInit() and call RSA_public_encrypt() manually
[EMAIL PROTECTED] - Sun May 11 10:13:19 2003]:
Here is tiny whack to allow c_client to communicate with TLS enables
POP3 server. See patch attached.
Thanks for your submission. I have added you patch to both the stable
(0.9.7) and the development (0.9.8) tree.
Best regards,
[EMAIL PROTECTED] - Fri May 2 15:27:29 2003]:
Hi
By a mistake trying out openssl s_client -connect ip:5000 against a
windows XP system it hangs for a looong time before it timeouts. Is
it
possible to set a timeout function or this would be a good thing to
add?
Openssl s_client is
[EMAIL PROTECTED] - Sun May 25 09:42:02 2003]:
On Fri, 23 May 2003, Lutz Jaenicke via RT wrote:
I think my machine has a decent set of patches but as I don't
have root
access I cannot really verify that. Do you think you can do
getconf ARG_MAX and getconf LINE_MAX on your
Hello,
I am a newbie to openssl and I have just written a sha engine that would
like to test out with openssl. I heard that the engine interface allows
one to replace the openssl provided engines with custom ones but I'm not
sure how to use that feature. Would someone please give me a pointer
16 matches
Mail list logo