[openssl-users] OpenSSL Security Advisory

updates. References == URL for this Security Advisory: https://www.openssl.org/news/secadv/20170126.txt Note: the online version of the advisory may be updated with additional details over time. For details of OpenSSL severity classifications please see: https://www.openssl.org/policies

Re: [openssl-users] OpenSSL handshake failure in ssl3_get_client_hello() routine

Hi Matt, Thanks for such a detailed reply. I will work on the pointers provided. And will plan to move openssl implementation to 1.0.2 series as suggested. I will check the random method used if that is the cause of this issue. Many thanks, Senthil. On Thu, Jan 26, 2017 at 3:38 PM, Matt Caswell

Re: [openssl-users] OpenSSL handshake failure in ssl3_get_client_hello() routine

On 26/01/17 15:53, Senthil Raja Velu wrote: > Hi Matt, > One other quick question, Is there a openssl utility code to just check > PRNG is initialized or NOT_SEEDED. See RAND_status(). Matt -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] OpenSSL handshake failure in ssl3_get_client_hello() routine

Hi Matt, One other quick question, Is there a openssl utility code to just check PRNG is initialized or NOT_SEEDED. That way I could verify the current running state of the application. The other thing I am after is, it works some times but not other times. Thanks, Senthil. On Thu, Jan 26, 2017

[openssl-users] OpenSSL version 1.1.0d published

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL version 1.1.0d released === OpenSSL - The Open Source toolkit for SSL/TLS https://www.openssl.org/ The OpenSSL project team is pleased to announce the release of version 1.1.0d of our open

[openssl-users] OpenSSL version 1.0.2k published

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL version 1.0.2k released === OpenSSL - The Open Source toolkit for SSL/TLS https://www.openssl.org/ The OpenSSL project team is pleased to announce the release of version 1.0.2k of our open

Re: [openssl-users] OpenSSL handshake failure in ssl3_get_client_hello() routine

Thanks again! -Senthil. On Thu, Jan 26, 2017 at 9:27 PM, Matt Caswell wrote: > > > On 26/01/17 15:53, Senthil Raja Velu wrote: > > Hi Matt, > > One other quick question, Is there a openssl utility code to just check > > PRNG is initialized or NOT_SEEDED. > > See

Re: [openssl-users] Should openssl publish the commit #'s that fixed each CVE?

Scott, I just checked the CVE ID's on mitre, and as of now ( 11:18 AM PST 1/26/17 ) they are all listed as 'reserved' and don't have any information about the issue. NVD shows the same information. In either case, it seems like an extra hoop to jump through to have to go to a third party site to

[openssl-users] Should openssl publish the commit #'s that fixed each CVE?

Hello, When looking a the latest security announcement, something that I notice is that it's hard to find the actual commits that fixed an issue. If you search git.openssl.org you can find some of them if they are mentioned in the change message, but it still requires some active effort. Would

Re: [openssl-users] Should openssl publish the commit #'s that fixed each CVE?

The CVE itself contains the commit info. Find it at cve.mitre.org From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of Ethan Rahn Sent: Thursday, January 26, 2017 10:40 AM To: openssl-users@openssl.org Subject: [openssl-users] Should openssl publish the commit #'s that

Re: [openssl-users] OpenSSL handshake failure in ssl3_get_client_hello() routine

On 26/01/17 04:38, Senthil Raja Velu wrote: > Hi, > I have a setup where the handshake between openssl server and client > fails at times but not always. And when it does, the client keeps > retrying and all of trials fail. Only way to recover is to restart the > server. > > Currently on the