On Wed, Feb 13, 2002 at 08:37:24PM -0800, Tim Rice wrote:
The make test in 0.9.7 needs a little work.
[...]
./evp_test evptests.txt
Auto configuration failed
Fixed.
--
Bodo Möller [EMAIL PROTECTED]
PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html
* TU
On Thu, Feb 14, 2002 at 02:42:36PM +0100, [EMAIL PROTECTED] wrote:
Log:
For some reason, getting the topmost error was done the same way as
getting the bottommost one. I hope I understood correctly how this
should be done. It seems to work when running evp_test in an
environment
On Thu, Feb 07, 2002 at 07:17:50AM -0500, Saju Paul Panikulam wrote:
It would be nice to have a paragraph in the Makefiles to remove the TAB (^I)
characters from the OpenSSL source and header files. The debugger on the
platform that we use does not handle the TABs very well. Had to write a
On Fri, Feb 15, 2002 at 10:55:13AM +, Ben Laurie wrote:
This fix for err.c is correct.
But evp_test.c should never have called OPENSSL_config() because
OPENSSL_config() uses the configuration file found in an OpenSSL
*installation*. If we want to use a configuration file during
'make
On Wed, Feb 20, 2002 at 03:07:16PM +0100, [EMAIL PROTECTED] wrote:
Log:
Including openssl/e_os.h in the OpenSSL 0.9.6 branch is legal, since
it's exported. Changing that is a BIG step, which has been done in
0.9.7-dev.
Revision ChangesPath
1.214 +1 -5
On Sat, Feb 16, 2002 at 11:16:23AM +0100, Richard Levitte - VMS Whacker wrote:
I see no problem adding this patch. Queued.
The problem is that the application callback prototype is incompatibly
changed. Otherwise I would have added the argument instead of simply
adding comments pointing out
On Wed, Feb 20, 2002 at 06:45:41PM +0100, Richard Levitte - VMS Whacker wrote:
[...]
If you look in conf.h, you'll also see why it includes e_os.h: an
#ifndef NO_FP_API.
BTW, in 0.9.7-dev, we have the same (or almost, it depends on
OPENSSL_NO_FP_API) #ifndef, but that one is meaningless,
On Wed, Feb 20, 2002 at 10:18:55AM -0800, D. K. Smetters wrote:
One comment made when I proposed the patch was that this functionality
is currently almost entirely unused. Therefore changing the expected
prototype is not likely to affect that many people,
Well, maybe you and me are actually
On Thu, Feb 21, 2002 at 09:29:24AM +0100, Peter 'Luna' Runestig wrote:
I just found a bunch of these things in crypto/rand/rand_win.c, that surprised me:
#ifdef DEBUG
printf(randomness from PROV_RSA_FULL\n);
#endif
I'm using a standard debug build on Windows, and was, as I said,
On Thu, Feb 21, 2002 at 06:17:47PM +0100, Richard Levitte - VMS Whacker wrote:
I'm not sure I see the problem. Let's see, if an application with a
certificate verification callback registered through
SSL_CTX_set_cert_verify_callback() is built for an older OpenSSL
(i.e. doesn't take a user
On Thu, Feb 21, 2002 at 06:30:04PM +0100, Bodo Moeller wrote:
[...]
If we add the paramter list declaration for app_verify_callback to
ssl/ssl.h and ssl/ssl_lib.c (which I think we should do for type
safety), applications written for old releases will not compile
without modification
Lutz Jaenicke [EMAIL PROTECTED]:
On Wed, Feb 20, 2002 at 12:29:03PM +0200, Yoram Zahavi wrote:
My server application is using SSL_clear to reuse the SSL object, instead of
allocating a new one on every new connection. On first connection the client
succeeds to connect the server, and later
Yoram Zahavi [EMAIL PROTECTED] in epsilon.openssl.dev:
Thanks for the explanation, I liked the SSL_set_session(s, NULL) usage. Any
reasons for calling it *before* SSL_clear(s) ?
I think you better call it after the call to SSL_clear(s). Otherwise, the
current session is already freed by
On Tue, Feb 05, 2002 at 06:42:08PM -0600, Wendy Palm wrote:
--- config.orig Mon Feb 4 16:12:43 2002
+++ config Tue Feb 5 16:01:09 2002
@@ -302,6 +302,13 @@
echo ${MACHINE}-whatever-cygwin32; exit 0
;;
+*CRAY T3E)
+ echo cray-t3e; exit 0;
+ ;;
+
On Thu, Feb 21, 2002 at 10:34:47AM +0100, Oscar Jacobsson wrote:
* The fix for crypto/tmdiff.c (ie. the diff between 1.9.2.1 1.9.2.2)
needs to be merged into this branch as well. Missing #endif.
Fixed.
* crypto/bio/bss_bio.c now checks SSIZE_MAX, and in the visual c++
limits.h this won't
On Thu, Feb 28, 2002 at 09:11:54AM +0100, Joerg Voelker wrote:
if I try to compile openssl 0.9.7 under win2k with mingw32 I get the
following error:
ranlib out/libssl.a
gcc -o
tmp/md2test.o -Ioutinc -Itmp -DL_ENDIAN -DDSO_WIN32 -fomit-frame-pointer -O3
-m486 -Wall -DBN_ASM -DMD5_ASM
On Wed, Feb 27, 2002 at 11:39:26PM +, Tom Cosgrove wrote:
There's a problem in bntest.c from openssl-0.9.6c. It appears that
this revision of the file is still the latest (rev 1.55), at least
via CVSweb.
The problem is that there are calls to BN_free() to attempt to free
BIGNUMs that
On Wed, Feb 20, 2002 at 09:59:19AM -0800, Leonard Janke wrote:
According to PKCS #9 v2 gender should have the OID
1 3 6 1 5 5 7 9 3
and psuedonym should have the OID
1 2 840 113549 1 9 3.
According to OpenSSL's objects.h gender has the OID
1 3 6 1 5 5 7 9 4
and pseudonym has
On Fri, Mar 01, 2002 at 06:36:59PM +0100, Oscar Jacobsson wrote:
Sorry for not being clearer. The reason I (or my compiler rather) was
worrying about it is that it's actually a case of _INT_MAX being used
rather than INT_MAX.
Oh, that. I think that was a typo; all the other branches use
On Fri, Mar 01, 2002 at 12:22:45PM -0600, Wendy Palm wrote:
the various architectures available from cray are
c90, j90, t90, t90IEEE, sv1, ymp and t3e.
t3e runs unicosmk, the rest run unicos.
for openssl, the cray t3e requires different compile options
than the other machines. (these
On Wed, Mar 06, 2002 at 01:18:30PM -0500, Dawn Whiteside wrote:
The latest OpenSSL-0.9.7 snapshot I've downloaded fails the BN_mod_mul
test on both 32-bit and 64-bit IRIX 6.5 systems using either gcc or
the vendor compiler. Results of 'make report' are attached (four files).
[...]
The BN
On Thu, Mar 07, 2002 at 09:32:44AM -0500, Dawn Whiteside wrote:
Okay, got it. Attached are the tmp.bntest files (modified to print the
options c. from 'make report' so it's clear which is which) for the
20020306 snapshot on a 32-bit Irix 6.5 system both with and without
no-asm (they do
John Hughes [EMAIL PROTECTED]:
I can confirm: There is a discrepancy between the SSL_pending()
manpage and the source. SSL_pending() returns rrec.length in
ssl3_pending() (as of 0.9.6a, we also verify that the SSL record
being processed is application data, else zero is returned). This
On Tue, Mar 19, 2002 at 08:40:18AM +, Jason Holt wrote:
I've added the general form of generator checking to crypto/dh/dh_gen.c and
fixed the uninitialized t1,t2 bug. It compiles, but I haven't really tested
it. What I have so far is at:
http://www.lunkwill.org/dh_gen.c
I had not
On Tue, Mar 19, 2002 at 05:38:06PM +, Jason Holt wrote:
I don't really understand the math very well. I assume that being a
generator has something to do with ensuring that a^b%n has a long period as n
increases.
DH_generate_parameters() always uses a safe prime as modulus, i.e.
p
On Thu, Mar 21, 2002 at 02:45:18PM -0500, Jeffrey Altman wrote:
I prefer that des_old.h be compatible with libdes since that apps that
are built using it assume that the api they were using was constant
and unchanging.
The way things work now, there is at least no clash with libdes on the
Alex Pankratov [EMAIL PROTECTED]:
the following problem is present in 0.9.6 and 0.9.6c.
It is possible to put server code into the internal infinite
loop in ssl3_read_bytes() by sending the following data from
the client right after establishing TCP connection:
01 03 01 00 01 00
[...]
Arne Ansper [EMAIL PROTECTED]:
[...]
okey, the bug:
ssl3_read_internal function has special treatment for situations when
renegotiation is going on and the handshake and data packets are arriving
in random order.
now, if i have a non-blocking socket on server side and i use BIO SSL
It seems that I've found two small bugs in OpenSSL (at least 0.9.6c
and the latest snapshot).
In ssl/s3_srvr.c function ssl3_get_client_hello, after the
last field (compression) has been parsed, there's a test:
/* TLS does not mind if there is extra stuff */
if (s-version ==
On Mon, Apr 29, 2002 at 12:28:33PM +0200, [EMAIL PROTECTED] wrote:
Log:
Synchronise with 0.9.7-stable.
Revision ChangesPath
1.49 +2 -2 openssl/ssl/s3_pkt.c
Index: s3_pkt.c
===
RCS file:
On Thu, May 30, 2002 at 03:14:17PM +0200, Richard Levitte - VMS Whacker wrote:
pod2man is a command line wrapper around Pod::Man these days, and
depends on other Pod:: modules. Do you *really* want them to be
included?
If we can't update our copy of pod2man, we should at least keep the
old
On Thu, May 30, 2002 at 03:39:21PM +0200, Richard Levitte - VMS Whacker wrote:
Specifically, we'd have to test that multi-line NAME sections are
handled correctly; it appears this bug was fixed only recently in the
pod2man that comes with Perl.
Hmm, I tested with doc/crypto/des.pod with the
Richard Levitte - VMS Whacker [EMAIL PROTECTED]:
In revision 1.81 of Configure, the automatic run of 'make depend' was
commented out. IIRC, this was done because we had a dependency
rebuild war happening a little now and then back then. Since then,
we've unified the results of dependency
On Sat, Jun 01, 2002 at 01:18:35PM +0100, Ben Laurie wrote:
Also, the thread id may be used elsewhere - is there any point if its
actually the PID?
Applications that are actually multi-threaded should (and indeed, on
most platforms, must) use CRYPTO_set_id_callback() so that OpenSSL can
use
On Thu, Jun 13, 2002 at 06:05:34PM +0200, Kambez Sadeq via RT wrote:
Any idea why web browsers such as MSIE and Opera work okay with the server?
I'm guessing that these browsers ignore invalid records.
No, the server (actually a broken proxy to a real server apparently)
does not send
On Thu, Jun 13, 2002 at 05:20:42PM +0100, Ben Laurie wrote:
However, the number of calls is astonishing - and must be significantly
expensive, too.
Memory debugging *is* expensive. It is only enabled by default in
debug configurations, where (starting with 0.9.7) it can be disabled
by
Avery Pennarun [EMAIL PROTECTED]:
On Thu, Jun 13, 2002 at 01:26:42PM +0200, Bodo Moeller via RT wrote:
[[EMAIL PROTECTED] - Thu Jun 6 18:39:34 2002]:
It appears the openssl guys goofed in 0.97beta. The prototype for the
d2i_RSAPrivateKey function in 0.9.6c, which I use, is like
On Mon, Jun 17, 2002 at 07:02:45PM +0100, Ben Laurie wrote:
Avery Pennarun via RT wrote:
On Mon, Jun 17, 2002 at 11:19:31AM +0200, Bodo Moeller wrote:
Good question, but this problem does not appear to apply to C, and
anyway it only makes *existing* code uglier -- for new code, the
modified
On Thu, Jun 27, 2002 at 03:48:34PM +0200, [EMAIL PROTECTED] wrote:
Modified:.Tag: BRANCH_WIN64 e_os.h
Log:
With Win64, define ssize_t as size_t. This is a very odd thing to do, really,
since size_t is supposed to be unsigned while ssize_t is supposed to be signed.
a countermeasure against a vulnerability recently found
in CBC ciphersuites in SSL 3.0/TLS 1.0: Send an empty fragment
before application data chunks to avoid the use of known IVs
with data potentially chosen by the attacker.
[Bodo Moeller]
As the protocols don't explicitly reset CBC
On Wed, Jul 03, 2002 at 12:07:01PM -0400, Jeffrey Altman wrote:
Can they cite a particular provision in the specification that forbids
records with a fragment length of zero? I haven't found one, and
length-zero fragments are handled well by many implementations
(including Microsoft IIS).
On Wed, Jul 03, 2002 at 01:57:26PM +0200, [EMAIL PROTECTED] wrote:
I'm doing some testing of openssl.
I'm realized that the 'create-empty-fragment' introduced in do_ssl3_write
[OpenSSL 0.9.6d] to avoid IV weakness causes that IE 6.0 (other versions,
too?) don't work if a client renegotiation
Martin Sjögren:
When you write a zero-length string with SSL_write, OpenSSL signals a
protocol-violating EOF even though no such thing has happened. My
guess is that a zero returned is misinterpreted somewhere though I have
not had time to dig through the source.
SSL_write() with length 0
Lutz Jaenicke:
I have already worked in the cipher selection routines yesterday with
respect to PR#130. I will add an appropriate NOTDEFAULT selection
keyword that will cover cipher suites not selected by default.
As this is a new feature I intend to only add it to 0.9.7 (and later).
Martin Sjögren via RT [EMAIL PROTECTED]:
Bodo Moeller:
Martin Sjögren:
When you write a zero-length string with SSL_write, OpenSSL signals a
protocol-violating EOF even though no such thing has happened. My
guess is that a zero returned is misinterpreted somewhere though I have
not had
Rob Dugal [EMAIL PROTECTED]:
I believe there is a bug in openssl function RSA_padding_check_SSLv23().
This function is supposed to verify that the data is padded with
special PKCS #1 padding as described in SSL 3.0 draft/RFC 2246, App. E.2
Run the server without support for SSL3, and
On Tue, Jul 30, 2002 at 03:50:17PM +0300, Arne Ansper wrote:
These patches are known to apply correctly but have not been
thoroughly tested.
As I understand it, OpenSSL will call abort() when it detects attack
against any hole in SSL.
Not quite. The attacks against known holes are
On Tue, Jul 30, 2002 at 06:08:46PM +0300, Arne Ansper wrote:
attached is a patch for openssl-0.9.6e that removes the usage of die.
please review it carefully. all changes are localized but the action i
take in some places where error reporting is not possible might be little
bit wrong (i.e.
Ben Laurie [EMAIL PROTECTED]:
As noted elsewhere, I really object to returning internal errors! It
makes no sense to attempt to continue after the impossible has occurred.
If we could be absolutely sure that these events are strictly
impossible, then it wouldn't make a difference if we call
On Tue, Aug 13, 2002 at 05:10:34PM +0100, Ben Laurie wrote:
Bodo Moeller wrote:
Ben Laurie [EMAIL PROTECTED]:
As noted elsewhere, I really object to returning internal errors!
It makes no sense to attempt to continue after the impossible has
occurred.
If we could be absolutely sure
On Tue, Aug 13, 2002 at 08:09:02PM +0200, Lutz Jaenicke wrote:
On Tue, Aug 13, 2002 at 07:45:30PM +0200, Bodo Moeller wrote:
On Tue, Aug 13, 2002 at 05:10:34PM +0100, Ben Laurie wrote:
Yes, and the application will continue as if it were sensible to do so.
In fact it *is* often sensible
On Wed, Aug 14, 2002 at 12:52:37PM +0200, Richard Levitte - VMS Whacker wrote:
bodo bodo14-Aug-2002 12:49:35
bodo
bodo Modified:.CHANGES
bodo Log:
bodo add 'TODO' items
Don't these go into the STATUS file, usually?
Only when noone is really working on them at
On Wed, Aug 14, 2002 at 01:24:32PM +0300, Arne Ansper wrote:
[...] what if some standalone application thinks that the
best solution for _its own_ problems is to reboot the machine? (happens
all the time under the windows btw, you install some crap and the
installer happily
On Wed, Aug 14, 2002 at 01:53:29PM +0100, Ben Laurie wrote:
The consistency checks don't detect that memory *has* been corrupted.
They detect that memory *would* be corrupted if the library simply
continued to do what it is doing. But if we return an internal error,
this does not actually
On Wed, Aug 14, 2002 at 01:57:32PM +0100, Ben Laurie wrote:
[...]
But for various other potential errors, we do know what happened
(e.g. a buffer has insufficient size) and we do know how to continue
without doing significant harm (abort this one TLS/SSL connection, and
in a way such that we
On Wed, Aug 14, 2002 at 03:39:03PM +0100, Ben Laurie wrote:
So how did the buffer get to be too small?
Well, in one of the cases it was improper protocol data checking
(fixed in 0.9.6f). The others should really be impossible, but if
they ever become possible, this most likely is because of
On Wed, Aug 14, 2002 at 08:42:47PM +0100, Ben Laurie wrote:
I propose we have a compile
time flag that determines whether impossible conditions are fatal or
return errors,
Go ahead, compile time flags are how we usually handle such things in
On Thu, Sep 19, 2002 at 01:44:01PM +0200, Bodo Moeller via RT wrote:
I don't know why that message is empty. What I wrote is that this
should now be fixed in the current snapshots (0.9.6-stable and
0.9.8-dev -- seems I forgot about 0.9.7-stable, this will have the
fix tomorry).
--
Bodo
On Thu, Sep 19, 2002 at 06:28:16PM -0700, Patrick McCormick wrote:
No locking should be needed because the assignments are idempotent.
However, the assignments are not atomic. The following unprotected
operation:
if (init)
{
memcpy((char *)SSLv3_server_data,(char
On Tue, Sep 03, 2002 at 05:29:41PM -0700, Patrick McCormick wrote:
I needed to add the following calls in my single-thread openssl setup code
to end several race conditions:
SSLv23_client_method();
SSLv2_client_method();
SSLv3_client_method();
TLSv1_client_method();
On Mon, Sep 23, 2002 at 04:26:00PM +0200, Bodo Moeller via RT wrote:
Somehow the RT2 system doesn't like the comments I enter at the
website when resolving a ticket ...
I wrote that the next snapshots should solve the problem. Functions
SSLv23_client_method
On Tue, Sep 24, 2002 at 03:47:14PM -0700, Patrick McCormick wrote:
Many thanks for putting in a lock. However, the race condition has not been
eliminated.
[...]init must be checked after the lock is entered in order to
prevent the client_data setup from happening twice. So,
On Wed, Sep 25, 2002 at 05:31:08PM +0200, Bodo Moeller via RT wrote:
As usual, I really wrote that the bug will be fixed in the next
snapshot (but RT2 still does not believe me :-).
--
Bodo Möller [EMAIL PROTECTED]
PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658
On Wed, Sep 25, 2002 at 08:49:47AM -0400, John O Goyo wrote:
Certicom has intellectual property rights relating to safe primes in DH [...]
+ Certicom has intellectual property rights relating to the use of safe primes
+ in the DH key-exchange, including US patent 5,933,504 and pending US
+
On Mon, Oct 14, 2002 at 12:52:30PM +0200, Richard Levitte - VMS Whacker wrote:
The problem seems to be manifested in BN_dec2bn() because of
the BN_mul_words and BN_add_words (e.g. line b). Since the
upper parts of d aren't cleared out, those routines end up
adding to whatever junk happened
Miles Sabin [EMAIL PROTECTED]:
First, the init flag needs to be volatile to prevent an aggressive
compiler from optimizing away the second check (nb. there may be issues
with compilers respecting volatile as mentioned in the key zeroizing
thread).
I know it should really be volatile (is
On Thu, Nov 14, 2002 at 11:14:49AM +0100, Lutz Jaenicke wrote:
On Wed, Nov 13, 2002 at 04:14:54PM -0800, Jeremiah Gowdy wrote:
I was doing application development (not the topic of this email)
interacting with an IBM developed SSL library. I experienced unexpected
disconnects immediately
On Sun, Jan 26, 2003 at 01:31:48PM -0800, Tim Rice wrote:
I looks like man pages are being installed in the wrong place on
non default installs. Ie. --prefix=/usr --openssldir=/etc/ssl
It is intentional that we use the --openssldir value rather than the
--prefix value in such cases. Files
Arne Ansper [EMAIL PROTECTED]:
Like I say, they should only do this if there was an error reported, surely?
No. Take a look at the SSL_CTX_use_certificate_chain_file:
ret=SSL_CTX_use_certificate(ctx,x);
if (ERR_peek_error() != 0)
ret = 0; /* Key/certificate mismatch
On Wed, Jan 22, 2003 at 04:20:37PM -0600, Joel Daniels wrote:
The openssl req command, when set up to prompt for the Distinguished Name,
uses fgets() to read the Distinguished Name fields. This means that if
someone uses the backspace key, a 0x08 character is inserted wherever they
typed the
On Tue, Feb 04, 2003 at 04:32:24PM -0500, Joseph Ferner wrote:
In OpenSSL 0.9.7 SSL_add_dir_cert_subjects_to_stack (ssl_cert.c) was
added for Win32 but was omitted in the ssleay32.def file. Could this be
added?
Thanks for the report, this is now fixed.
It would also be nice to have
On Tue, Feb 11, 2003 at 10:51:56AM +0100, Holger Sesterhenn wrote:
I am playing around with PKCS7 mails and also have noticed the small
gliches when dealing with multipart/mime. (yes, I have spent some time
reading groups.google and the mailing list archives).
If I understand RFC2046
Please test snapshot openssl-0.9.7-stable-SNAP-20030214.tar.gz
(or later), which will be available today around 8 p.m. GMT at
URL: ftp://ftp.openssl.org/snapshot;type=d .
We plan to release version 0.9.7a soon (next week if all goes well).
OpenSSL 0.9.7a will be a bugfix release based on 0.9.7;
Bodo Moeller via RT [EMAIL PROTECTED]:
[nothing]
RT has cut off the message, which said that the fix will be in the
next snapshot (which should be the latest snapshot by now).
--
Bodo Möller [EMAIL PROTECTED]
PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html
On Fri, Feb 21, 2003 at 02:58:24PM +0100, Bodo Moeller wrote:
Log:
ECPublicKey_set_octet_string and ECPublicKey_get_octet_string
behaviour was not quite consistent with the conventions
for d2i and i2d functions as far as handling of the 'out'
or 'in' pointer is concerned
Bobco, Pete [EMAIL PROTECTED]:
After applying the March 17, 2003 RSA Blinding patch, I am seeing
some intermittant problems when I browse to my test server to
retrieve pages. Sometimes a GIF file does not appear, but using the
Refresh key will get it. I am wondering if anyone else out there
OpenSSL Security Advisory [19 March 2003]
Klima-Pokorny-Rosa attack on RSA in SSL/TLS
===
Czech cryptologists Vlastimil Klima, Ondrej Pokorny, and Tomas Rosa
have come up with an extension of the Bleichenbacher attack on RSA
with PKCS #1 v1.5 padding as
On Mon, Mar 31, 2003 at 03:01:27PM -0500, Greaney, Kevin wrote:
I downloaded a snapshot recently,
openssl-e-0.9.6-stable-SNAP-20030327.tar.gz,
and was comparing the files [.crypto.rsa]rsa_eay.c AND
[.crypto.rsa]rsa_lib.c. I noticed
that in rsa_eay.c that the patch used the positive
Please don't forget the enc_read.c bug fix.
From: Michael Rayment [EMAIL PROTECTED]
Subject: [ssl-bugs] Possible bug in crypto/des/enc_read.c
Date: Mon, 15 Feb 1999 00:45:01 -0330
I am using enc_read.c and enc_write.c to easily read and write data into
and from an encrypted file. I am
+ s=BN_new();
if (s == NULL) ...
+ ret=DSA_SIG_new();
if (ret == NULL) ...
+ s = DSA_SIG_new();
if (s == NULL) ...
__
OpenSSL Project http://www.openssl.org
Development
"Chad C. Mulligan" [EMAIL PROTECTED]:
Hmmm... I don't know how _efficient_ it is, but in the tests I did
on it, the average time to create a 1024 bit strong prime (and one
_guaranteed_ strong, by construction) was 1014 seconds, as opposed
to 2301 seconds for BN_generate_prime() with "strong"
On Sat, Mar 27, 1999 at 04:03:00AM +0100, Bodo Moeller wrote:
"Safe" primes, where q := (p - 1)/2 is prime, imply that there is
one very large (order q) subgroup of (Z/pZ)*. More generally,
we want a large prime q to be some divisor of p - 1. The order of
the generato
On Mon, Mar 29, 1999 at 05:20:36PM +0200, Bodo Moeller wrote:
What I don't understand though is the redifinition of BN_ASM in
openssl-0.9.2b/crypto/bn/Makefile: [...]
The real definition is in openssl-0.9.2b/Makefile.ssl: [...]
What's this redefinition about, and why does the make procedure
[...] I do not have a file called error.doc on my hard drive.
Actually, it's now part of doc/ssleay.txt.
__
OpenSSL Project http://www.openssl.org
Development Mailing List
On Mon, Mar 29, 1999 at 01:12:03PM +, Chad C. Mulligan wrote:
Bodo Moeller:
What exactly do you mean by "strong" primes? BN_generate_prime() uses
the word "strong" for what is more commonly called a "safe" prime,
I mean a "safe" pri
.
+ [Bodo Moeller]
I hope no-one circumenvented the API and used those macros directly in
any applications? The comment in ssl.h was wrong, anyway:
--- ssl.h 1999/03/22 12:22:03 1.17
+++ ssl.h 1999/03/31 12:06:29 1.18
@@ -477,10 +477,9 @@
struct ssl_st
Tom Titchener [EMAIL PROTECTED]:
Attached please find a compressed tar file containing patches and
sources implementing with the OpenSSL libraries:
http://www.ietf.org/internet-drafts/draft-ietf-pkix-ocsp-07.txt
Here's a summary of the files you get:
[...]
mk1mf.pl.patch
Niels Poppe [EMAIL PROTECTED]:
In packaging openssl, I change #include "foo.h" to #include ssl/foo.h
and then install all ssl include files into /usr/include/ssl.
This way nothing changes for openssl internally, but once installed in
the system location, external programs can include
I thinkt that it is not a good idea to have files openssl.pod and
openssl.txt in the same directory: The names suggest that the latter
is a formatted version of the former, which is not true.
The X509v3 documentation in openssl.txt (which could get a different
filename) should mention that a
apps/sc.c is a slight variation of apps/s_client.c. It exists in
OpenSSL 0.9.1c, but not yet in SSLeay. The only changes to s_client.c
are Windows-specific (mostly #if(n)defs); according to the comments,
it has only been tested under Win95. Maybe someone who uses NT can
look into it and, if it
I wrote:
pathLenConstraint counts just the CA path -- 0 means that a CA may
sign only end entities --, while verify_depth counts all certificates,
IIRC).
I don't really mean all certificates (unless one starts counting at
0), but all steps on the path: Depth 1 means that CAs sign end-entity
Mikko Hirvonen [EMAIL PROTECTED]:
I have problems with pipes. I try to use s_client as fetchmail plugin, but
something goes wrong. Transmission over ssl-tunnel will stop.
I think s_client.c is buggy in that in does a select() loop where in
fact it the first thing it should do in each
"Titchener, Tom" [EMAIL PROTECTED]:
Ever try connecting to an SSLeay server that uses
SSLv23_server_method() via a telnet session and then closing the
session without sending any data?
When you do that in our server, it crashes trying to use the
handshake_func function in ssl23_read(),
[EMAIL PROTECTED] (Bodo Moeller):
Mikko Hirvonen [EMAIL PROTECTED]:
I have problems with pipes. I try to use s_client as fetchmail
plugin, but something goes wrong. Transmission over ssl-tunnel will
stop.
I think s_client.c is buggy in that in does a select() loop where in
fact
The shellscript test/testenc must be told somehow which ciphers have
been configured. After a -DNO_IDEA build, it still tries to run
"../apps/openssl idea-ecb" etc., which of course fails. I usually
just ignored this error because I obviously knew that I explicitly did
not include IDEA, so this
On Fri, Apr 09, 1999 at 11:45:47AM +0200, Richard Levitte - VMS Whacker wrote:
What's the cleanest way to solve this? Exile the command
list
Run something like the following during compilation of the test
directory:
$(CC) $(CFLAGS) -E testenc_methods.c | sed -e 'd/^$/' |\
On Fri, Apr 09, 1999 at 07:29:51PM +0100, Ben Laurie wrote:
Isn't the simplest thing to just #ifdef the test code itself, so the
test programs are always there, just don't do anything if there's
nothing to test?
There are two kinds of tests: First, there are ideatest.c and similar
programs.
Dr Stephen Henson [EMAIL PROTECTED]:
[EMAIL PROTECTED] wrote:
That seems very complicated. How about doing this
in the Makefile
test: cipherlist
cipherlist: cipherlist.c
..usual CC rules.
And cipherlist is
main()
{
#ifndef NO_DES
Down below, as discussed, a patch for getting rid of ctx_size.c and
pem.org follows. The Configure script obviously should be cleaned up
if we do this. The new pem.h will differ from the existing pem.org as
follows (remember that HEADER_ENVELOPE_H is always defined here
because of a previous
On Wed, Apr 14, 1999 at 11:43:56AM -0400, Tom Titchener wrote:
Here are a handful of minor fixes I had to make to feed 0.9.3 through
VC 6.0.
[...]
4) The apps directory needs a copy of bss_file.c, which lives in
crypto/bio. This is the kind of thing you handle with a symlink
on Unix but
1 - 100 of 636 matches
Mail list logo