Bug #1:
The "README.PROBLEMS" file claims that an e-mail address
"[EMAIL PROTECTED]" exists. openssl.org's primary MX thinks
otherwise.
For bugs #2 and #3, refer to the bounced message quoted below.
[...]
----- The following addresses had permanent fatal errors -----
<[EMAIL PROTECTED]>
----- Transcript of session follows -----
... while talking to en5.engelschall.com.:
>>> RCPT To:<[EMAIL PROTECTED]>
<<< 550 <[EMAIL PROTECTED]>... User unknown
550 <[EMAIL PROTECTED]>... User unknown
[...]
Date: Tue, 5 Jan 1999 17:49:45 +0100 (MET)
Message-Id: <[EMAIL PROTECTED]>
From: Bodo Moeller <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Two tiny bugs (openssl-0.9.1c)
The following patches (which I originally created for SSLeay-0.9.0b)
should correct two bugs which survived from SSLeay. Note that I did
not test the changed version of OpenSSL, but I don't think there are
conflicts with other modifications to that part of the source (req.c,
s_server.c).
The first patch fixes an obvious bug in req.c's "-newkey" argument
parser:
*** ../openssl-0.9.1c-ORIG/apps/req.c Tue Jan 5 17:33:41 1999
--- apps/req.c Tue Jan 5 17:35:53 1999
***************
*** 145,150 ****
--- 145,151 ----
int i,badops=0,newreq=0,newkey= -1,pkey_type=0;
BIO *in=NULL,*out=NULL;
int informat,outformat,verify=0,noout=0,text=0,keyform=FORMAT_PEM;
+ int is_numeric;
int nodes=0,kludge=0;
char *infile,*outfile,*prog,*keyfile=NULL,*template=NULL,*keyout=NULL;
EVP_CIPHER *cipher=NULL;
***************
*** 223,233 ****
{
if (--argc < 1) goto bad;
p= *(++argv);
! if ((strncmp("rsa:",p,4) == 0) ||
! ((p[0] >= '0') && (p[0] <= '9')))
! {
pkey_type=TYPE_RSA;
! p+=4;
newkey= atoi(p);
}
else
--- 224,235 ----
{
if (--argc < 1) goto bad;
p= *(++argv);
! is_numeric = (p[0] >= '0') && (p[0] <= '9');
! if ((strncmp("rsa:",p,4) == 0) || is_numeric)
! {
pkey_type=TYPE_RSA;
! if (!is_numeric)
! p+=4;
newkey= atoi(p);
}
else
The second one fixes the list of client CAs that s_server sends to
clients (works only for "-CAfile", not for "-CApath", and only if I
didn't misunderstand SSLeay's API :-) -- currently, the program sends
the server's own certificate:
*** ../openssl-0.9.1c-ORIG/apps/s_server.c Tue Jan 5 17:33:41 1999
--- apps/s_server.c Tue Jan 5 17:34:47 1999
***************
*** 505,511 ****
SSL_CTX_set_cipher_list(ctx,cipher);
SSL_CTX_set_verify(ctx,s_server_verify,verify_callback);
! SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(s_cert_file));
BIO_printf(bio_s_out,"ACCEPT\n");
if (www)
--- 505,511 ----
SSL_CTX_set_cipher_list(ctx,cipher);
SSL_CTX_set_verify(ctx,s_server_verify,verify_callback);
! SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(CAfile));
BIO_printf(bio_s_out,"ACCEPT\n");
if (www)
Bodo M"oller
<[EMAIL PROTECTED]>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
