Type: bug report
OS: iOS (but may affect other platforms, mobile in particular)
OpenSSL versions: confirmed in 1.0.0.h and 1.0.1 Beta 3
Bug:
int BIO_sock_non_fatal_error(int err) in crypto/bio/bss_sock.c returns 1 for
ENOTCONN which causes SSL_read to return SSL_ERROR_WANT_READ. In at least som
/* crypto/dsa/dsatest.c */
/* Copyright (C) 1995-1998 Eric Young (e...@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (e...@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free
In message <12031323361474_20200...@antinode.info> on Tue, 13 Mar 2012 23:36:14
-0500 (CDT), "Steven M. Schweda" said:
sms>Recent discussions on comp.os.vms of problems with apps/s_client.c on
sms> VMS systems led me to poke around a little. Bearing in mind that I
sms> know approximately no
In message on Mon, 12 Mar 2012
07:02:10 -0400, Neil Rieck said:
n.rieck> Team,
n.rieck>
n.rieck> * A few weeks back, I discovered a problem with the command “OpenSSL
s_client” which (I think)
n.rieck> has been broken in VMS since 2006.
n.rieck> * While I was only working with HP-speci
In message <20120314.114607.402413137.rich...@levitte.org> on Wed, 14 Mar 2012
11:46:07 +0100 (CET), Richard Levitte said:
richard> You're right, that code looks quite odd, the following should do
richard> better, wouldn't you say?
Of course not... it should be as you mentioned...
#if !define
From: Richard Levitte
> Of course not... it should be as you mentioned...
> [...]
I was thinking more like:
#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
if (jpake_secret)
{
if (psk_key)
{
B
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL version 1.0.1 released
===
OpenSSL - The Open Source toolkit for SSL/TLS
http://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 1.0.1 of our open source to
In message <12031409093019_20200...@antinode.info> on Wed, 14 Mar 2012 09:09:30
-0500 (CDT), "Steven M. Schweda" said:
sms> From: Richard Levitte
sms>
sms> > Of course not... it should be as you mentioned...
sms> > [...]
sms>
sms>I was thinking more like:
sms>
sms> #if !defined(OPENSSL_
Hello,
Thank you very much for 1.0.1 release.
It builds and works perfect on OpenVMS Alpha and IA64 architectures - as long I
could test it.
Unfortunately, it is still not possible to build on VAX architecture, because
the "[openssl.org #2653] [BUG] OpenSSL 1.0.1 OpenVMS issues on VAX" is sill
> Unfortunately, it is still not possible to build on VAX architecture,
> because the "[openssl.org #2653] [BUG] OpenSSL 1.0.1 OpenVMS issues
> on VAX" is sill not solved.
http://www.mail-archive.com/openssl-dev@openssl.org/msg29956.html
On Wednesday 14 March 2012 11:09:22 OpenSSL wrote:
>OpenSSL version 1.0.1 released
>===
>
>http://www.openssl.org/source/exp/CHANGES.
>
>The most significant changes are:
>
> o TLS/DTLS heartbeat support.
> o SCTP support.
> o RFC
On Wed, Mar 14, 2012, Mike Frysinger wrote:
> On Wednesday 14 March 2012 11:09:22 OpenSSL wrote:
> >OpenSSL version 1.0.1 released
> >===
> >
> >http://www.openssl.org/source/exp/CHANGES.
> >
> >The most significant changes are:
> >
> > o TL
From: Richard Levitte
> sms>I was thinking more like:
> [...]
> sms> if (cipher)
> sms> {
> sms> if (strcmp( cipher, "PSK"))
> sms> {
> sms> BIO_printf(bio_err,
> sms> "JPAKE
On Wednesday 14 March 2012 14:25:32 Dr. Stephen Henson wrote:
> On Wed, Mar 14, 2012, Mike Frysinger wrote:
> > On Wednesday 14 March 2012 11:09:22 OpenSSL wrote:
> > >OpenSSL version 1.0.1 released
> > >===
> > >
> > >http://www.openssl.org/source/ex
On Wed, Mar 14, 2012, Mike Frysinger wrote:
> On Wednesday 14 March 2012 14:25:32 Dr. Stephen Henson wrote:
> > On Wed, Mar 14, 2012, Mike Frysinger wrote:
> > > On Wednesday 14 March 2012 11:09:22 OpenSSL wrote:
> > > >OpenSSL version 1.0.1 released
> > > >===
On Wed, 2012-03-14 at 19:36 +0100, Dr. Stephen Henson wrote:
> On Wed, Mar 14, 2012, Mike Frysinger wrote:
>
> > On Wednesday 14 March 2012 14:25:32 Dr. Stephen Henson wrote:
> > > On Wed, Mar 14, 2012, Mike Frysinger wrote:
> > > > On Wednesday 14 March 2012 11:09:22 OpenSSL wrote:
> > > > >
On Wednesday 14 March 2012 14:36:09 Dr. Stephen Henson wrote:
> On Wed, Mar 14, 2012, Mike Frysinger wrote:
> > On Wednesday 14 March 2012 14:25:32 Dr. Stephen Henson wrote:
> > > On Wed, Mar 14, 2012, Mike Frysinger wrote:
> > > > On Wednesday 14 March 2012 11:09:22 OpenSSL wrote:
> > > > >Ope
On Wed, Mar 14, 2012 at 02:30:29PM -0400, Mike Frysinger wrote:
> On Wednesday 14 March 2012 14:25:32 Dr. Stephen Henson wrote:
> > On Wed, Mar 14, 2012, Mike Frysinger wrote:
> > > On Wednesday 14 March 2012 11:09:22 OpenSSL wrote:
> > > >OpenSSL version 1.0.1 released
> > > >=
open...@master.openssl.org (OpenSSL) writes:
[...]
> o Preliminary FIPS capability for unvalidated 2.0 FIPS module.
I note that #2741 appears not to be resolved, so if you build on Windows
and use --with-fipsdir=... then that probably won't work.
[...]
On Wed, Mar 14, 2012, Bruce Stephens wrote:
> open...@master.openssl.org (OpenSSL) writes:
>
> [...]
>
> > o Preliminary FIPS capability for unvalidated 2.0 FIPS module.
>
> I note that #2741 appears not to be resolved, so if you build on Windows
> and use --with-fipsdir=... then that pro
On Wednesday 14 March 2012 17:18:19 Kurt Roeckx wrote:
> On Wed, Mar 14, 2012 at 02:30:29PM -0400, Mike Frysinger wrote:
> > On Wednesday 14 March 2012 14:25:32 Dr. Stephen Henson wrote:
> > > On Wed, Mar 14, 2012, Mike Frysinger wrote:
> > > > On Wednesday 14 March 2012 11:09:22 OpenSSL wrote:
> >
On Wed, Mar 14, 2012, Mike Frysinger wrote:
>
> i'm not looking for downstream workarounds here but rather the right answer.
> is openssl-1.0.1 expected to be ABI compatible with openssl-1.0.0 ?
>
Yes. In brief the versioning scheme introduced with 1.0.0 is:
Changes to last letter: security a
On Wed, Mar 14, 2012 at 10:09:22 -0500, OpenSSL wrote:
> -BEGIN PGP SIGNED MESSAGE-
>
>We consider OpenSSL 1.0.1 to be the best version of OpenSSL
>available and we strongly recommend that users of older versions
>upgrade as soon as possible. OpenSSL 1.0.1 is available for
>
On Wed, Mar 14, 2012, Iain Morgan wrote:
> On Wed, Mar 14, 2012 at 10:09:22 -0500, OpenSSL wrote:
> > -BEGIN PGP SIGNED MESSAGE-
> >
> >We consider OpenSSL 1.0.1 to be the best version of OpenSSL
> >available and we strongly recommend that users of older versions
> >upgrade as
I've looked at that, and the modes part is quite integral to a number
of other algorithms. Supporting it being turned off is likely to be a
maintainance nightmare (especially since it will seldom blow up
considering most platforms today have a C compiler that supports long
long).
My conclusion is
On Wednesday 14 March 2012 19:23:14 Dr. Stephen Henson wrote:
> On Wed, Mar 14, 2012, Mike Frysinger wrote:
> > i'm not looking for downstream workarounds here but rather the right
> > answer. is openssl-1.0.1 expected to be ABI compatible with
> > openssl-1.0.0 ?
>
> Yes. In brief the versioning
On 3/14/2012 12:27 PM, Bruce Stephens wrote:
> open...@master.openssl.org (OpenSSL) writes:
>
> [...]
>
>> o Preliminary FIPS capability for unvalidated 2.0 FIPS module.
>
> I note that #2741 appears not to be resolved, so if you build on Windows
> and use --with-fipsdir=... then that prob
+1, I had applied this locally [sorry for delays]
On 3/14/2012 5:20 PM, Dr. Stephen Henson wrote:
> OpenSSL CVS Repository
> http://cvs.openssl.org/
>
>
> Server: cvs.openssl.org Name: Dr. Step
28 matches
Mail list logo