Re: nameConstraints : leading . in permission list items

Perhaps I am biased a bit!, but if there are no objections maybe the patch should be considered by those with permissions for merging to master? On 13/08/2014 09:31 μμ, Vyronas Tsingaras wrote: Your proposed transition strategy sounds good. Maybe as a first step OpenSSL could tolerate a leading

[openssl.org #1877] Static code analysis

The analysis is too old to use; line numbers are all different. I like BEAM, but we've used coverity, etc. Closing this. -- Rich Salz, OpenSSL dev team; rs...@openssl.org __ OpenSSL Project

RE: [openssl.org #3470] [BUG] DTLS abort

Yes, this was observed for DTLS/SCTP. -Brian -Original Message- From: Michael Tüxen via RT [mailto:r...@openssl.org] Sent: Thursday, August 14, 2014 6:17 PM To: Brian Hassink Cc: openssl-dev@openssl.org Subject: Re: [openssl.org #3470] [BUG] DTLS abort On 22 Jul 2014, at 23:32, Brian

[openssl.org #1815] [PATCH] Constness improvements

Fixed in HEAD for next release after 1.0.2 commit f756fb430eb8f5f70696f174460eb90740b318f7 Author: Justin Blanchard uncombedcoco...@gmail.com Date: Mon Aug 18 11:01:15 2014 -0400 RT1815: More const'ness improvements Add a dozen more const declarations where appropriate. These are from Justin;

[openssl.org #3493] Fix rsa_test

Notes from Emilia (review of RT3001): The other point in that ticket leads to something far more important: that test is bust. It's setting the first parameter of RSA_private_decrypt - length of the ciphertext - to |num|, however |num|, at that point, is plen, i.e., the length of the plaintext. So

[openssl.org #2163] OpenSSL 1.0.0-beta5: header clean ups

Fixed in HEAD for next release after 1.0.2, thanks: commit 448155e9bbda27cbba365ff549a7e2044a8a399f Author: Doug Goldstein car...@gentoo.org Date: Thu Aug 14 23:22:41 2014 -0400 RT2163: Remove some unneeded #include's Several files #include stdio.h and don't need it. Also, per tjh, remove

[openssl.org #2421] [PATCH] Fix function signature of SSL_set_tmp_dh_callback in man page

Someone already fixed this. -- Rich Salz, OpenSSL dev team; rs...@openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org

[openssl.org #2978] CVS repositories serving stale data

We've tried to plainly mark that CVS is historic. -- Rich Salz, OpenSSL dev team; rs...@openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List

RE: [openssl.org #3470] [BUG] DTLS abort

Yes, this was observed for DTLS/SCTP. -Brian -Original Message- From: Michael Tüxen via RT [mailto:r...@openssl.org] Sent: Thursday, August 14, 2014 6:17 PM To: Brian Hassink Cc: openssl-dev@openssl.org Subject: Re: [openssl.org #3470] [BUG] DTLS abort On 22 Jul 2014, at 23:32, Brian

[openssl.org #3494] Possible sign bit bug in openssl 1.0.1i handling of 128-bit serial numbers

If a serial number file contains the 16-byte hex string sometimes you will get 16-byte and sometimes 17-byte serial number in the certificate depending on whether the sign bit is set or not. 1. Example of 16-byte hex number producing 16-byte serial: 47E9EA236B1E010F203BF76A8A7B3B5B results

Re: [openssl.org #3470] [BUG] DTLS abort

On 18 Aug 2014, at 16:31, Brian Hassink brian.hass...@oracle.com wrote: Yes, this was observed for DTLS/SCTP. OK. The problem is an incorrect usage of OPENSSL_assert()... Let me see if I can come-up with a patch... Best regards Michael -Brian -Original Message- From: Michael

Re: [openssl.org #3470] [BUG] DTLS abort

On 18 Aug 2014, at 16:31, Brian Hassink brian.hass...@oracle.com wrote: Yes, this was observed for DTLS/SCTP. OK. The problem is an incorrect usage of OPENSSL_assert()... Let me see if I can come-up with a patch... Best regards Michael -Brian -Original Message- From: Michael

[openssl.org #2942] threads(3) gives wrong signature for CRYPTO_set_dynlock_create_callback()

Fixed in HEAD for next release after 1.0.2; thanks. commit fc979b93eeb992e02bc79b17e9ff80b497861a45 Author: John Gardiner Myers jgmy...@proofpoint.com Date: Mon Aug 18 14:53:29 2014 -0400 RT2942: CRYPTO_set_dynlock_create_callback doc fix The file param is const char* not char* Reviewed-by:

[openssl.org #2476] [PATCH] Underinitialized array ssl_cipher_methods: 1.0.0d-1.0.1-stable-SNAP-20110321: All platforms.

already fixed. -- Rich Salz, OpenSSL dev team; rs...@openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List

[openssl.org #2488] Fwd: [PATCHv2] Crypto: Eliminate the unneccesary sk_PKCS7_RECIP_INFO_value call

already fixed ;thanks. -- Rich Salz, OpenSSL dev team; rs...@openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated

[openssl.org #2491] [PATCH] Crypto: Eliminate the unneccesary vv variable usage

We can't remove the vv variable since OPENSSL_assert() could be a macro. -- Rich Salz, OpenSSL dev team; rs...@openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List

[openssl.org #2489] [PATCH] Crypto: Eliminate the unneccesary sig variable usage

Fixed on HEAD for next release after 1.0.2; thanks. commit ddc29125a1d188e17b7fd16b55953b70ba3ce605 Author: Laszlo Papp djsz...@archlinux.us Date: Mon Aug 18 17:21:32 2014 -0400 RT2489: Remove extra sig local variable. Reviewed-by: Dr. Stephen Henson st...@openssl.org -- Rich Salz, OpenSSL dev

[openssl.org #2492] [PATCH] Crypto: Eliminate the unneccesary null check

Fixed in HEAD for relase after 1.0.2 Thanks! commit 7d6d06e43daddf566ec24a502b68003ffca3ad84 Author: Laszlo Papp djsz...@archlinux.us Date: Mon Aug 18 17:40:43 2014 -0400 RT2492: Remove extra NULL check. Reviewed-by: Tim Hudson t...@openssl.org -- Rich Salz, OpenSSL dev team; rs...@openssl.org