Re: EVP_CIPHER_CTX_copy() segv with XTS
Hi Peter, Are you facing any issues similar to http://rt.openssl.org/Ticket/Display.html?user=guestpass=guestid=3272 ? or are just commenting on the previous GCM fix? A quick look at the EVP_AES_XTS_CTX suggests that the only pointer in there is (*stream) which points to the function which is responsible for doing encryption/decryption and should be safe to copy to the new CTX On Mon, Jun 30, 2014 at 9:42 AM, Peter Waltenberg pwal...@au1.ibm.com wrote: This appears to be the same 'pattern' error as GCM. For XTS ctx- cipher_data contains pointers and the contents are aren't being fully duplicated by the copy. Peter __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: SSLv2 SSLv3
- Original Message - From: Kurt Roeckx k...@roeckx.be To: openssl-dev@openssl.org Sent: Saturday, 28 June, 2014 8:05:21 PM Subject: Re: SSLv2 SSLv3 The most recent stats about servers I know about is: https://lists.fedoraproject.org/pipermail/security/2014-April/001810.html There are newer from June: https://lists.fedoraproject.org/pipermail/security/2014-June/001945.html (it looks though like enabling SNI made SSLv2 sites drop off, I'll see if I can do something about it next month) And a bit older from May: https://lists.fedoraproject.org/pipermail/security/2014-May/001853.html But as Steven said, SSLv2 won't be enabled client or server side if the default cipher order is not modified to include SSLv2 ciphers so there is limited gain in disabling SSLv2. As far as misconfigured servers go, single DES and export grade ciphers are much, much more common problem at 20% and 15% respectively. -- Regards, Hubert Kario Quality Engineer, QE BaseOS Security team Email: hka...@redhat.com Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: EVP_CIPHER_CTX_copy() segv with XTS
Test code suggests it segv's. XTS128_CONTEXT contains a couple of pointers to expanded AES keys, the expanded keys and the pointers inside the XTS128_CONTEXT are copied, but if the original context has gone away by the time the copy is used the pointers are to disposed of data. Game over. Something like this is probably the fix. static int aes_xts_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) { EVP_AES_XTS_CTX *xctx = c-cipher_data; switch(type) { case EVP_CTRL_INIT: /* key1 and key2 are used as an indicator both key and IV are set */ xctx-xts.key1 = NULL; xctx-xts.key2 = NULL; return 1; default: return -1; case EVP_CTRL_COPY: { EVP_CIPHER_CTX *out = ptr; EVP_AES_XTS_CTX *xctx_out = out-cipher_data; xctx_out-xts.key1 = (xctx_out-ks1); xctx_out-xts.key2 = (xctx_out-ks2); } return 1; } } ...#define XTS_FLAGS(EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CUSTOM_IV \ | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \ | EVP_CIPH_CUSTOM_COPY) Pete -owner-openssl-...@openssl.org wrote: - To: openssl-dev@openssl.orgFrom: Huzaifa SidhpurwalaSent by: owner-openssl-...@openssl.orgDate: 06/30/2014 07:19PM Subject: Re: EVP_CIPHER_CTX_copy() segv with XTS Hi Peter,Are you facing any issues similar to http://rt.openssl.org/Ticket/Display.html?user=guestpass=guestid=3272 ? or are just commenting on the previous GCM fix? A quick look at the EVP_AES_XTS_CTX suggests that the only pointer in there is (*stream) which points to the function which is responsible for doing encryption/decryption and should be safe to copy to the new CTX On Mon, Jun 30, 2014 at 9:42 AM, Peter Waltenberg pwal...@au1.ibm.com wrote: This appears to be the same 'pattern' error as GCM. For XTS ctx- cipher_data contains pointers and the contents are aren't being fully duplicated by the copy.Peter__ OpenSSL Project http://www.openssl.orgDevelopment Mailing List openssl-dev@openssl.orgAutomated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #2291] [PATCH 3/3] engine/padlock: implement sha1/sha224/sha256 acceleration
Seems this patch was 'taken' recently. I have few bugs fixed in the Padlock patch series. And versions against multiple major versions. The latest version of this specific patch is at: http://git.alpinelinux.org/cgit/aports/plain/main/openssl/0003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch - Timo On Wed, 9 Jun 2010 15:51:00 +0200 (CEST) Timo Teräs via RT r...@openssl.org wrote: Limited support for VIA C7 that works only when EVP_MD_CTX_FLAG_ONESHOT is used appropriately (as done by EVP_Digest, and my previous HMAC patch). Full support for VIA Nano including partial transformation. Benchmarks from VIA Nano 1.6GHz, done with including the previous HMAC and apps/speed patches done. From single run, error margin of about 100-200k. No padlock type 16 bytes 64 bytes256 bytes 1024 bytes 8192 bytes sha1 20057.60k51514.05k99721.39k 130167.81k 142811.14k sha2567757.72k16907.18k28937.05k 35181.23k37568.51k hmac(sha1)8582.53k27644.69k 70402.30k 114602.67k 140167.85k With the patch sha1 37713.77k 114562.71k 259637.33k 379907.41k 438818.13k sha256 34262.86k 103233.75k 232476.07k 338386.60k 389860.01k hmac(sha1)8424.70k31475.11k 104036.10k 245559.30k 406667.26k --- engines/e_padlock.c | 596 +++ 1 files changed, 553 insertions(+), 43 deletions(-) diff --git a/engines/e_padlock.c b/engines/e_padlock.c index 381a746..2f8c72a 100644 --- a/engines/e_padlock.c +++ b/engines/e_padlock.c @@ -3,6 +3,9 @@ * Written by Michal Ludvig mic...@logix.cz *http://www.logix.cz/michal * + * SHA support by Timo Teras timo.te...@iki.fi. Portions based on + * code originally written by Michal Ludvig. + * * Big thanks to Andy Polyakov for a help with optimization, * assembler fixes, port to MS Windows and a lot of other * valuable work on this engine! @@ -74,12 +77,23 @@ #ifndef OPENSSL_NO_AES #include openssl/aes.h #endif +#ifndef OPENSSL_NO_SHA +#include openssl/sha.h +#endif #include openssl/rand.h #include openssl/err.h #ifndef OPENSSL_NO_HW #ifndef OPENSSL_NO_HW_PADLOCK +/* PadLock RNG is disabled by default */ +#define PADLOCK_NO_RNG 1 + +/* No ASM routines for SHA in MSC yet */ +#ifdef _MSC_VER +#define OPENSSL_NO_SHA +#endif + /* Attempt to have a single source for both 0.9.7 and 0.9.8 :-) */ #if (OPENSSL_VERSION_NUMBER = 0x00908000L) # ifndef OPENSSL_NO_DYNAMIC_ENGINE @@ -140,58 +154,40 @@ static int padlock_available(void); static int padlock_init(ENGINE *e); /* RNG Stuff */ +#ifndef PADLOCK_NO_RNG static RAND_METHOD padlock_rand; - -/* Cipher Stuff */ -#ifndef OPENSSL_NO_AES -static int padlock_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid); #endif /* Engine names */ static const char *padlock_id = padlock; static char padlock_name[100]; -/* Available features */ -static int padlock_use_ace = 0; /* Advanced Cryptography Engine */ -static int padlock_use_rng = 0;/* Random Number Generator */ -#ifndef OPENSSL_NO_AES -static int padlock_aes_align_required = 1; -#endif +static int padlock_bind_helper(ENGINE *e); -/* = Engine management functions = */ - -/* Prepare the ENGINE structure for registration */ -static int -padlock_bind_helper(ENGINE *e) -{ - /* Check available features */ - padlock_available(); - -#if 1/* disable RNG for now, see commentary in vicinity of RNG code */ - padlock_use_rng=0; -#endif - - /* Generate a nice engine name with available features */ - BIO_snprintf(padlock_name, sizeof(padlock_name), - VIA PadLock (%s, %s), - padlock_use_rng ? RNG : no-RNG, - padlock_use_ace ? ACE : no-ACE); + /* Available features */ +enum padlock_flags { + PADLOCK_RNG = 0x01, + PADLOCK_ACE = 0x02, + PADLOCK_ACE2 = 0x04, + PADLOCK_PHE = 0x08, + PADLOCK_PMM = 0x10, + PADLOCK_NANO = 0x20, +}; +enum padlock_flags padlock_flags; - /* Register everything or return with an error */ - if (!ENGINE_set_id(e, padlock_id) || - !ENGINE_set_name(e, padlock_name) || +#define PADLOCK_HAVE_RNG (padlock_flags PADLOCK_RNG) +#define PADLOCK_HAVE_ACE (padlock_flags (PADLOCK_ACE|PADLOCK_ACE2)) +#define PADLOCK_HAVE_ACE1 (padlock_flags PADLOCK_ACE) +#define PADLOCK_HAVE_ACE2 (padlock_flags PADLOCK_ACE2) +#define PADLOCK_HAVE_PHE (padlock_flags PADLOCK_PHE) +#define PADLOCK_HAVE_PMM (padlock_flags PADLOCK_PMM) +#define PADLOCK_HAVE_NANO (padlock_flags PADLOCK_NANO) - !ENGINE_set_init_function(e, padlock_init) || #ifndef OPENSSL_NO_AES - (padlock_use_ace !ENGINE_set_ciphers (e, padlock_ciphers)) || +static int padlock_aes_align_required = 1; #endif - (padlock_use_rng !ENGINE_set_RAND (e,
Re: [openssl.org #1392] OpenSSL 0.9.7k build fails missing poll.h
please let me out On Sun, Jun 29, 2014 at 5:55 PM, Rich Salz via RT r...@openssl.org wrote: old release, old platform, closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: EVP_CIPHER_CTX_copy() segv with XTS
On Mon, Jun 30, 2014, Huzaifa Sidhpurwala wrote: Hi Peter, Are you facing any issues similar to http://rt.openssl.org/Ticket/Display.html?user=guestpass=guestid=3272 ? or are just commenting on the previous GCM fix? A quick look at the EVP_AES_XTS_CTX suggests that the only pointer in there is (*stream) which points to the function which is responsible for doing encryption/decryption and should be safe to copy to the new CTX GCM, CCM and XTS have similar problems in fact the GCM patch doesn't address these. Looking into a more complete fix now. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: EVP_CIPHER_CTX_copy() segv with XTS
On Mon, Jun 30, 2014, Dr. Stephen Henson wrote: On Mon, Jun 30, 2014, Huzaifa Sidhpurwala wrote: Hi Peter, Are you facing any issues similar to http://rt.openssl.org/Ticket/Display.html?user=guestpass=guestid=3272 ? or are just commenting on the previous GCM fix? A quick look at the EVP_AES_XTS_CTX suggests that the only pointer in there is (*stream) which points to the function which is responsible for doing encryption/decryption and should be safe to copy to the new CTX GCM, CCM and XTS have similar problems in fact the GCM patch doesn't address these. Looking into a more complete fix now. Should be fixed now. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
RE: [openssl.org #3413] OpenSSL Bug Report Submission - related to #3376
Thanks, for your reply Dr. Henson. I'll stick with the hourly snapshots from now on. J. Jeff Clemmer IT Specialist Phone: 434-980-7525 Email: john.j.clemmer4@mail.mil -Original Message- From: Stephen Henson via RT [mailto:r...@openssl.org] Sent: Saturday, June 28, 2014 1:58 PM To: Clemmer, John J CIV (US) Cc: openssl-dev@openssl.org Subject: [openssl.org #3413] OpenSSL Bug Report Submission - related to #3376 On Sat Jun 28 17:21:39 2014, john.j.clemmer4@mail.mil wrote: OpenSSL Development Team, My attempts to compile OpenSSL v.1.0.0m on the day of its release as well as last night both resulted in the same error, whereby INT_MAX is used before it is declared in ssl/s3_pkt.c on line 586. Researching this error, I found a discussion among some of your developers, who experienced the same issue during their own compilation attempts. They created a bug report at http://rt.openssl.org/Ticket/Display.html?id=3376. The ticket was marked as resolved on 5.6.2014; however, I again downloaded the source from openssl.org last night and examined ssl/s3_pkt.c. I observed that the limits.h include statement is still omitted, thus producing the compilation error. The source of a specific version of OpenSSL does not change. So it's not surprising that the bug is still in 1.0.0m When a bug is fixed it will normally appear in the next release. There hasn't been one since 1.0.0.m so the fix isn't in an official release yet. Before then you can download nightly snapshots which will include the fix or obtain sources from the git repository. See: https://www.openssl.org/source/ Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: SSLv2 SSLv3
On Mon, Jun 30, 2014, Hubert Kario wrote: As far as misconfigured servers go, single DES and export grade ciphers are much, much more common problem at 20% and 15% respectively. The security levels code also addresses that. By default any ciphersuite offering below 80 bits of equivalent security is disabled along with SSLv2. That includes single DES and all export ciphersuites. It's also not something which can be reenabled by accident either. Even if a cipher list is set to ALL those still get disabled: the only way to reenable them is to set the security level to zero as well. Support is unfortunately only in master at present though. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
RE: [openssl.org #3413] OpenSSL Bug Report Submission - related to #3376
Thank you, Mr. Roeckx. J.J. Clemmer -Original Message- From: Kurt Roeckx via RT [mailto:r...@openssl.org] Sent: Saturday, June 28, 2014 2:43 PM To: Clemmer, John J CIV (US) Cc: openssl-dev@openssl.org Subject: Re: [openssl.org #3413] OpenSSL Bug Report Submission - related to #3376 On Sat, Jun 28, 2014 at 05:21:40PM +0200, Clemmer, John J CIV via RT wrote: OpenSSL Development Team, My attempts to compile OpenSSL v.1.0.0m on the day of its release as well as last night both resulted in the same error, whereby INT_MAX is used before it is declared in ssl/s3_pkt.c on line 586. The problem is solved. There just wasn't a released with the fix yet. Kurt __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: Openssl 20140630 packages showing error
On Mon, Jun 30, 2014 at 03:06:35PM +0200, Dr. Stephen Henson wrote: On Sun, Jun 29, 2014, The Doctor wrote: This was not an issue in 20140629 [snip] Please fix. Should be fixed now thanks for the report. In future it would help if you indicated which version of OpenSSL snapshots had the problem. When I saw 20140629 I thought it must be a problem with the master branch and spent a while trying to reproduce it whereas it was in fact 1.0.2. Please note the word not. I will try again tonight. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org -- Member - Liberal International This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Victory attained by violence is tantamount to a defeat, for it is momentary. -Mahatma Gandhi __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #891] Openssl Seg Fault
old version, can't reproduce. please open a new ticket if this is still an issue. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #919] /bin/sh: line 1: cd: crypto: No such file or directory----make: *** [sub_all] Error 1
Old issue, cannot reproduce, please open a new ticket if this is still a problem. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1000] OpenSSL 0.9.7e fails RIPEMD160 on Sparc64
Old platform, old release, old problematic compiler. Closing this ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1202] Problem on OpenSSL 0.9.8 with Apache2
Old issue, can't reproduce, closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1301] OpenSSL 0.9.7i shared build fails
When the original submitter writes On my old Linux box... back in 2007, you know it's old. :) Old release, old platform, closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1303] OpenSSL 0.9.8a build fails
Old release, old platform, closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1199] OpenSSL
Sorry for the delay in getting back to you. No, we don't support EPF files. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1206] FTP USER Authentication
Very old release. Seems to be a user misunderstanding; DES output isn't text, it's binary. And DES shouldn't be used these days anyway, :) __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1278] Bug Report: gmake test fails for OpenSSL 0.9.7j-fips-dev
Very old release, no longer suppported, closing the ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1339] mkdef.pl loops
Hey Peter, is that Perl or line noise? :) Really old release, assume we fixed the problem, please open a new ticket if still broken. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1337] Bug: Crash in openssl0.9.8b in obj_name_cmp
Old release, can't reproduce, assume we've fixed this. Please open a ticket if still a problem. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1356] a make test problme of openssl
Old ticket, can't reproduce, closing. Please open a new ticket if this is still an issue. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: SSLv2 SSLv3
On Po, 2014-06-30 at 15:19 +0200, Dr. Stephen Henson wrote: On Mon, Jun 30, 2014, Hubert Kario wrote: As far as misconfigured servers go, single DES and export grade ciphers are much, much more common problem at 20% and 15% respectively. The security levels code also addresses that. By default any ciphersuite offering below 80 bits of equivalent security is disabled along with SSLv2. That includes single DES and all export ciphersuites. It's also not something which can be reenabled by accident either. Even if a cipher list is set to ALL those still get disabled: the only way to reenable them is to set the security level to zero as well. Support is unfortunately only in master at present though. Would it be possible to get it to 1.0.2? Or is that already closed for enhancements? Or does it break ABI compatibility? -- Tomas Mraz No matter how far down the wrong road you've gone, turn back. Turkish proverb (You'll never know whether the road is wrong though.) __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
openssl-1.0.1h - Issue with openssl tool as s_server
Hello Everyone, I am running into a problem, where each connection seems to leak hundreds of file descriptors under the server process. I am a freshy to this group. Have anyone run into this, or I am the lucky. Thanks --GG server: openssl s_server -engine cryptodev -key /tmp/ssl/private/MyServerKey.pem -cert /tmp/ssl/certs/server.pem -accept 6009 Client: = openssl s_client -engine cryptodev -tls1 -connect localhost:6009 Debug: = #ps -ef | grep openssl # root 2398 5794 0 10:24 pts/100:00:00 openssl s_server -engine cryptodev -key /tmp/ssl/private/MyServerKey.pem -cert /tmp/ssl/certs/server.pem -accept 6009 root 2955 5884 0 10:31 pts/200:00:00 grep openssl root@gg:~# ls -l /proc/5794/fd | wc -l 4 root@gg:~# ls -l /proc/5794/fd lrwx--1 root root 64 Jun 27 10:31 0 - /dev/pts/1 lrwx--1 root root 64 Jun 27 10:31 1 - /dev/pts/1 lrwx--1 root root 64 Jun 27 10:31 10 - /dev/tty lrwx--1 root root 64 Jun 26 14:54 2 - /dev/pts/1 root@gg:~# ls -l /proc/2398/fd lrwx--1 root root 64 Jun 27 10:32 0 - /dev/pts/1 lrwx--1 root root 64 Jun 27 10:32 1 - /dev/pts/1 lrwx--1 root root 64 Jun 27 10:25 2 - /dev/pts/1 lrwx--1 root root 64 Jun 27 10:32 3 - /dev/crypto lrwx--1 root root 64 Jun 27 10:32 4 - socket:[1605681] lrwx--1 root root 64 Jun 27 10:32 5 - /dev/crypto lrwx--1 root root 64 Jun 27 10:32 6 - socket:[1605682] root@gg:~# ps -ef | grep openssl root 8252 5794 0 11:36 pts/100:00:00 openssl s_server -engine cryptodev -key /tmp/ssl/private/MyServerKey.pem -cert /tmp/ssl/certs/server.pem -accept 6009 root 8253 5767 0 11:36 pts/000:00:00 openssl s_client -engine cryptodev -tls1 -connect localhost 6009 root 8267 5884 0 11:36 pts/200:00:00 grep openssl root@gg:~# ls -l /proc/8252/fd lrwx--1 root root 64 Jun 27 11:36 0 - /dev/pts/1 lrwx--1 root root 64 Jun 27 11:36 1 - /dev/pts/1 lrwx--1 root root 64 Jun 27 11:36 10 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 100 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 101 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 102 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 103 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 104 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 105 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 106 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 107 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 108 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 109 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 110 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 111 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 112 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 113 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 114 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 115 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 116 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 117 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 118 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 119 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 12 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 120 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 121 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 122 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 123 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 124 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 125 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 126 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 127 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 128 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 129 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 13 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 130 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 131 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 132 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 133 - /dev/crypto lrwx--1 root root 64 Jun 27 11:36 134 - /dev/crypto lrwx--1 root root 64
Re: EVP_CIPHER_CTX_copy() segv with XTS
On Mon, Jun 30, 2014 at 5:01 PM, Dr. Stephen Henson st...@openssl.org wrote: On Mon, Jun 30, 2014, Huzaifa Sidhpurwala wrote: Hi Peter, Are you facing any issues similar to http://rt.openssl.org/Ticket/Display.html?user=guestpass=guestid=3272 ? or are just commenting on the previous GCM fix? A quick look at the EVP_AES_XTS_CTX suggests that the only pointer in there is (*stream) which points to the function which is responsible for doing encryption/decryption and should be safe to copy to the new CTX GCM, CCM and XTS have similar problems in fact the GCM patch doesn't address these. Looking into a more complete fix now. Exactly, i was thinking of working on a patch to address this, should be done soon i suppose :) Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: EVP_CIPHER_CTX_copy() segv with XTS
On Mon, Jun 30, 2014, Huzaifa Sidhpurwala wrote: On Mon, Jun 30, 2014 at 5:01 PM, Dr. Stephen Henson st...@openssl.org wrote: On Mon, Jun 30, 2014, Huzaifa Sidhpurwala wrote: Hi Peter, Are you facing any issues similar to http://rt.openssl.org/Ticket/Display.html?user=guestpass=guestid=3272 ? or are just commenting on the previous GCM fix? A quick look at the EVP_AES_XTS_CTX suggests that the only pointer in there is (*stream) which points to the function which is responsible for doing encryption/decryption and should be safe to copy to the new CTX GCM, CCM and XTS have similar problems in fact the GCM patch doesn't address these. Looking into a more complete fix now. Exactly, i was thinking of working on a patch to address this, should be done soon i suppose :) Already done. Let me know of any problems. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #790] [patch] support shared library on oler version of AIX4
If the subject line says older AIX and that was 11 years ago... closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #802] Re: OS/2 Build of SSL on 0.9.7c
OS/2 is not a supported platform, closing the ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #830] Bug Report (Building without HMAC)
Not a requirement; HMAC needed. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1315] [PATCH] OpenSSL FIPS 1.0 - AIX 4.3.3 AIX 5.x w/GCC
Very old release; old unsupported platform, closing the ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1210] Bug: CRL and Certificates
It's not immediately obvious, but enforcement of the keyUsage and other attributes is something the relying party has to do. Anything else means just trusting the signer, and that is not secure; how do you konw the signer is not cheating? __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1275] HPUX 11.x linker error
Very old release, unsupported platform, ticket is seven years old. Closing it. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1366] patch to use docbook instead of pods
Were these done manually or were there scripts? If scripts, we'd like to see them as we're thinking about the POD format. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1360] critical extension id-pe-qcStatements as per RFC 3039 not supported
This seems like something for a custom app. But if I'm wrong, please re-open the ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1404] make test in 0.9.7i fails on Mac OS X Intel
Very old release, old platform, old ticket; closing it. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1413] v0.9.7l: some comments
I believe all of these things already exist in the current source. If not, please file a new ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1478] BUG: Compile error on AIX 4.3 with zlib and IBM C-Compiler
Very old releases, unsupported platforms, closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1461] Bug: EXPORT56 ciphers no longer exist
Old crypto policy. Closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1524] Bug with RSA cerficates/keys longer than 1024 bits
Six years old, can't reproduce, no info given... closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1527] bug report - interop between TLS 1.1 and TLS 1.0 is not working
Can't reproduce. Very old versions. No additional info provided. Closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1561] Typos in the OpenSSL license
That's the copyright we got, and we're not allowed to change it. Perhaps a rouine is a strange Australian fruit or vegetable? Closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1565] [PATCH] New port for the iSeries (AS/400) for version 0.9.8e
Very old release, unsupported platform. Closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1597] OpenSSL 0.9.8g on gentoo Alpha Linux
Very old release. Unsupported platform. But a cool chip. Nonetheless, closing the ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1610] OS400 patches
Very old release, unsupported platform. Closing ticket. G'day, mate. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #3397]
I think the above patch is good, but incomplete. (As a niggle, it uses jl, which I think is correct because the argument is signed, but the rest of the file is using jb. The best answer would be to fix the file to use jl before applying it, but I've used jb for consistency below.) Once the crash is fixed, the code still accesses out of bounds of the modulus when the modulus is a single limb because modulus[1] is accessed unconditionally. Depending on the phase of the moon, that might crash the address space. I've fixed that in the attached and have included a test case. (The patch to bn_test.c will need to be applied manually but that's simple.) However, even with that fix there's still and out-of-bounds access of the precomputed table in bn_mul_mont_gather5. This leads to the wrong result being calculated. This only affects cases where the modulus is = 312 bits because that leads to a window size of 5 and the mont5 code being used. Sadly, that code is too odd for me to figure out what it's doing so I don't have a patch for that. Cheers AGL patch Description: Binary data
[openssl.org #1654] OpenSSL Build errors in Windows XP Professional
Old release, unsupported platform. Closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1657] FW: Port to AIX
Very old release, unsupported platform, closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1620] [PATCH] - OS390-Unix (EBCDIC) 0.9.8e
Very old release, unsupported platform, closing ticket. Long live big iron! __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1621] [PATCH] - OS390-Unix (EBCDIC) 0.9.7m
Very old release, unsupported platform, closing ticket. Long live big iron! __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1655] OpenSSL Build errors in Windows XP Professional
Very old release, unsupported platform, closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1674] bug report - fipsld not working with Solaris 9 sparc (64 bit architecture) for 32 bit shared library creation.
Very old release, unsupported platform, closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1685] [BUG] OpenSSL 0.9.8h cannot be compiled by GCC 4.3.0 on MinGW
Old unsupported release, closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1710] Error when trying to install openssl in Solaris environment
Old release, old platform, cannot reproduce without more information; closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1651] Math website suggestion
No plans at this time. Thanks. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1598] Bug report (OpenSSL 0.9.8g, Windows DLL)
Old release, latest versions believed to work, closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Odd behavior out of openssl 1.0.1h
After upgrading to OpenSSL 1.0.1h, I've found now that when initiating startTLS connections to a system linked to OpenSSL 1.0.1h, it always tries to do certificate auth with the client. This causes a lot of failures, for example with postfix. I.e., I initiate a connection to port 587 on the postfix server with startTLS. Before I even get to the stage of authenticating as a user, it tries SSL cert auth, and drops the client due to unknown CA, which, if I were trying to do cert auth would make sense, but I'm not trying to do cert auth at all, I'm just trying to connect to the port. Is this a known bug in 1.0.1h? Any suggestions on how to turn off this sudden new bit to always try cert auth, regardless of whether or not it is desired? Thanks! --Quanah -- Quanah Gibson-Mount Server Architect Zimbra, Inc. Zimbra :: the leader in open source messaging and collaboration __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1811] bug report: unused variable in X509_print_ex() function?
Some unknown hero did this awhile ago. Perhaps it was ... the Batman? :) __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1792] 0.9.8h failing to build with VS2006
very old release, old platform, closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1770] 'make test' failure for OpenSSL 9.8g
Very old release, can't reproduce this. If it is still happening, PLEASE open a new ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1745] bug report: openssl-0.9.8i breaks build of wine-0.9.60
Very old release, can't reproduct, closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1812] the openssl build environment is broken
We are not going to do the ideas in this ticket, but we will be improving the build system. Or at least changing it a bit :) __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1824] Error openssl 0.9.8h
Very old release, can't reproduce, closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1855] bug report: make test fail on x86-64 and intel c compiler
We're pretty sure things compile now .:) __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1869] make fails
Very old release, unsuported platform. Closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1879] 1.0.0-beta1 failure on Solaris 10 (-lsocket)
Very old release, unsupported platform, closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1881] Compile Failure: openssl-1.0.0-beta1 (IRIX)
Very old release, since fixed, no doubt. Closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1903] Re: OpenSSL 1.0.0 beta 2 released - OS/2 problems - openssl-1.0.0-beta2.diff [1/1]
Very old release, unsupported platform. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1906] Bug Report - openssl-0.9.8k unable to build on Win XP
Very old release, old platform and toolchain, closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1884] OpenSSL 1.0.0 beta 1 failure on RH7
Very old release, No doubt fixed by now. Closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1908] openssl 0.9.8k patch for interix
Very old release, unsupported platform, closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1920] Openssl 0.9.8k
Very old release, closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1918] Can‘t extract 0.9.6x correctly on windows
Very old release, not supported. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1926] Bug report for openssl 0.9.8k
Old release, closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1913] openssl 0.9.8k can't be build when using ccache
Very old release. If this is still an issue with the 1.0.x releases, please open a new ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1977] Make openssl 0.9.8k for Mingw
Old unsupported release. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1979] Add uClibc support
Unsupported platform. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1983] make -n install fails (version 1.0.0 beta snapshot)
Fixed some time ago. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1986] OpenSSL 0.9.8k make test failure
Old release, not supported. Closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1934] Enhancement request: openssl-0.9.8k Solaris CC flags
Old unsupported release, unsupported toolchain. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1932] make test failed (OpenSSL 0.9.8g)
Old unsupported release __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2143] Bug Report openssl-0.9.8l
Unsupported platform, can't reproduce, closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2154] OpenSSL 0.9.8 on UnixWare
Old release, unsupported platform. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2153] OpenSSL 1.0.0 on UnixWare
Old release, unsupported platform, closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: Windows mingw status for snapshot-20140630 is KO
Hi Didier, Which Configure options do you use ? Are you using MSYS and mingw ? As far as I know the compiler flag NO_SYS_UN_H should be set on Windows platforms, which should prevent that error from occurring. Peter On 1-07-2014 07:14, dcrue...@qualitesys.com wrote: Hello openssl-SNAP-20140630 make ko in apps/speed.c:318:4 warning: format '%d' expects argument of type 'init', but argument 3 has type 'DWORD' : BIO_printf(bio_err, unable do CreateThread (%d),ret); in apps/s_socket.c in function 'init_client_unix', storage size of 'them' isn't known not configured as windows it seems Question : how is this snapshot handled ? Didier __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #1979] Add uClibc support
I’m confused: uClibc isn’t a platform, it’s a run-time environment (i.e. the C library). On Jun 30, 2014, at 4:25 PM, Rich Salz via RT r...@openssl.org wrote: Unsupported platform. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #1979] Add uClibc support
On Tue, Jul 01, 2014 at 12:25:00AM +0200, Rich Salz via RT wrote: Unsupported platform. Not having read the ticket, uClibc and newlib might be useful to support if possible since they're popular for embedded devices. Kurt __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: Odd behavior out of openssl 1.0.1h
--On Monday, June 30, 2014 3:58 PM -0700 Quanah Gibson-Mount qua...@zimbra.com wrote: After upgrading to OpenSSL 1.0.1h, I've found now that when initiating startTLS connections to a system linked to OpenSSL 1.0.1h, it always tries to do certificate auth with the client. This causes a lot of failures, for example with postfix. Never mind, I tracked it down to an oddity with the Perl module I am using. ;) --Quanah -- Quanah Gibson-Mount Server Architect Zimbra, Inc. Zimbra :: the leader in open source messaging and collaboration __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
RE: [openssl.org #1979] Add uClibc support
Platform in the h/w and s/w sense, not just hardware. -- Principal Security Engineer Akamai Technologies, Cambridge, MA IM: rs...@jabber.me; Twitter: RichSalz -Original Message- From: owner-openssl-...@openssl.org [mailto:owner-openssl- d...@openssl.org] On Behalf Of Philip A. Prindeville via RT Sent: Monday, June 30, 2014 6:34 PM Cc: openssl-dev@openssl.org Subject: Re: [openssl.org #1979] Add uClibc support I’m confused: uClibc isn’t a platform, it’s a run-time environment (i.e. the C library). On Jun 30, 2014, at 4:25 PM, Rich Salz via RT r...@openssl.org wrote: Unsupported platform. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
RE: [openssl.org #1979] Add uClibc support
Feel free to re-open :) -- Principal Security Engineer Akamai Technologies, Cambridge, MA IM: rs...@jabber.me; Twitter: RichSalz -Original Message- From: owner-openssl-...@openssl.org [mailto:owner-openssl- d...@openssl.org] On Behalf Of Kurt Roeckx via RT Sent: Monday, June 30, 2014 6:48 PM To: phil...@redfish-solutions.com Cc: openssl-dev@openssl.org Subject: Re: [openssl.org #1979] Add uClibc support On Tue, Jul 01, 2014 at 12:25:00AM +0200, Rich Salz via RT wrote: Unsupported platform. Not having read the ticket, uClibc and newlib might be useful to support if possible since they're popular for embedded devices. Kurt __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org :��IϮ��r�m (Z+�7�zZ)���1���x��hW^��^��%�� ��jם.+-1�ځ��j:+v���h�
[openssl.org #648] Spurious SSL handshake interrupt [Hint: Usually just one of those OpenSSL confusions!?]
Very old version, and this is a mod_ssl message. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #694] [PATCH] shared archive support for AIX
Very old release, unsupported old platform. Closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #753] 0.9.6l does not compile on Windows
I'm going to assume that somehow, over the ten year since this was reported, things got better. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #734] SCO5 LIBs
Very old release, unsupported platform, closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #806] 0.9.8 snapshot patches for compilation on Windows
Assume things are better now :) Ten years later, closing the ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #881] i2d_RSAPrivateKey_fp() blows up
Believe the poster was compiling with incompatible threads flags on Windows. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #865] ttls use in openssl
Not a bug, closing the ticket. Hope the original question got an answer :) __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Do *you* know about Mingw and/or DJGPP?
There are several tickets about mingw and djgpp builds breaking, or building software that crashes, and so on. If you can help me understand the current state of things with those toolchains, please drop me a line. Thanks. -- Principal Security Engineer Akamai Technologies, Cambridge, MA IM: rs...@jabber.memailto:rs...@jabber.me; Twitter: RichSalz
[openssl.org #1317] thers is a bug in openssl0.9.8a
Probably more than one :) But it's a very old release, closing the ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1502] openssl 0.9.8a crashes when we try to use SSL URL - embedded montavista linux
Very old release, not supported platform, closing ticket. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org