Hello,
Got those kind of messages when compiling openssl 1.0.1:
cbc128.c:175:6: warning: dereferencing type-punned pointer will break
strict-aliasing rules [-Wstrict-aliasing]
*(size_t *)(tmp.c+n) ^ *(size_t *)(ivec+n);
^
gcc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include
Hi,
in openssl 1.1 you add a new function X509_check_host, see also RT#2909.
In the current implementation it is incomplete and also wrong. The current
reference to hostname checking should be RFC 6125, which describes the
recommended general behavior and also the behavior for different
On Sun, Mar 30, 2014 at 11:20:23AM +0200, Matthieu Patou via RT wrote:
Hello,
Got those kind of messages when compiling openssl 1.0.1:
cbc128.c:175:6: warning: dereferencing type-punned pointer will break
strict-aliasing rules [-Wstrict-aliasing]
I see those warnings with gcc 4.7 but with
On Sun, Mar 30, 2014 at 11:20:51AM +0200, Steffen Ullrich via RT wrote:
- wrong: according to RFC 6125 section 7.2 only the leftmost label should be
checked for wildcards, but you support also something like
www.*.example.com (there is even a test for it).
Well, wrong is perhaps too
On Fri, Mar 28, 2014 at 07:44:53PM +0100, Dr. Stephen Henson wrote:
Certainly. Nothing is set in stone at this stage. It's only part of the master
branch and wont appear in a release for a while yet.
[...]
Yes I'm aware of some of the problems here. I do want OpenSSL to reject
attempts