Re: [openssl-users] How to access a bug fix ?

On 11/13/2015 10:14 AM, jonetsu wrote: > Hello, > > > I would like to see the bug fix for RT3515 'Use 3DES in pkcs12 if built with > no-rc2' although the opnssl tree I got recently does not show it: The bug fix is just the patch contained in the initial submission. > > % git status > On branch

Re: [openssl-users] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On 11/13/2015 09:31 AM, Jakob Bohm wrote: > On 13/11/2015 14:40, Emilia Käsper wrote: >> Hi all, >> >> We are considering removing from OpenSSL 1.1 known broken or outdated >> cryptographic primitives. As you may know the forks have already done >> this but I'd like to seek careful feedback for

Re: [openssl-users] d2i_RSAPrivateKey not working on a private key

Hi Frank, Thanks for these thoughts. On 10/13/2015 09:57 PM, Frank Migge wrote: > Hi David, > > I didn't spot the error in your code. But since d2i_RSAPrivateKey() > fails on the DER data, how about a workaround? If your remaining code > works fine, you could extract the RSA key from the

Re: [openssl-users] [openssl-dev] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On 11/18/2015 07:05 AM, Hubert Kario wrote: > So, a full CAdES-A, XAdES-A or PAdES-A implementation _needs_ to support > both relatively modern TLS with user certificates, preferably the newest > cryptosystems and hashes as well as the oldest ones that were > standardised and used. > > That

Re: [openssl-users] [openssl-dev] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On 11/18/2015 12:52 PM, Blumenthal, Uri - 0553 - MITLL wrote: > On 11/18/15, 12:12 , "openssl-dev on behalf of Benjamin Kaduk" > <openssl-dev-boun...@openssl.org on behalf of bka...@akamai.com> wrote: > >> On 11/18/2015 07:05 AM, Hubert Kario wrote: >>&

Re: [openssl-users] s_client -no_tls1 option

On 12/01/2015 05:28 PM, Nounou Dadoun wrote: > Getting an unexpected result, does the no_tls1 option for s_client mean > "don't use tls1" (and everything else is ok) or does it mean "don't use tls1 > or tls1.1 or tls1.2"? I expected the former but I'm observing the latter! > (The man page

Re: [openssl-users] Question about TLS record length limitations

On 12/07/2015 02:43 PM, Software Engineer 979 wrote: > Hello, > > I'm currently developing an data transfer application using OpenSSL. > The application is required to securely transfer large amounts of data > over a low latency/high bandwidth network. The data being transferred > lives in a 3rd

Re: [openssl-users] CBC ciphers + TLS 1.0 protocol does not work in OpenSSL 1.0.2d

On 12/09/2015 05:04 PM, Matt Caswell wrote: > > On 09/12/15 11:44, Jayalakshmi bhat wrote: >> Hi Matt, >> >> I could build and execute the constant_time_test. I have attached the .c >> file and test results. 34 tests have failed. All failures are >> around constant_time_eq_8. This is the function

Re: [openssl-users] CBC ciphers + TLS 1.0 protocol does not work in OpenSSL 1.0.2d

On 12/10/2015 12:09 PM, openssl-us...@dukhovni.org wrote: >> On Dec 10, 2015, at 12:45 PM, Jakob Bohm wrote: >> >> On 10/12/2015 18:33, Viktor Dukhovni wrote: >>> On Thu, Dec 10, 2015 at 04:55:29AM -0700, Jayalakshmi bhat wrote: >>> >>> static inline unsigned int

Re: [openssl-users] CBC ciphers + TLS 1.0 protocol does not work in OpenSSL 1.0.2d

On 12/10/2015 11:45 AM, Jakob Bohm wrote: > 3. The compiler wasn't written by a fanatic who put > the "right shift of negative signed values is > undefined" rule above common sense. This is only implementation-defined behavior, not undefined behavior. It is not permitted to crash the system

Re: [openssl-users] CBC ciphers + TLS 1.0 protocol does not work in OpenSSL 1.0.2d

On 12/10/2015 05:55 AM, Jayalakshmi bhat wrote: > Hi Matt, > > Thanks for the patch. Unfortunately patch did not work. I continued > debugging and found that issue was in constant_time_msb. > > static inline unsigned int constant_time_msb(unsigned int a) { > -*return 0 - (a >> (sizeof(a) * 8 -

Re: [openssl-users] [openssl-dev] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On 11/17/2015 12:00 PM, Jeffrey Walton wrote: > > > Also, if OpenSSL requires iOS 9 or above, then its setting policy for users. In some sense, yes. But it has always done so -- OpenSSL only supports certain platforms, and certain versions of certain platforms. There are prerequisites to being

Re: [openssl-users] [openssl-dev] Openssl 1.1 and Bind 9.6 ESV R11

On 01/19/2016 05:37 PM, The Doctor wrote: > Tried to compile an old bind and ran into Why? > What needs to be adjusted? > > The bind code is what needs to be adjusted, given that openssl 1.1 is intentionally introducing API changes and removing direct access to many structures. It seems quite

Re: [openssl-users] Problems with OpenSSL 1.0.2 h

Hello, On 05/04/2016 05:21 AM, Dirk Menstermann wrote: > Hi, > > I've trouble with the newest OpenSSL as I'm operating a webserver application > that answers with HTTP1.x and HTTP2. > > I registered the ALPN callback and in this the cipher list was adjusted > "SSL_set_cipher_list (ssl,

Re: [openssl-users] different encrypted text for the same plain text message

There are several places where a per-connection random input is introduced, with a specific goal of making encryptions of the same plaintext produce different ciphertexts (as well as other benefits). If a plaintext always produced the same ciphertext, then an attacker could make a dictionary of

Re: [openssl-users] output from: dh, dhparam, pkeyparam

On 08/10/2016 11:00 AM, Jakob Bohm wrote: > On 08/08/2016 16:51, Benjamin Kaduk wrote: >> What Rich said, and also note that it's perfectly valid usage of the >> PEM routines to read one type from a BIO and then go on to read >> another (potentially different) type from t

Re: [openssl-users] issue while compiling openssl1.02h

You'll probably need to provide more information; what is the compiler command line and full output for this failing file; is openssl installed once or in multiple places on the machine; etc. -Ben On 08/08/2016 04:32 AM, Test ssl wrote: > Hi , > > > I am trying to compile openssl 1.0.2h for my

Re: [openssl-users] output from: dh, dhparam, pkeyparam

What Rich said, and also note that it's perfectly valid usage of the PEM routines to read one type from a BIO and then go on to read another (potentially different) type from the same BIO, as would happen if they were in the same file concatenated after each other. So, attempting to peek and see

Re: [openssl-users] linker input file unused/linking not done gcc warning

On 08/02/2016 10:38 AM, jonetsu wrote: > Hello, > > Is it normal to get a 'linker imput file unused because linking > not done' warning when compiling C code that uses OpenSSL in FIPS > mode, hence using fipsld ? > > The object file is actually generated,a s well as the executable, > and it does

Re: [openssl-users] How to enable RC4 in OpenSSL 1.1.0c

On 01/19/2017 11:59 AM, Chris Clark wrote: > Notice it says that dmake.exe is not in my path, but this appears to > be a bug as I am running this from a Visual Studio 2008 x64 Command > Prompt, and nmake.exe is indeed in the path, located in: > c:\Program Files (x86)\Microsoft Visual Studio

Re: [openssl-users] 1.1.0 Failed to Compile using Visual Studio 6 and SDK 2003 SP1

On 09/12/2016 10:57 AM, Mauricio Rodriguez wrote: > Hello, > > > I have been able to compile 1.1.0 with no issues using just about all > versions of VStudio .NET2003/2005/2008/2010. So, all good there. > However, the compilation process using Visual studio 6 has not been > smooth and still fails.

Re: [openssl-users] calloc vs kssl_calloc

On 09/26/2016 11:01 AM, Salz, Rich wrote: > Kssl_calloc calls openssl_malloc which means the data must be free'd with > openssl_free. And in debug builds any non-free'd data is a leak and reported. > Ton line 875 the data is allocated and never free'd, so it skips the leak > detection. In

Re: [openssl-users] Can't compile Apache 2.4.23 with OpenSSL 1.1.0b

The library is mostly self-initializing now, so the malloc_init call is probably not needed. SSLv2 support is entirely removed. There are very drastic changes between the 1.0.x series and the 1.1.0 series, you really should read at least the NEWS file entries and maybe the CHANGES as well.

Re: [openssl-users] calloc vs kssl_calloc

On 10/01/2016 03:32 PM, Geoffrey Coram wrote: > On 09/30/2016 09:29, "Salz, Rich" wrote: >>> Is there something more I should do on this issue? I recall the >> OpenSSL terms of use strongly discouraged people from the US from >> helping, due to US export restrictions. >> >>

Re: [openssl-users] pod to html

On 10/10/2016 08:30 AM, Ken Goldman wrote: > On 10/6/2016 10:11 AM, Matt Caswell wrote: >> make install_html_docs > > That somewhat worked. > > 1 - I get 100's of errors of the form > > /usr/bin/pod2html: -: cannot resolve L in paragraph 11. > Trying the install locally, at

Re: [openssl-users] Missing documentation

On 11/08/2016 01:24 AM, Joachim Person wrote: > Hi, > > It seems like the documentation for SSL_set_tlsext_host_name is gone. > Does anyone know where I can find the documentation? I am interested > in the return values right now. > >

Re: [openssl-users] Duplicating const X509_NAME

On 11/07/2016 05:42 AM, Sascha Steinbiss wrote: > Hi all, > > I was wondering how to properly make a clone of a const X509_NAME in > OpenSSL 1.1? > > In particular, I am obtaining a const X509_NAME* via OCSP_resp_get0_id() > and would like to pass it to X509_find_by_subject() which takes a >

Re: [openssl-users] Questions on internal-buffers being used

On 10/11/2016 02:06 PM, Ajay Garg wrote: > Hi All. > > > a) > In the call, > int BIO_new_bio_pair(BIO **bio1, size_t writebuf1, BIO **bio2, size_t > writebuf2); are internal-buffers malloc'ed for each of "bio1" and "bio2"? > If yes, is there a way to pass buffers from the application-layer? I >

Re: [openssl-users] Questions on internal-buffers being used

} > > if(!BIO_make_bio_pair(inter_bio_buf_bio, network_bio_buf_bio)) > { > /* CONTROL REACHES HERE. */ > } > } > #### > > What am I doing wrong? > > On Wed, Oct 12, 2016 at 12:59 AM,

Re: [openssl-users] Can I rename the OpenSSL shared objects for FIPS?

On 01/12/2017 02:10 PM, Perrow, Graeme wrote: > > We are shipping OpenSSL (1.0.2j) shared objects built with FIPS, > which are automatically loaded when the application starts. But if our > software directory is in the path (or LD_LIBRARY_PATH or platform > equivalent) earlier than the system

Re: [openssl-users] Unable to build with dmake

On 01/04/2017 07:09 AM, Richard Levitte wrote: > Try with nmake, which comes with Visual Studio. > > (I now noticed we haven't made nmake a requirement, while we expect > everyone to use it with the VC-* config targets. We should be more > explicit about this) > Interestingly, having recently

Re: [openssl-users] is there an API to list all the TLS 1.3 cipher suite names?

On Fri, Jan 18, 2019 at 01:33:20AM +, Jordan Brown wrote: > On 1/14/2019 4:09 AM, Matt Caswell wrote: > > This works more "by accident". There is no ciphersuite alias called > > "TLSv1.3", so using it as above results in no ciphersuites matched. > > Since the TLSv1.3 ciphersuites are on by

Re: [openssl-users] Inserting cipher into speed.c

On 02/04/2017 04:00 PM, Schmicker, Robert wrote: > > Hello, > > > Thanks to everyones help here I was able to insert a new cipher into > OpenSSL. > > However, for performance reasons I'd like to begin testing the speed > of my cipher and > > compare to other already implemented ciphers. > > > I

Re: [openssl-users] 'No client certificate CA names sent'

On 01/30/2017 10:44 AM, russellb...@gmail.com wrote: > Quoth Mr Viktor Dukhovni, 'it is often wise to send an empty > list when requesting client certificates.' > How does one send an empty list? > That's generally the default server behavior when no CAs are configured for that

Re: [openssl-users] [openssl-dev] verify depth behavior change from 1.0.2 to 1.1.0?

On 04/04/2017 10:39 AM, Viktor Dukhovni wrote: >> On Apr 4, 2017, at 10:41 AM, Short, Todd via openssl-users >> wrote: >> >> Ben Kaduk: >> >> Do we know the values that are being passed to SSL_CTX_set_verify_depth() >> match the -verify_depth argument, or do they

Re: [openssl-users] Multithreading: Global locks causing bottleneck in parallel SSL_write calls

On 04/12/2017 05:54 AM, dipakgaigole wrote: > Hi, > > I have a windows multi-threaded SSL server application which handles > each client request in a new thread. The Server handles different > types of requests. One of the request type is like “send file” where > server thread has to read a file

Re: [openssl-users] openssl-compat patch for OpenSSL 1.0.2 and below?

On 04/02/2017 07:42 PM, Jeffrey Walton wrote: > I was looking at Kurt Roeckx 's patches for OpenSSH at > https://github.com/openssh/openssh-portable/pull/48/files. See > libcrypto-compat.h and libcrypto-compat.c. > > Are the source files distributed by OpenSSL? If so, where is the download? > > If

Re: [openssl-users] Query regarding upgrading TLS compatibility

On 04/03/2017 04:42 AM, Hegde, Harsha wrote: > > Hi, > > I have an query regarding TLS compatibility used in my application. > Currently we are using TLS1.2 to connect to a third party sever. Is > there any way to always use the highest TLS available version without > modifying or recompiling the

Re: [openssl-users] SSL_CTX_set_msg_callback does not invoke for received change_cipher_spec

On 08/14/2017 11:30 PM, Vakul Garg wrote: > > Hi > > > > I am using openssl s_server and s_client with ‘-msg’ option to track > tls1.2 records being exchanged. > > I notice that while transmitted change_cipher_spec record gets printed. > > But the reception of change_cipher_spec record is not

Re: [openssl-users] session resumption tls1.2/tls1.3

[Matt's reply is likely to be high latency] On 07/24/2017 08:53 PM, Neetish Pathak wrote: > > > On Wed, Jul 19, 2017 at 2:27 AM, Matt Caswell > wrote: > > > > On 18/07/17 22:27, Neetish Pathak wrote: > > Hi , > > thanks Matt, this is

Re: [openssl-users] EDDSA certificates

On 07/27/2017 09:18 AM, Robert Moskowitz wrote: > Rich, > > Meant to ask you about this at IETF. > > Given draft-ietf-curdle-pkix-05.txt sec 10, is there openssl code to > produce these??? > There is code to validate them, per commit 4328dd41582bcdca8e4f51f0a3abadfafa2163ee. I didn't look hard

Re: [openssl-users] Apache/OpenSSL1.1 sending Fatal, Description: Handshake Failure' packet to WebDAV client

On 07/27/2017 02:49 PM, Todd Blum wrote: > SSLv2 Record Layer: Client Hello SSLv2-compatible ClientHello is pretty old and probably unneeded > [Version: SSL 2.0 (0x0002)] > Length: 46 > Handshake Message Type: Client Hello (1) > Version: SSL 3.0 (0x0300) >

Re: [openssl-users] session resumption tls1.2/tls1.3

On 07/25/2017 06:05 PM, Neetish Pathak wrote: > > > Please provide any comments if you have or how I should go about > debugging it. Correct me if I am doing it wrong > I don't really have any good suggestions for debugging it. It might be interesting to run in a debugger and collect full

Re: [openssl-users] private key difference: openssl genrsa vs opnessl req newkey

On 07/26/2017 10:13 AM, Michele Mase' wrote: > During the generation of x509 certificates, both commands give the > same results: > > Command "a": openssl req -nodes -newkey rsa:2048 -keyout example.key > -out example.csr -subj "/C=GB/ST=London/L=London/O=Global > Security/OU=IT

Re: [openssl-users] Dumb question about DES

Those ciphers are triple-DES, not single-DES. (The "CBC3" gives it away ... well, not exactly.) The single-DES ciphers were removed in release 1.1.0 (they are included in the "40 and 56 bit cipher support removed from libssl" item in the release notes), though the raw crypto primitives remain in

Re: [openssl-users] Dumb question about DES

On 05/11/2017 03:17 PM, Scott Neugroschl wrote: > > So if I’m using 1.0.2, and want to deprecate 3DES, I need to do that > as part of my build? > > Yes. -Ben -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Dumb question about DES

ES CBC ciphers still part of DEFAULT? > > > > *From:*openssl-users [mailto:openssl-users-boun...@openssl.org] *On > Behalf Of *Benjamin Kaduk via openssl-users > *Sent:* Thursday, May 11, 2017 9:18 AM > *To:* openssl-users@openssl.org > *Subject:* Re: [openssl-users] Dumb ques

Re: [openssl-users] Session Ticket Support in Openssl TLS 1.2

On 06/19/2017 04:12 PM, Neetish Pathak wrote: > > > On Mon, Jun 19, 2017 at 11:11 AM, Neetish Pathak > wrote: > > Hi Matt, > Thanks > Could you help with following queries > > 1) On the blogpost for TLS1.3, you mentions the following

Re: [openssl-users] X509 subject public key id-RSASSA-PSS

On 06/25/2017 03:06 PM, we...@infotech.de wrote: > Dear OpenSSSL users, > > we recently came across a certificate with OID: id-RSASSA-PSS aka > rsassaPss in x509 subjects public key AlgorithmIdentifier. > > According to rfc4056 it is legitimate to use rsaEncryption or > id-RSASSA-PSS as OID for

Re: [openssl-users] Using weak ciphers in OpenSSL v 1.1.0e client

On 06/07/2017 11:13 AM, gerritvn wrote: > We are using OpenSSL in a terminal emulation product. > We recently upgraded from OpenSSL v 1.0.2g to OpenSSL v 1.1.0e. > Some servers we connect to do not support any of the strong ciphers which > are compiled by default in OpenSSL v 1.1.0e and returns an

Re: [openssl-users] Session Ticket Support in Openssl TLS 1.2

On 06/16/2017 01:58 PM, Neetish Pathak wrote: > Hello > Thanks > I tried reading some content from the server side and I observed the > new_session_cb getting invoked in that case on the client side. I > understand that may be due to delayed NewSession info transfer from > server side to client

Re: [openssl-users] Session Ticket Support in Openssl TLS 1.2

On 06/16/2017 05:36 PM, Matt Caswell wrote: >> The security properties of such "external" PSKs are substantially >> different than the "ephemeral" PSKs used in resumption flows. > Ben - Even external PSKs incorporate an ephemeral, per connection, ECDHE > based secret (assuming a suitable kex_mode

Re: [openssl-users] Session Ticket Support in Openssl TLS 1.2

On 06/09/2017 07:54 PM, Neetish Pathak wrote: > > On Thu, Jun 8, 2017 at 3:45 PM, Matt Caswell > wrote: > > > > On 08/06/17 23:12, Neetish Pathak wrote: > > Thanks. > > I had one query regarding the TLS 1.3 implementation on server >

Re: [openssl-users] NMAKE error

On 05/01/2017 10:02 AM, James Condren wrote: > > Getting the following error when attempting to make: > > NMAKE : fatal error U1073: don't know how to make > '"crypto\include\internal\bn_conf.h.in"' > > Stop. > > > > Here’s the lines from the makefile that are creating the error: > >

Re: [openssl-users] Openssl failed to decrypt certificate without \r\n

On 09/18/2017 12:59 AM, Viktor Dukhovni wrote: >> On Sep 17, 2017, at 10:23 PM, Zhang, Lily (USD) wrote: >> >> Would you help me to take a look this certificate issue? >> In order to send out the file, I added ".txt" in the file name. Please >> remove it before test it. >>

Re: [openssl-users] s_server and explicit dhparam

On 09/21/2017 03:30 AM, Le Van Gong, Hubert wrote: > Hi there, > > I'm trying to run opensslin server modeand leverage non-default DH > params with the following command: > sudo openssl s_server -cert server_cert.pem -dhparam dhparam_2.pem > -tls1_3 -accept 443 > > Where the dhparam_2.pem file

Re: [openssl-users] s_server and explicit dhparam

On 09/21/2017 10:57 PM, Le Van Gong, Hubert wrote: > Hi Ben, > > Ah, good catch. Maybe the doc should be updated to mention that fact. > Does anyone know if this is on the roadmap? The documentation could not really get updated more easily than the code, and I committed the needed fix yesterday,

Re: [openssl-users] Issue with freeing X509

On 10/17/2017 08:39 AM, Adi Mallikarjuna Reddy V wrote: > Hi, > > If I have an X509 object and is created using PEM_read_bio_X509_AUX(), > then Can I free X509 right after the completion > of PEM_read_bio_X509_AUX()? > >                                BIO *cert_bio = BIO_new(BIO_s_mem()); >        

Re: [openssl-users] SSL_CTX_set_cipher_list returns failure for DHE-DSS-AES256-GCM-SHA384

On 09/06/2017 12:02 AM, mahesh gs wrote: > Hi All, > > I am using openssl version 01.01.00f for providing TLS and DTLS > security for TCP and SCTP connection for our application. I have query > regarding the "Ciphers" that are accepted by the > SSL_CTX_set_cpiher_list API. The list of ciphers that

Re: [openssl-users] How to increase the priority of some cipher ?

I am curious about this statement that "(EC)DHE cost much more resources than RSA".  In particular, ECDHE is supposed to be less computation-intensive than RSA for a given security level, so it would be interesting to hear what your setup is where the reverse is supposed to be observed. -Ben On

Re: [openssl-users] Issue with freeing X509

On 10/17/2017 11:27 AM, Adi Mallikarjuna Reddy V wrote: >> I am only worried about the following line.  >> >> SSL_CTX_use_certificate(ctx, cert) >> >> After this line is it safe to free cert object while ctx is still >> used later on? >> SSL_CTX_use_certificate(ctx, cert), on successful return,

Re: [openssl-users] Issue with freeing X509

got to mention that the ssl_ctx is going to be used by another > thread later. When I do x509_free, the handshake doesn’t finish. > > I see a crash in ssl_accept. > > Thanks  > Adi > > On Tue, Oct 17, 2017 at 8:41 AM Benjamin Kaduk <bka...@akamai.com > <mailto:bka.

Re: [openssl-users] Issue with freeing X509

copy. -Ben On 10/17/2017 12:32 PM, Adi Mallikarjuna Reddy V wrote: > Is this documented some where?  > > Also is the same true - with SSL_CTX_use_PrivateKey(ctx, evp_pkey) ? > where I can free evp_pkey with EVP_PKEY_free()? > > > Thanks > Adi > > On Tue, Oct 17, 2

Re: [openssl-users] OCSP_BASICRESP_verify() in 1.1.0

On 11/01/2017 09:52 AM, Dave Coombs wrote: >>> It would be nice, though, if the API provided a way to get the signer's >>> certificate. There is OCSP_resp_get0_signature(), but that only returns >>> the bit string. Comparable functions in other modules (eg: >>> X509_get0_signature(),

Re: [openssl-users] OCSP_BASICRESP_verify() in 1.1.0

On 10/31/2017 01:05 PM, Dave Coombs wrote: >>> If I pass in a STACK_OF(X509) *certs with only the signer's cert in it, and >>> NULL for X509_STORE *st since it won't be used, then I think I should get >>> the desired result, yes, at the cost of ocsp_find_signer(single-entry >>> certs) and the

Re: [openssl-users] OCSP_BASICRESP_verify() in 1.1.0

On 10/31/2017 10:36 AM, Matt Caswell wrote: > > On 31/10/17 13:06, Dave Coombs wrote: > >> Either way, I hereby report you've got a few macros in a public >> header that can't possibly work as things stand. :-) > Yes - a bug. I'm tempted just to remove them. > That seems like the best course of

Re: [openssl-users] Access clienthello in openssl1.1.0

On Wed, Jun 13, 2018 at 11:32:11AM -0500, Zeyuan Yu wrote: > Hi All, > > Is there still a way to access client hello in 1.1.0? > > Before 1.1.0 I can just access the internal `s->init_msg`. And starting > 1.1.1, APIs are provided for the client hello. But there doesn't seem to be > similar

Re: [openssl-users] Call for testing TLS 1.3

(For those who are not Jouni, there is some spec work needed for TLS 1.3/EAP integration as well, occurring in the IETF EMU working group. I assume Jouni is on the mailing list and knows this already) -Ben On Mon, May 28, 2018 at 03:28:13PM +0300, Jouni Malinen wrote: > On Sun, Apr 29, 2018 at

Re: [openssl-users] Passing custom CFLAGS,LDFLAGS to configure ?

On 10/27/2017 07:35 AM, David Barishev wrote: > Hello, > I am building a custom script for building openssl for android, and i > want to use unified headers which are enabled by default with ndk r15+. > For this i need to pass custom CFLAGS and LDFLAGS, which i was able to > successfully compile

Re: [openssl-users] cert chain file ordering question

On 01/08/2018 06:33 PM, Norm Green wrote: > This question is regarding OpenSSL 1.1. > > Let's say I have this trust hierarchy: > > RootCA > CA1 > CA2 > CA3 > userCert > > > So userCert is signed by CA3, CA3 is signed by CA2, and so on up to > RootCA, which is a self-signed root cert. > > If I

Re: [openssl-users] Confirmation of what I believe to be true from docs and observation

On 01/10/2018 08:41 AM, Karl Denninger wrote: > > We start with a context that I load a dhparam file to (so I can take a > DH connection) along with an edh curve, then set an acceptable cipher > list for it to use. > Why not just use AUTO_DH (the only option for 1.1.0, IIRC)? > Assume I next

Re: [openssl-users] Confirmation of what I believe to be true from docs and observation

On 01/10/2018 02:37 PM, Karl Denninger wrote: > On 1/10/2018 14:07, Benjamin Kaduk wrote: >> On 01/10/2018 08:41 AM, Karl Denninger wrote: >>> We start with a context that I load a dhparam file to (so I can take a >>> DH connection) along with an edh curve, then set an

Re: [openssl-users] compilation error with openssl-1.1.0 and DH_get0_key

On 02/21/2018 10:16 AM, Robert Watson wrote: > I'm trying to update a crypto library for crtmpserver to work with > openssl 1.1.0.  The software is no longer actively maintained and my > c++ skills are somewhat rudimentary but I keep getting a compilation > error for something that seems trivial.

Re: [openssl-users] 1.1.1 pre1 tests failing on Solaris SPARC

On 02/19/2018 02:06 PM, Norm Green wrote: > Not sure if this is expected on this platform? > > Test Summary Report > --- > ../test/recipes/04-test_asn1_encode.t    (Wstat: 256 Tests: 1 > Failed: 1) >   Failed test:  1 >   Non-zero exit status: 1 >

Re: [openssl-users] OpenSSL version 1.1.1 pre release 9 published

On Mon, Aug 27, 2018 at 04:38:24PM -0400, Robert Moskowitz wrote: > > > On 08/27/2018 04:07 PM, Hubert Kario wrote: > >On Monday, 27 August 2018 20:57:53 CEST Robert Moskowitz wrote: > >>On 08/27/2018 02:33 PM, Hubert Kario wrote: > >>>On Thursday, 23 August 2018 16:35:01 CEST Robert Moskowitz

Re: [openssl-users] Two sessions in a single full handshake

s_client has -sess_out and -sess_in options that can be used to save session information to a file and read it in for a subsequent connection. Neither is used by default. -Ben On Sun, Sep 30, 2018 at 11:06:14AM +0800, John Jiang wrote: > Does s_client resume any session in the local session

Re: [openssl-users] SNI callback

On Wed, Nov 28, 2018 at 08:48:10PM +, Jeremy Harris wrote: > OpenSSL 1.1.1 FIPS 11 Sep 2018 > RHEL 8.0 beta > > Using SSL_CTX_set_tlsext_servername_callback() > when the called routine returns SSL_TLSEXT_ERR_NOACK > I was expecting the handshake to fail. It carries > on; am I doing

Re: [openssl-users] s_server -www -tls1_3: Firefox/Chrome not working

On Wed, Sep 12, 2018 at 03:50:17PM +0200, Klaus Keppler wrote: > Hi, > > when I create a TLS-1.3-only "web" server with s_server (from OpenSSL > 1.1.1-release), Firefox/Chrome can't access it. > According to all docs I've read so far, the TLS 1.3 implementations both > from Firefox (62.x) and

Re: [openssl-users] openssl 1.1.1 and FreeBSD 11.2

On Tue, Sep 11, 2018 at 10:48:40AM -0600, The Doctor wrote: > On Tue, Sep 11, 2018 at 09:33:36AM -0600, The Doctor wrote: > > Looks likes I found a first bug > > > > ../test/recipes/70-test_comp.t . > > Proxy started on port [::1]:10789 > > Server command:

Re: [openssl-users] openssl 1.1.1 and FreeBSD 11.2

On Tue, Sep 11, 2018 at 03:04:06PM -0600, The Doctor wrote: > On Tue, Sep 11, 2018 at 02:57:09PM -0500, Benjamin Kaduk via openssl-users > wrote: > > On Tue, Sep 11, 2018 at 10:48:40AM -0600, The Doctor wrote: > > > On Tue, Sep 11, 2018 at 09:33:36AM -0600, The Doctor wrote:

Re: [openssl-users] s_server -www -tls1_3: Firefox/Chrome not working

On Thu, Sep 13, 2018 at 08:13:41PM +0200, Jakob Bohm wrote: > On 13/09/2018 09:57, Klaus Keppler wrote: > >Hi, > > > >thank you for all your responses. > > > >I've just tested with Firefox Nightly 64.0a1, and both s_server and our > >own app (using OpenSSL 1.1.1-release) are working fine. > > >

Re: configuring callbacks (or not) and SNI vs not... no shared cipher from server end

On Wed, May 08, 2019 at 04:40:07PM -0400, Michael Richardson wrote: > > Viktor Dukhovni wrote: > >> Diversionary issue: > >> > https://www.openssl.org/docs/manmaster/man3/SSL_set_tlsext_host_name.html > >> and: > >> >

Re: Listing TLS 1.3 Ciphers

On Wed, Apr 10, 2019 at 12:13:27PM -0400, Dennis Clarke wrote: > On 4/10/19 7:37 AM, Richard Moore wrote: > >Hi All, > > > >I haven't found a way to list the supported openssl ciphers from the > >command line (i.e. get the list of potential values for -ciphersuites). I > >understand that currently

Re: Removing Extensions from Client Hello Header

On Mon, Nov 11, 2019 at 12:32:22PM -0700, Phil Neumiller wrote: > I am speaking TLS 1.3 with openssl to a hardware device that I can't change. > I need the client hello header to only support certain extensions, yet I > see no way in the SSL API to remove the default extensions in the TLS 1.3 >

Re: Removing Extensions from Client Hello Header

On Tue, Nov 12, 2019 at 01:13:49PM -0700, Phil Neumiller wrote: > Thanks for all the useful device. I was able to get the server to accept > this client hello message. If you're willing/able to share, it can be useful for us to know what products are buggy in that they don't implement extensions

Re: Removing Extensions from Client Hello Header

On Tue, Nov 12, 2019 at 03:08:19PM -0700, Phil Neumiller wrote: > I find the comment below about TLS 1.3 troubling. [...] > */* > * TODO(TLS1.3): These APIs cannot set TLSv1.3 sig algs so we just test > it > * for TLSv1.2 for now until we add a new API. > */* >

Re: Should SSL_get_servername() depend on SNI callback (no-)ACK?

There's some (additional?) discussion on this topic in https://github.com/openssl/openssl/pull/10018 . A couple comments inline, though... On Tue, Oct 22, 2019 at 02:30:37PM +0200, Yann Ylavic wrote: > Hi, > > in master (and 1.1.1), SSL_get_servername() returns either >

Re: SNI disable by default on 1.0 and 1.1.0?

On Mon, Dec 02, 2019 at 09:05:33PM +0100, aeris wrote: > Hello here, > > I try to compile 1.0.2t and 1.1.0l, but I notice SNI seems disabled by > default, when it's enabled by default on 1.1.1d… Please specify whether you are concerned about the s_client behavior specifically or the libssl

Re: debian openssh issue with openssl 1.1.1d

On Tue, Oct 08, 2019 at 05:23:56AM -0400, Michael Richardson wrote: > Salvatore Bonaccorso wrote: > > > - > > Debian Security Advisory DSA-4539-2 > secur...@debian.org > >

Re: SSL_set_client_CA_list(ssl, NULL) problem?

Sorry for the very late response... On Sun, Nov 24, 2019 at 12:05:34PM +0100, Claus Assmann wrote: > Seems it is impossible to override the list with NULL for SSL, as > the code will then use the list from CTX (if my limited understanding > of the code is correct): > > STACK_OF(X509_NAME)

Re: Regression in 1.1.1 against 1.1.0 in SSL_CTX_new

On Thu, Apr 16, 2020 at 09:41:23PM +0200, Harald Koch wrote: > Am 16.04.2020 um 17:54 schrieb Tomas Mraz : > > > > error queue of openSSL stays empty. The same code works with > >> openSSL with gzip support („./config enable-zlib ...“, for support of > >> compressed SMIME contents in other

Re: empty directory in the 1.1.1 series release tags

On Tue, Apr 21, 2020 at 10:08:39AM -0700, Quanah Gibson-Mount wrote: > The OpenSSL release tags contain an empty directory "krb5" that does not > exist in the release tarball. This is annoying because when I go to merge > release tags, I constantly get the following: > > CONFLICT

Re: empty directory in the 1.1.1 series release tags

On Tue, Apr 21, 2020 at 10:19:28AM -0700, Quanah Gibson-Mount wrote: > --On Tuesday, April 21, 2020 11:16 AM -0700 Benjamin Kaduk > wrote: > > > The 'krb5' entry in git is a submodule, used for the external tests. > > It's removed while preparing release tarballs, but I'm

Re: How to disable renegation before compiling openssl

On Tue, Apr 21, 2020 at 09:57:02PM +0200, Mark Windshield wrote: > Hello, > > I was wondering what I'd have to change in the openssl code/config before > compiling to have renegation disabled by default, so it won't send the > Cipher Suite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff) when using

Re: OpenSSL Security Advisory

On Tue, Apr 21, 2020 at 12:46:43PM -0700, Sam Roberts wrote: > The announcement claims that this affects SSL_check_chain(). > > Is that an exhaustive list? If an application does NOT call that > function, does this mean the vulnerability is not exploitable? That is correct (speaking only in

Re: opensssl 1.1.1g test failure(s)

On Tue, Apr 21, 2020 at 07:22:38PM +0200, Claus Assmann wrote: > Note sure whether this is already known (a search didn't bring up > anything meaningful): > > ../test/recipes/80-test_ssl_old.t .. > Dubious, test returned 1 (wstat 256, 0x100) > Failed 1/6 subtests > Test Summary

Re: SSL_CTX_set_ssl_version changes security level

On Tue, May 12, 2020 at 05:22:29AM +0900, NAKANO Takuho wrote: > 2020年5月12日(火) 0:31 Benjamin Kaduk : > > > OS-vendor customization > > Thank you. That's very helpful. I get how to configure (but don't know > why...). > > On CentOS 8: > First result of SSL_

Re: openssl 3 alpha 1 test failures on AIX

On Wed, May 06, 2020 at 05:22:17PM -0700, Norm Green wrote: > All tests on AIX fail like this.  Is this a known issue?  What debugging > information is needed?  Should I open an issue on github? > > Also note I had to set LD_LIBRARY_PATH to the SSL build directory to get the > tests to run at

Re: SSL_CTX_set_ssl_version changes security level

On Mon, May 11, 2020 at 05:01:27PM +0900, NAKANO Takuho wrote: > Hello, > > I've found SSL_CTX_set_ssl_version changes security level: > > = > int main(void){ > int i; > struct ssl_ctx_st *ctx = SSL_CTX_new(SSLv23_method()); > > printf("seclevel: %d\n",

Re: resumption problem

On Mon, Mar 23, 2020 at 11:46:43PM +, Jeremy Harris wrote: > OpenSSL 1.1.1 on Centos 8 > Ticket-based resumption > > > I'm getting a repeatable error from a client call to SSL_connect() > of "14228044:SSL routines:construct_ca_names:internal error". > > Packet capture shows an Alert being

  1   2   >