Hi Matt,
Thanks a lot for the response.
Is your application a client or a server? Are both ends using OpenSSL 1.0.2d?
If not, what is the other end using?
>>Our device has both TLS client,server apps. As client, device
communicates with radius server, LDAP server etc.As server device is
accessed
Hello Jaya
We're going to need some more information. There isn't a generic problem
with CBC ciphers and TLS1.0 in 1.0.2d (it's working fine for me) - so
there is something specific about your environment that is causing the
issue. Comments inserted below.
On 04/12/15 06:53, Jayalakshmi bhat
Hi all
I am compiling Openssl 1.0.h version in SLES 11 SP1 ,in make command I am
facing some errors.I have the instructions properly as given.
The error was:
/usr/lib64/gcc/x86_64-suse-linux/4.3/../../../../x86_64-suse-linux/bin/ld:
libcrypto.a(x86_64-gcc.o): relocation R_X86_64_32 against
For clarity, which version of WinCE, and which CPU (Arm,
MIPS,PPC, x86, SH3, SH4, ...)?
Which Microsoft Compiler version (EVC3, EVC4, one of the
Visual Studio projects, 3rd party compiler) and which
exact compiler version (reported by running the compiler
executable (named according to CPU) with
On 04/12/15 11:31, Jayalakshmi bhat wrote:
> Hi Matt,
>
> Thanks a lot for the response.
>
> Is your application a client or a server? Are both ends using
> OpenSSL 1.0.2d? If not, what is the other end using?
>>>Our device has both TLS client,server apps. As client, device communicates
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL Security Advisory [3 Dec 2015] - Updated [4 Dec 2015]
=
[Updated 4 Dec 2015]: This advisory has been updated to include the details of
CVE-2015-1794, a Low severity issue affecting
[ Redirecting to openssl-users ]
On Fri, Dec 04, 2015 at 03:25:35PM +, Oliver Schonrock via RT wrote:
> To Reproduce:
> $ openssl s_client -connect api.textmarketer.co.uk:443
> depth=2 C = US, O = "thawte, Inc.", OU = Certification Services
> Division, OU = "(c) 2006 thawte, Inc. - For
Just coincidentally we may have an issue in a pending release that looks much
like this scenario as well;
In our case, the server is 1.0.2d and the client is not.
I'll update details as I get them .. N
Nou Dadoun
Senior Firmware Developer, Security Specialist
Office: 604.629.5182 ext 2632
Hi Matt,
I replaced constant_time_eq_8 usage in s3_cbc.c with the implementation
available in OpenSSL 1.0.1e. Things worked fine.
Regards
Jaya
On Fri, Dec 4, 2015 at 7:04 PM, Matt Caswell wrote:
>
>
> On 04/12/15 11:31, Jayalakshmi bhat wrote:
> > Hi Matt,
> >
> > Thanks a
Hi Matt,
s3_cbc.c uses the function constant_time_eq_8. I pulled only this
function definition from OpenSSL 1.0.1e into OpenSSL 1.0.2d. I renamed this
function as constant_time_eq_8_local and used it in s3_cbc.c instead of
constant_time_eq_8. This renaming was just to avoid multiple definitions.
Hi Jakob
CPU is ARMARCH4. WinCE version is 6.0. I will get the compiler details
shortly.
Regards
Jaya
On Fri, Dec 4, 2015 at 6:05 PM, Jakob Bohm wrote:
> For clarity, which version of WinCE, and which CPU (Arm,
> MIPS, PPC, x86, SH3, SH4, ...)?
>
> Which Microsoft
11 matches
Mail list logo