Re: [openssl-dev] please make clear on website that 1.1.0e is Development release, not GA / Production release

Thanks for your informative replies! I hope BIND, OpenSSH et al start using the 1.1.0 API soon. RE: jason.vas.dias> On 20/03/2017, Kurt Roeckx wrote: jason.vas.dias> > The ed25519 support in openssh doesn't even come from openssl. jason.vas.dias> > jason.vas.dias> What happens

Re: [openssl-dev] please make clear on website that 1.1.0e is Development release, not GA / Production release

On 21.03.2017 01:13, Jason Vas Dias wrote: On 20/03/2017, Kurt Roeckx wrote: The latest ntp release is 4.2.8p9 which should just work with openssl 1.1.0. (I have no idea why they don't list it on their download page now, or why the development version is so old.) No, the

Re: [openssl-dev] DTLS is not sending alert in case of BAD CCS

https://github.com/openssl/openssl/pull/3009 On 21/03/17 15:24, Raja ashok wrote: > Hi All, > > > > Looks like there is a typo mistake in dtls1_read_bytes, because of this > alert is not send for bad CCS. > > > > In dtls1_read_bytes, incase of bad change cipher spec we are setting > alert

[openssl-dev] DTLS is not sending alert in case of BAD CCS

Hi All, Looks like there is a typo mistake in dtls1_read_bytes, because of this alert is not send for bad CCS. In dtls1_read_bytes, incase of bad change cipher spec we are setting alert code (SSL_AD_ILLEGAL_PARAMETER) to variable “i” and doing “goto err”. I feel we are trying to send alert in

Re: [openssl-dev] Memory leak in application when we use ECDH

On 21/03/17 09:46, Matt Caswell wrote: > > There is a potential leak in this case: > > if (s->s3->tmp.ecdh != NULL) { > SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, >ERR_R_INTERNAL_ERROR); > goto err; > } > > But

Re: [openssl-dev] Memory leak in application when we use ECDH

On 15/03/17 05:44, Mody, Darshan (Darshan) wrote: > Hi, > > We have observed memory leak when we register for ECDH > callback(SSL_set_tmp_ecdh_callback). While performing negative testing > with load we find that the applications starts leaking memory. > > Further checking the Openssl

Re: [openssl-dev] please make clear on website that 1.1.0e is Development release, not GA / Production release

Just commenting on this: I had very few problems moving from 1.0.2 to 1.1.0. We'd already cleaned up most of the issues OpenSSL fixed between 1.0.2 and 1.1.0, those fixups were well isolated so migrating was just a matter of ifdef'ing out accessors/allocators/deallocators we'd created to civilize

Re: [openssl-dev] please make clear on website that 1.1.0e is Development release, not GA / Production release

In message on Tue, 21 Mar 2017 00:13:57 +, Jason Vas Dias said: jason.vas.dias> On 20/03/2017, Kurt Roeckx wrote: jason.vas.dias> > The ed25519 support in openssh doesn't even

Re: [openssl-dev] Memory leak in application when we use ECDH

Hi, Can anyone in the developer forum clarify whether there is an issue here? Thanks Darshan From: openssl-dev [mailto:openssl-dev-boun...@openssl.org] On Behalf Of Mody, Darshan (Darshan) Sent: Wednesday, March 15, 2017 11:15 AM To: openssl-dev@openssl.org Cc: Bahr, William G (Bill); Vaquero,