Re: [openssl-dev] Blog post; changing in email, crypto policy, etc

2018-01-25 Thread Viktor Dukhovni
> On Jan 25, 2018, at 5:11 AM, Richard Levitte wrote: > > This is confusing, and not what was intended. In other words, > openssl-project is *not* a new openssl-dev! If it was, I don't see > why we would even bother making a new list... It is moderated, and won't have

Re: [openssl-dev] Blog post; changing in email, crypto policy, etc

2018-01-24 Thread Viktor Dukhovni
> On Jan 24, 2018, at 1:25 PM, Dr. Matthias St. Pierre > wrote: > > Ok, I didn't know that. If anyone seriously participating on GitHub can > join the moderated openssl-project list then this sounds like a good > replacement for openssl-dev, because that list

Re: [openssl-dev] Blog post; changing in email, crypto policy, etc

2018-01-24 Thread Viktor Dukhovni
> On Jan 24, 2018, at 12:55 PM, Dr. Matthias St. Pierre > wrote: > > As for the two mailing lists openssl-users and openssl-dev: It was always > my understanding that the former was for usability questions starting > from newbie questions up to very sophisticated

Re: [openssl-dev] Blog post; changing in email, crypto policy, etc

2018-01-24 Thread Viktor Dukhovni
> On Jan 24, 2018, at 9:27 AM, Michael Richardson wrote: > >> email clients are designed to handle hundreds to thousands of messages >> a day, Github UI isn't Indeed email is best for informal ad-hoc back and forth threaded discussion, while Github et. al. are for issue

Re: [openssl-dev] Is X509_free(NULL) ok?

2017-12-20 Thread Viktor Dukhovni
> On Dec 20, 2017, at 5:50 PM, Ray Satiro via openssl-dev > wrote: > > 'm trying to figure out whether it's supported to call X509_free(NULL) > in 1.0.2 and beyond. It's not documented what action occurs when the > pointer is null. Also generally speaking is it

Re: [openssl-dev] OpenSSL version 1.0.2n published

2017-12-07 Thread Viktor Dukhovni
> On Dec 7, 2017, at 8:55 AM, OpenSSL wrote: > > OpenSSL - The Open Source toolkit for SSL/TLS > https://www.openssl.org/ > > The OpenSSL project team is pleased to announce the release of > version 1.0.2n of our open source toolkit for SSL/TLS. For details > of

Re: [openssl-dev] Certificate Limitation Profile

2017-11-28 Thread Viktor Dukhovni
On Tue, Nov 28, 2017 at 11:37:35PM +0300, Dmitry Belyavsky wrote: > Thank you. It seems reasonable to add nextUpdate field to > the header of CLP to avoid problems related to using stale CLP. > > I expect that fresh CLPs in most cases are delivered via update procedures > of applications, and

Re: [openssl-dev] Certificate Limitation Profile

2017-11-28 Thread Viktor Dukhovni
On Tue, Nov 28, 2017 at 07:18:48PM +, Blumenthal, Uri - 0553 - MITLL wrote: > I think it makes perfect sense to sign CLP, because it allows you to > separate trust in the server you�re downloading the content from and the > content itself. The problem with "data at rest" signatures is that

Re: [openssl-dev] Contributing to TLS 1.3 - Where to start?

2017-04-04 Thread Viktor Dukhovni
> On Apr 4, 2017, at 3:28 PM, Thiago Arrais wrote: > > Viktor, > > This is related to this message on openssl-users, right? > > https://www.mail-archive.com/openssl-users@openssl.org/msg81251.html Yes. > As I understand this isn't directly related to TLS 1.3. But it

Re: [openssl-dev] Contributing to TLS 1.3 - Where to start?

2017-04-04 Thread Viktor Dukhovni
> On Apr 4, 2017, at 1:09 PM, Matt Caswell wrote: > > Actually I have a suggestion for a fairly small self-contained piece of > work suitable for a starting project. My suggestion would be start with something simpler still, and get used to the format of the documentation,

Re: [openssl-dev] verify depth behavior change from 1.0.2 to 1.1.0?

2017-04-03 Thread Viktor Dukhovni
> On Apr 3, 2017, at 4:26 PM, Benjamin Kaduk wrote: > > There was a fair amount of churn in x509_vfy.c with the inclusion > of the DANE stuff and whatnot, so it's not immediately clear to me > when this change actually happened. I think there are good > arguments for the

Re: [openssl-dev] [Bug] apps: -CApath does not fail for non-directories (on Linux)

2017-03-01 Thread Viktor Dukhovni
> On Mar 1, 2017, at 11:46 AM, Steffen Nurpmeso wrote: > > No, not that i know. But this -- thanks -- lead me to the > following, which is the KISS that you want? > Ciao! > > diff --git a/apps/apps.c b/apps/apps.c > index 216bc797d..3afbbaef2 100644 > --- a/apps/apps.c >

Re: [openssl-dev] [Bug, maybe] [master] bin/* no longer find their libraries if installed in non-default locations

2017-03-01 Thread Viktor Dukhovni
> On Mar 1, 2017, at 11:13 AM, Steffen Nurpmeso wrote: > > $ ldd /home/steffen/usr/opt/.ssl-1.1.0/bin/openssl > ... > libssl.so.1.1 => not found > libcrypto.so.1.1 => not found > > This is new behaviour, until now the installation was always > self-contained when

Re: [openssl-dev] SNI by default in s_client

2017-02-13 Thread Viktor Dukhovni
> On Feb 13, 2017, at 12:32 PM, Viktor Dukhovni <openssl-us...@dukhovni.org> > wrote: > > That said, I don't think that enabling SNI by default *in s_client* is > sufficient cause to motivate such a feature. The s_client command adds > new options from time to time, and

Re: [openssl-dev] SNI by default in s_client

2017-02-13 Thread Viktor Dukhovni
> On Feb 13, 2017, at 12:35 PM, Salz, Rich wrote: > > I think it should be called out in the docs and CHANGES however. Yes, definitely. -- Viktor. -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] SNI by default in s_client

2017-02-13 Thread Viktor Dukhovni
> On Feb 13, 2017, at 12:20 PM, Benjamin Kaduk wrote: > > Perhaps a reasonable compromise would be to ensure that the -noservername > option is accepted (as a noop) in 1.1.0, so that there is a way to > write a script that remains compatible between 1.1.0 and 1.1.1 even if

Re: [openssl-dev] SNI by default in s_client

2017-02-13 Thread Viktor Dukhovni
> On Feb 13, 2017, at 11:13 AM, Matt Caswell wrote: > > I'd like to canvas opinion on this PR: > https://github.com/openssl/openssl/pull/2614 > > At the moment s_client does not add the SNI extension by default. You > have to explicitly ask for it using the "-servername"

Re: [openssl-dev] about enc 'magic' data and salt handling

2017-01-14 Thread Viktor Dukhovni
> On Jan 13, 2017, at 7:50 PM, Tom Francis wrote: > > > The enc command is really just an example, IMO. If you want something that's > useful for production purposes (and even follows standards!), I recommend > looking at the cms command. It'll encrypt, decrypt,

Re: [openssl-dev] Enabling AES-192 ciphers, how to expose DHE-RSA-AES192-GCM-SHA384

2017-01-09 Thread Viktor Dukhovni
On Mon, Jan 09, 2017 at 07:57:43PM +0100, Leonard den Ottolander wrote: > Considering that AES-192 seems to be very resistant against related key > attacks (http://eprint.iacr.org/2009/317) and the algorithm is already > available in the openssl code I am trying to expose the AES-192 > ciphers.

Re: [openssl-dev] Linker error when adding new cipher in crypto folder

2016-12-29 Thread Viktor Dukhovni
> On Dec 29, 2016, at 9:36 PM, Schmicker, Robert > wrote: > > However, as soon as I make a call to my cipher in test.c I get a linker error > and gcc is unable to find any of my functions. Edit util/libcrypto.num and/or util/libssl.num, only the symbols listed there

Re: [openssl-dev] Cross compiling openssl for an old ARM environment - howto?

2016-12-19 Thread Viktor Dukhovni
> On Dec 19, 2016, at 2:07 PM, Salz, Rich wrote: > >> Are we saying that it absolutely will not support ARM7 thumb mode anymore? > > Nobody is saying that. We're saying that if the address-space is 16bit, > openssl will not work. > >> Wouldn't the generic C-only version

Re: [openssl-dev] cert_cb and TLS tickets

2016-12-09 Thread Viktor Dukhovni
On Fri, Dec 09, 2016 at 09:47:19PM +0100, Fedor Indutny wrote: > > The callback is *correctly* only called when choosing the server > > certificate. In *that* case, it is always called. When sessions > > are resumed, there is no certificate to present, so no callback is > > made. > > That's

Re: [openssl-dev] cert_cb and TLS tickets

2016-12-09 Thread Viktor Dukhovni
On Fri, Dec 09, 2016 at 08:43:01PM +0100, Fedor Indutny wrote: > During development of one feature for my TLS proxy bud, I have discovered > that the cert_cb is invoked only for newly generated tickets/sessions. The > reasoning behind this is clear, but I believe that it is most likely needs > a

Re: [openssl-dev] [openssl.org #4697] Bug in 1.1.0 (lost compatibility with previous releases)

2016-10-05 Thread Viktor Dukhovni
On Wed, Oct 05, 2016 at 07:05:06AM +, Sergey G Brazhnikov via RT wrote: > Just figured out that files encrypted with OpenSSL 1.1.0-stable can not be > decrypted with previous releases and vice versa. > Tested aes256, cast5-cfb, camellia128 on 1.1.0-stable, 1.0.2-stable and > 0.9.8(cast5-cfb

Re: [openssl-dev] X25519 is the default curve for ECDHE in OpenSSL 1.1.0

2016-09-17 Thread Viktor Dukhovni
On Sat, Sep 17, 2016 at 03:46:53PM +, Salz, Rich wrote: > > If a client offers ECDHE ciphers with no curve list, one might > > alternatively just > > use P-256. It is likely better than the other choices. Most clients will > > send a > > curve list. > > Most will, and I'd rather get

Re: [openssl-dev] X25519 is the default curve for ECDHE in OpenSSL 1.1.0

2016-09-17 Thread Viktor Dukhovni
On Sat, Sep 17, 2016 at 02:35:20PM +, Salz, Rich wrote: > > When we added X25519 to BoringSSL, we at the same time started made the > > server require clients supply a curve list (and otherwise we'd just pick > > a non-ECDHE cipher), because of this issue. That went in back in December > >

Re: [openssl-dev] [openssl.org #4673] a weird error, please help to check whether is it a but. thanks!

2016-09-12 Thread Viktor Dukhovni
> On Sep 12, 2016, at 4:08 PM, zy_chongqing via RT wrote: > > SSL_CTX_use_certificate_file return 0, and the log show: error:140AB18F:SSL > routines:SSL_CTX_use_certificate:ee key too small > 1. this programe is running well in one server, but failed in another. > actually

Re: [openssl-dev] [openssl.org #4658] bug: Abort() in 1.0.2h parsing server cert in ASN.1 routine

2016-09-01 Thread Viktor Dukhovni
On Thu, Sep 01, 2016 at 01:58:00PM -0700, Quanah Gibson-Mount wrote: > >The issue only happens when proxying IMAP on port 143 with startTLS or > >993 (IMAPS). It does not occur on POP w/ starttls or web traffic (443). > >It also is only happening with this one particular client, as we have >

Re: [openssl-dev] SSL_CTX_use_certificate_chain_file()

2016-08-26 Thread Viktor Dukhovni
On Fri, Aug 26, 2016 at 03:14:58PM +, asmar...@yahoo.com wrote: > Is there any negative impact ofusing SSL_CTX_use_certificate_file() and > SSL_CTX_use_certificate_chain_file() together? The first is redundant and should avoided. > My application loads thecertificate using

Re: [openssl-dev] [openssl.org #4658] bug: Abort() in 1.0.2h parsing server cert in ASN.1 routine

2016-08-24 Thread Viktor Dukhovni
On Wed, Aug 24, 2016 at 11:17:21PM +, Quanah Gibson-Mount via RT wrote: > When a process (nginx in this case) has this as the server cert, it core > dumps with an abort() when clients request the cert: You say the server dumps core, and yet: > #1 0x7f22ba125ce8 in __GI_abort () at

Re: [openssl-dev] [openssl.org #4644] bug: cert verification always examining entire chain

2016-08-09 Thread Viktor Dukhovni
> On Aug 9, 2016, at 2:52 PM, Salz, Rich via RT wrote: > > As Viktor pointed out, this doesn't work in 1.0.1 The story is a bit more complicated. What's really going on is that root (self-signed) CAs in the trust store are backwards-compatible implicit trust-anchors for all

Re: [openssl-dev] [openssl.org #4644] bug: cert verification always examining entire chain

2016-08-09 Thread Viktor Dukhovni
On Tue, Aug 09, 2016 at 10:53:59AM +0100, David Woodhouse wrote: > > As expected, unless you use the "-partial" flag in the command-line > > utilities, or use the X509_VERIFY_PARAM_set_flags() to set the > > X509_V_FLAG_PARTIAL_CHAIN flag when using the API. > > Is there an equivalent for 1.0.1?

Re: [openssl-dev] [openssl.org #4644] bug: cert verification always examining entire chain

2016-08-08 Thread Viktor Dukhovni
On Tue, Aug 09, 2016 at 01:45:24AM +, William M Edmonds via RT wrote: > If I specify a CAfile that includes the leaf certificate and/or > intermediate CA certificates, but not the root certificate, then > verification fails. As expected, unless you use the "-partial" flag in the command-line

Re: [openssl-dev] [RFC PATCH] doc/ssl: describe the possible DoS via repeated SSL session re-negotiation

2016-08-08 Thread Viktor Dukhovni
On Mon, Aug 08, 2016 at 08:57:26PM +0200, Sebastian Andrzej Siewior wrote: > This is a computation attack and unfortunately the way a SSL handshake > works. I understand that this `feature' is part of the TLS specification > and I am not trying to nuke from openssl. Instead I would like to >

Re: [openssl-dev] [openssl.org #4614] pthread_once and malloc failures

2016-07-19 Thread Viktor Dukhovni via RT
> On Jul 19, 2016, at 5:26 PM, Matt Caswell via RT wrote: > >> Most of all, we use CRYPTO_THREAD_run_once() internally to initiate the first >> locks, so pretty much in an initial state of the library (not entirely true, >> since we do these inits opportunistically, but it's

Re: [openssl-dev] [openssl.org #4614] pthread_once and malloc failures

2016-07-11 Thread Viktor Dukhovni
On Mon, Jul 11, 2016 at 05:48:06PM +, Salz, Rich via RT wrote: > Previously we've changed return-types from void to int. If there's still > time, that seems like the thing to do here. With pthread_once and friends the pattern is to use void init functions, and as necessary check for

Re: [openssl-dev] [PATCH] Add support for minimum and maximum protocol version supported by a cipher

2016-07-08 Thread Viktor Dukhovni
On Fri, Jul 08, 2016 at 07:30:26PM +0100, David Woodhouse wrote: > > I tried the naïvely obvious step of changing all instances of > > DTLS1_VERSION as the minimum, to DTLS1_BAD_VER. That didn't help. > > Of course, it's because DTLS_VERSION_LT and friends are doing precisely > the opposite of

Re: [openssl-dev] [openssl.org #4502] CT todos

2016-05-31 Thread Viktor Dukhovni via RT
> On May 31, 2016, at 1:15 PM, Rich Salz via RT wrote: > > I do not understand what should be done for this ticket. Call me stupid :) I took care of the requisite changes already. Feel free to close the ticket. -- Viktor. -- Ticket here:

Re: [openssl-dev] [openssl.org #3502] nameConstraints bypass bug

2016-05-31 Thread Viktor Dukhovni
On Tue, May 31, 2016 at 02:49:05PM +, Blumenthal, Uri - 0553 - MITLL wrote: > >Could you explain your point in more detail than putting "wrong" > >in bold text? Though ad-hoc, it seems about the best one can do, > >absent additional information. > > IMHO allowing CN to be interpreted as a

Re: [openssl-dev] [openssl.org #3502] nameConstraints bypass bug

2016-05-31 Thread Viktor Dukhovni
> On May 31, 2016, at 9:54 AM, Blumenthal, Uri - 0553 - MITLL > wrote: > >> As one example, mozilla::pkix treats the CN as a dNSName/iPAddress iif there >> is no subjectAltName extension and iif the CN is a valid dNSNa/iPAddress >> syntactically. > > That approach seems

Re: [openssl-dev] [openssl.org #3502] nameConstraints bypass bug

2016-05-31 Thread Viktor Dukhovni
> On May 31, 2016, at 2:43 AM, Brian Smith wrote: > > Not too long ago, there were changes to the CABForum rules about certificates > to make it easier for any website to get a CA certificates constrained to its > domain name. There were some problems with the loosening

Re: [openssl-dev] [openssl.org #3502] nameConstraints bypass bug

2016-05-30 Thread Viktor Dukhovni
On Tue, May 31, 2016 at 02:54:13AM +, Brian Smith via RT wrote: > > Applications can do that now by setting the right flag, as Viktor pointed > > out. I think it's too late to make the default change for 1.1 > > The important thing is: What happens when applications use the default >

Re: [openssl-dev] [openssl.org #3502] nameConstraints bypass bug

2016-05-30 Thread Viktor Dukhovni via RT
> On May 30, 2016, at 10:06 PM, Salz, Rich via RT wrote: > >> I'm not sure what "deprecated" and "mandated" mean in the openssl >> context. If openssl actually de-implemented CN-as-hostname and actually >> mandated SAN, that would solve the nameConstraints bypass bug in grand

Re: [openssl-dev] [openssl.org #3502] nameConstraints bypass bug

2016-05-30 Thread Viktor Dukhovni
> On May 30, 2016, at 10:06 PM, Salz, Rich via RT wrote: > >> I'm not sure what "deprecated" and "mandated" mean in the openssl >> context. If openssl actually de-implemented CN-as-hostname and actually >> mandated SAN, that would solve the nameConstraints bypass bug in grand

Re: [openssl-dev] [openssl.org #3502] nameConstraints bypass bug

2016-05-30 Thread Viktor Dukhovni
On Mon, May 30, 2016 at 06:56:17PM +, Rich Salz via RT wrote: > If there is no altname and there is a CN, we cannot assume that the CN is a > hostname. Yes, for WebPKI this is true, but WebPKI has deprecated > cn-as-hostname for more than a decade and mandated SAN names. OpenSSL master

Re: [openssl-dev] 1.1.0 pre5 seems to ignore CIPHER_SERVER_PREFERENCE

2016-05-26 Thread Viktor Dukhovni
> On May 26, 2016, at 9:44 AM, Angus Robertson - Magenta Systems Ltd > wrote: > > I have two custom Windows web sites, running released and beta versions > of OpenSSL. The beta version only gets an A- score with SSL Labs, > whereas the release version gets A+. > >

Re: [openssl-dev] How to get SSL version from SSL_SESSION using OpenSSL-1.1.x?

2016-05-26 Thread Viktor Dukhovni
On Thu, May 26, 2016 at 09:58:09PM +, Viktor Dukhovni wrote: > The following should work: > > const char *get_session_protocol(SSL_CTX *ctx, SSL_SESSION *session) > { > const char *protocol; > SSL_CTX *tmp_ctx = NULL; > > /* Typically you'

Re: [openssl-dev] How to get SSL version from SSL_SESSION using OpenSSL-1.1.x?

2016-05-26 Thread Viktor Dukhovni
On Thu, May 26, 2016 at 10:45:54PM +0100, Matt Caswell wrote: > > Using OpenSSL-1.0.x, I currently use: > > > > ssl_version = sess->ssl_version; > > > > However, I don't see an equivalent accessor in the 1.1.x APIs. Have I > > missed something, or does such a thing not exist yet? > > I

Re: [openssl-dev] [openssl.org #4458] "implicitly declared function" warnings due to missing include

2016-05-25 Thread Viktor Dukhovni
On Wed, May 25, 2016 at 09:46:02PM +, Richard Levitte via RT wrote: > I don't get such warnings. Can you tell me what system and with what tool > chain > (including versions)? I think that the report is correct, we must be getting away with on most platforms. On NetBSD, for example,

Re: [openssl-dev] [openssl.org #4540] openssl make test

2016-05-12 Thread Viktor Dukhovni
On Thu, May 12, 2016 at 09:58:25PM +, Stephen Henson via RT wrote: > It's caused by the S/MIME test certificates expiring. This is fixed in commit > 24762dee178bace3c3 either apply that, use a recent snapshot or just copy the > test/smime-certs directory from a recent snapshot. It might make

Re: [openssl-dev] 1.0.1t: CMS => PKCS#7 compatibility tests: signed content DER format, RSA key: verify error

2016-05-10 Thread Viktor Dukhovni
> On May 10, 2016, at 11:45 PM, Claus Assmann wrote: > > make test fails on OpenBSD and FreeBSD (8.4): > > CMS => PKCS#7 compatibility tests > signed content DER format, RSA key: verify error > *** Error 1 in test (Makefile:330 'test_cms') > > more cms.err > Verification

Re: [openssl-dev] where is PEM_read_bio_X509_AUX()

2016-05-10 Thread Viktor Dukhovni
[ Redirecting to openssl-us...@openssl.org ] On Tue, Apr 19, 2016 at 01:11:38AM +, CHOW Anthony wrote: > I am trying to do “openssl verify –CAfile server.pem” and the command hang. It is supposed to hang (reading standard input) when (incorrectly) invoked this way. You've left out the

Re: [openssl-dev] TLSv1.3

2016-05-08 Thread Viktor Dukhovni
On Sun, May 08, 2016 at 12:15:56PM +0100, Alessandro Ghedini wrote: > I know that I'm probably getting way ahead of myself here, but I thought it > would be interesting to start looking into adding TLS 1.3 support to OpenSSL > (for post 1.1.0 of course). Even after 1.1.0, TLS 1.3 might not be

Re: [openssl-dev] null byte in hostname validation.

2016-05-04 Thread Viktor Dukhovni
On Wed, May 04, 2016 at 03:04:51PM +0200, none wrote: > Hello, where are the parts of the code that check if a null byte is used in > a string part of a x509 certificate ? > > This is purely informative. I already know about > https://www.openssl.org/docs/manmaster/crypto/X509_check_host.html.

Re: [openssl-dev] Storing session in file and reusing at client side

2016-05-02 Thread Viktor Dukhovni
On Mon, May 02, 2016 at 12:23:25PM +0530, Shubham Chauhan wrote: > I wanted to store the freshly negotiated ssl/tls session in a file and > reuse it (via SSL_set_session()), in the next handshake. I was not able to > do that since the handshake got terminated giving a fatal error - illegal >

Re: [openssl-dev] [openssl.org #4524] [BUG] TLS 1.2 handshake hangs for TLS 1.0 only hosts

2016-04-30 Thread Viktor Dukhovni
> On Apr 30, 2016, at 5:26 PM, Salz, Rich wrote: > >> Since this is a MS IIS 7.0 server I would argue that it'd be in the interest >> of >> openssl to handle the situation rather than accept this scenario - since IIS >> is >> likely powering more than a few hosts? > > It's

Re: [openssl-dev] [openssl.org #4518] OpenSSL-1.1.0-pre5 RSA_set0_key and related RSA_get0_*, RSA_set0_*, DSA_set0_* and DSA_get0_* problems

2016-04-26 Thread Viktor Dukhovni
On Tue, Apr 26, 2016 at 12:55:28PM -0500, Douglas E Engert wrote: > Adding the test "if (n != rsa->n)" before the BN_free in the RSA_set0_key > would catch this. The correct test is to return an error in that case, not to skip the free. The caller is doing the wrong thing, and we should not

Re: [openssl-dev] SSL transfer connection (SSL_dup, SSL_up_ref, SSL_free)

2016-04-26 Thread Viktor Dukhovni
> On Apr 25, 2016, at 11:18 PM, Alex Hultman wrote: > > Thanks for the answer. I actually found a working solution just a couple of > minutes after I posted but I still wanted to hear what you recommended. I > just did ssl->references++; and also the same on the

Re: [openssl-dev] [Bug] OpenSSL does not send short messages

2016-04-25 Thread Viktor Dukhovni
[ This question belongs on openssl-users, not openssl-dev. Please reply only to openssl-users. ] On Tue, Apr 26, 2016 at 05:17:46AM +0200, Alex Hultman wrote: > SSL_write followed by SSL_shutdown does not actually send the data passed > to SSL_write if the total data size sent is less than

Re: [openssl-dev] [openssl.org #4518] OpenSSL-1.1.0-pre5 RSA_set0_key and related RSA_get0_*, RSA_set0_*, DSA_set0_* and DSA_get0_* problems

2016-04-25 Thread Viktor Dukhovni
On Mon, Apr 25, 2016 at 05:45:05PM +, Salz, Rich wrote: > After a "set0" call, set your pointer to NULL, it's no longer yours :) That half of the ruleset. The other half is: You must "own" any object passed to a set0 call that takes ownership of its argument (we have a few that don't

Re: [openssl-dev] [openssl.org #4518] OpenSSL-1.1.0-pre5 RSA_set0_key and related RSA_get0_*, RSA_set0_*, DSA_set0_* and DSA_get0_* problems

2016-04-25 Thread Viktor Dukhovni
On Mon, Apr 25, 2016 at 07:21:56PM +0200, Richard Levitte wrote: > openssl-users> Perhaps the documentation can be made more clear. If users > really > openssl-users> need an interface for modifying a subset of the components of > an > openssl-users> already initialized key, then (if we don't

Re: [openssl-dev] [openssl.org #4518] OpenSSL-1.1.0-pre5 RSA_set0_key and related RSA_get0_*, RSA_set0_*, DSA_set0_* and DSA_get0_* problems

2016-04-25 Thread Viktor Dukhovni
On Mon, Apr 25, 2016 at 02:08:09PM +, Richard Levitte via RT wrote: > I'm not sure how I'd change the following: > > Calling this function transfers the memory management of the values to the > RSA object, and therefore the values that have been passed in should not > be freed by

Re: [openssl-dev] [openssl.org #4518] OpenSSL-1.1.0-pre5 RSA_set0_key and related RSA_get0_*, RSA_set0_*, DSA_set0_* and DSA_get0_* problems

2016-04-25 Thread Viktor Dukhovni
On Mon, Apr 25, 2016 at 01:39:09PM +, Richard Levitte via RT wrote: > rt> I agree it shouldn't happen, but do we want to protect against that? I > could be convinced either way. > > Ah ok... sorry, I misread the intention. > > Agreed that we could make sure not to free the pointers in

[openssl-dev] [openssl.org #4502] CT todos

2016-04-07 Thread Viktor Dukhovni via RT
Beyond the suggested changes to SCT_LIST_validate() et. al. and documentation, IIRC at some point or other I noted that the chain verification status observed in resumed sessions may not be correct if handshakes without valid SCTs are allowed to complete and perhaps get reused. Even without

Re: [openssl-dev] [openssl.org #4497] openssl ciphers app possible bug

2016-04-02 Thread Viktor Dukhovni via RT
> On Apr 2, 2016, at 10:05 AM, Daniel Gruszczyk via RT wrote: > > Hi,I was playing with a ciphers app to create example list of suites. Looking > at the website (https://openssl.org/docs/manmaster/apps/ciphers.html) if I > run one of the examples there: > openssl ciphers -v

Re: [openssl-dev] [openssl.org #4497] openssl ciphers app possible bug

2016-04-02 Thread Viktor Dukhovni
> On Apr 2, 2016, at 10:05 AM, Daniel Gruszczyk via RT wrote: > > Hi,I was playing with a ciphers app to create example list of suites. Looking > at the website (https://openssl.org/docs/manmaster/apps/ciphers.html) if I > run one of the examples there: > openssl ciphers -v

Re: [openssl-dev] [openssl.org #4489] PATCH: fix Windows deprecated strdup in crypto\conf\conf_lib.c

2016-03-28 Thread Viktor Dukhovni via RT
> On Mar 28, 2016, at 4:38 AM, noloa...@gmail.com via RT > wrote: > > On Windows, the fix below also depends upon the patch from Issue 4488 > ("The POSIX name for this item is deprecated. Instead, use the ISO C++ > conformant name..."). > > This patch below also fixes some

Re: [openssl-dev] [openssl.org #4489] PATCH: fix Windows deprecated strdup in crypto\conf\conf_lib.c

2016-03-28 Thread Viktor Dukhovni
> On Mar 28, 2016, at 4:38 AM, noloa...@gmail.com via RT > wrote: > > On Windows, the fix below also depends upon the patch from Issue 4488 > ("The POSIX name for this item is deprecated. Instead, use the ISO C++ > conformant name..."). > > This patch below also fixes some

Re: [openssl-dev] Testing for a type with a define in e_os2.h?

2016-03-26 Thread Viktor Dukhovni
On Sat, Mar 26, 2016 at 06:14:05PM -0400, Jeffrey Walton wrote: > e_os2.h has this around line 260: > > # if defined(OPENSSL_SYS_UEFI) && !defined(ssize_t) > # define ossl_ssize_t int > # define OSSL_SSIZE_MAX INT_MAX > # endif > > I don't believe you can test for a type by using

Re: [openssl-dev] [openssl.org #4476] PATCH: fix cast-alignment of "struct lhash_st *"

2016-03-24 Thread Viktor Dukhovni
On Thu, Mar 24, 2016 at 06:41:34PM +, Salz, Rich via RT wrote: > This looks like a good change. > > > This clears what looks to be hundreds of alignment related warnings like > > below. > > > > $ git diff include/openssl/lhash.h > > diff --git a/include/openssl/lhash.h

Re: [openssl-dev] [openssl.org #4473] Compile errors when compiling with C++ compiler

2016-03-23 Thread Viktor Dukhovni
> On Mar 24, 2016, at 12:38 AM, noloa...@gmail.com via RT > wrote: > > I can understand lack of resources. > > Lack of interest can be dealt with in the engineering process. Place a > quality gate, and make the code pass through it. I'd wager folks will > take interest

Re: [openssl-dev] [openssl.org #4473] Compile errors when compiling with C++ compiler

2016-03-23 Thread Viktor Dukhovni via RT
> On Mar 24, 2016, at 12:38 AM, noloa...@gmail.com via RT > wrote: > > I can understand lack of resources. > > Lack of interest can be dealt with in the engineering process. Place a > quality gate, and make the code pass through it. I'd wager folks will > take interest

Re: [openssl-dev] [openssl.org #4473] Compile errors when compiling with C++ compiler

2016-03-23 Thread Viktor Dukhovni via RT
> On Mar 23, 2016, at 7:47 PM, noloa...@gmail.com via RT > wrote: > > I'm not sure if this is a supported configuration, but I'm guessing > there are going to be users in the filed who find themselves in it, > like http://stackoverflow.com/q/36188982. > > Working from the

Re: [openssl-dev] [openssl.org #4473] Compile errors when compiling with C++ compiler

2016-03-23 Thread Viktor Dukhovni
> On Mar 23, 2016, at 7:47 PM, noloa...@gmail.com via RT > wrote: > > I'm not sure if this is a supported configuration, but I'm guessing > there are going to be users in the filed who find themselves in it, > like http://stackoverflow.com/q/36188982. > > Working from the

Re: [openssl-dev] [openssl.org #4467] SSL_Connect crashed

2016-03-21 Thread Viktor Dukhovni via RT
> On Mar 21, 2016, at 11:51 AM, Tiantian Liu via RT wrote: > > > srp_ctx = {SRP_cb_arg = 0x0, TLS_ext_srp_username_callback = 0, > SRP_verify_param_callback = 0, SRP_give_srp_client_pwd_callback = 0, >login = 0x44454c4c , N = 0x9a285f8, g = > 0x61, s = 0x9a29820, B =

Re: [openssl-dev] [openssl.org #4467] SSL_Connect crashed

2016-03-21 Thread Viktor Dukhovni
> On Mar 21, 2016, at 11:51 AM, Tiantian Liu via RT wrote: > > > srp_ctx = {SRP_cb_arg = 0x0, TLS_ext_srp_username_callback = 0, > SRP_verify_param_callback = 0, SRP_give_srp_client_pwd_callback = 0, >login = 0x44454c4c , N = 0x9a285f8, g = > 0x61, s = 0x9a29820, B =

Re: [openssl-dev] OpenSSL 1.1.0-pre4 change in SSL_get_version() return value

2016-03-19 Thread Viktor Dukhovni
On Thu, Mar 17, 2016 at 12:37:41AM +0200, Jouni Malinen wrote: > Was the SSL_get_version() behavior changed on purpose in the Beta 1 > release? This function used to return "TLSv1" when TLS v1.0 was used > while it is now in Beta 1 returning "TLSv1.0" for that case. I missed this change in the

Re: [openssl-dev] [openssl.org #4443] Re: VIA C7-D processor: Hang in 30-test_afalg.t

2016-03-19 Thread Viktor Dukhovni
> On Mar 17, 2016, at 8:25 PM, noloa...@gmail.com via RT > wrote: > > Yeah, this looks fishy... According to the libc manual, 13.10 Perform > I/O Operations in Parallel > (https://www.gnu.org/software/libc/manual/html_node/Asynchronous-I_002fO.html): > >volatile void

Re: [openssl-dev] OpenSSL 1.1.0-pre4 change in SSL_get_version() return value

2016-03-19 Thread Viktor Dukhovni
> On Mar 18, 2016, at 4:40 PM, Richard Moore wrote: > > I think it is reasonable to preserve the backwards compatible "TLSv1" > > for the string protocol version, but do we also need to preserve the > > "TLSv1.0" in ciphers(1) output? If so, the code needs an exception

Re: [openssl-dev] OpenSSL 1.1.0-pre4 change in SSL_get_version() return value

2016-03-19 Thread Viktor Dukhovni
> On Mar 16, 2016, at 6:44 PM, Viktor Dukhovni <openssl-us...@dukhovni.org> > wrote: > >> Was the SSL_get_version() behavior changed on purpose in the Beta 1 >> release? This function used to return "TLSv1" when TLS v1.0 was used >> while it is now

Re: [openssl-dev] OpenSSL 1.1.0-pre4 change in SSL_get_version() return value

2016-03-18 Thread Viktor Dukhovni
> On Mar 16, 2016, at 6:44 PM, Viktor Dukhovni <openssl-us...@dukhovni.org> > wrote: > >> Was the SSL_get_version() behavior changed on purpose in the Beta 1 >> release? This function used to return "TLSv1" when TLS v1.0 was used >> while it is now

Re: [openssl-dev] [openssl.org #4443] Re: VIA C7-D processor: Hang in 30-test_afalg.t

2016-03-18 Thread Viktor Dukhovni
> On Mar 17, 2016, at 10:52 PM, Jeffrey Walton wrote: > > This is bad news... A 32-bit pointer's sign extension is > implementation defined, which means it may as well be undefined > behavior... > > GCC sign extends. I think you can get around it with an intermediate > cast

Re: [openssl-dev] [openssl.org #4429] Cannot decrypt RC4-encrypted CMS object

2016-03-15 Thread Viktor Dukhovni
On Tue, Mar 15, 2016 at 07:29:04PM +, Viktor Dukhovni wrote: > ok 24 - encrypted content test streaming PEM format, 128 bit RC2 key > ok 25 - encrypted content test streaming PEM format, 40 bit RC2 key The underlying test commands amount to: $ cd test $ opens

Re: [openssl-dev] [openssl.org #4429] Cannot decrypt RC4-encrypted CMS object

2016-03-15 Thread Viktor Dukhovni
On Tue, Mar 15, 2016 at 07:09:36PM +, Blumenthal, Uri - 0553 - MITLL wrote: > First of all - thank you! It is great to see useful capabilities added (I > consider stream ciphers and AEAD modes very useful :). I fully agree that > unsigned CMS is an invitation to trouble. If I understand

Re: [openssl-dev] [openssl.org #4429] Cannot decrypt RC4-encrypted CMS object

2016-03-15 Thread Viktor Dukhovni
On Tue, Mar 15, 2016 at 06:33:32AM +, Viktor Dukhovni wrote: > This is completely untested, may not even compile! Enjoy. It does seem to work, so one key remaining questions is whether it is interoperable: $ ./util/shlib_wrap.sh ./apps/openssl req -config apps/openssl.cnf -new -x

Re: [openssl-dev] [openssl.org #4429] Cannot decrypt RC4-encrypted CMS object

2016-03-15 Thread Viktor Dukhovni
On Mon, Mar 14, 2016 at 10:34:17PM +, Dr. Stephen Henson wrote: > > Is there any reason why stream ciphers are not supported with CMS? > > Well one reason is that I'm not aware of any standard which defines how to use > stream ciphers with CMS. > > OpenSSL should really reject these with an

Re: [openssl-dev] [openssl.org #4429] Cannot decrypt RC4-encrypted CMS object

2016-03-14 Thread Viktor Dukhovni
On Mon, Mar 14, 2016 at 07:03:04PM +, Blumenthal, Uri - 0553 - MITLL wrote: > >IIRC RC4 (more generally all stream ciphers) are not supported with > >CMS, and the bug is that OpenSSL allowed you to use RC4, not that > >the result failed to decrypt. > > Is there any reason why stream ciphers

Re: [openssl-dev] [openssl.org #4429] Cannot decrypt RC4-encrypted CMS object

2016-03-14 Thread Viktor Dukhovni
On Mon, Mar 14, 2016 at 05:45:34PM +, Stephan Mühlstrasser via RT wrote: > I had written a message about this issue to openssl-users, but received > no reaction. IIRC RC4 (more generally all stream ciphers) are not supported with CMS, and the bug is that OpenSSL allowed you to use RC4, not

Re: [openssl-dev] 1.1-pre4 documentation fails to install

2016-03-14 Thread Viktor Dukhovni
On Mon, Mar 14, 2016 at 03:28:13PM +, Blumenthal, Uri - 0553 - MITLL wrote: > install ./doc/crypto/EVP_PKEY_set1_RSA.pod -> > /Users/ur20980/share/man/man3/EVP_PKEY_set1_RSA.3 > > IO::File=IO(0x7feb8c8029c0) around line 62: Unterminated B<...> sequence > POD document had syntax errors at

Re: [openssl-dev] API Problems in current master

2016-03-13 Thread Viktor Dukhovni
> On Mar 13, 2016, at 10:41 AM, Rainer Jung wrote: > > The docs should be fixed, but there's: > > int EVP_PKEY_id(const EVP_PKEY *pkey); > int EVP_PKEY_base_id(const EVP_PKEY *pkey); Thanks for the nudge:

[openssl-dev] Question: Make X509_V_FLAG_TRUSTED_FIRST default in 1.0.2?

2016-03-12 Thread Viktor Dukhovni
On Fri, Mar 11, 2016 at 05:54:57AM +, Viktor Dukhovni wrote: > Absent augmentation as a "trusted certificate" for a given purpose, > and with the application not enabling "partial chain" semantics, > intermediate certs from the store just augment missing

Re: [openssl-dev] [openssl.org #4415] test/certs/mkcert.sh uses "#! /binbash"

2016-03-11 Thread Viktor Dukhovni
On Fri, Mar 11, 2016 at 12:05:32PM +, noloa...@gmail.com via RT wrote: > test/certs/mkcert.sh uses: > > #! /bin/bash" This shell script is only used in test development, it is not used during either compilation or testing of OpenSSL. It need not be especially portable. --

Re: [openssl-dev] [openssl.org #4409] bug OpenSSL 1.0.1p 9 Jul 2015

2016-03-10 Thread Viktor Dukhovni
On Thu, Mar 10, 2016 at 12:58:34PM +, Irena Johnson via RT wrote: > Our clients are having trouble connecting to our GRAM server, which has a > sha256 host certificate. The reason for the connection failures may be unrelated to the certificate signature algorithm. What specific symptoms

Re: [openssl-dev] [openssl.org #4398] BUG / 1.0.2g breaks CURL extension

2016-03-08 Thread Viktor Dukhovni
e commit above restores the symbols. If you could build that version (checkout from git, or apply the patch) and confirm whether the issue is resolved, that would be great. -- Viktor. commit 133138569f37d149ed1d7641fe8c75a93fded445 Author: Viktor Dukhovni <vik...@twosigma.com>

Re: [openssl-dev] [openssl.org #4398] BUG / 1.0.2g breaks CURL extension

2016-03-08 Thread Viktor Dukhovni
On Tue, Mar 08, 2016 at 01:43:48PM +, Thomas Brunnthaler via RT wrote: > CURL not working since upgrade to 1.0.2g on windows. I use PHP 5.2.17 VC6 > x86 TS. Error Message: OS cannot load %1 or so. Is this fixed by:

Re: [openssl-dev] MacOS defaults?

2016-03-06 Thread Viktor Dukhovni
> On Mar 6, 2016, at 12:00 PM, Ben Laurie wrote: > > Hmm. So why do I see this on my macbook? > > $ arch > i386 Try "uname -m" -- Viktor. -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] MacOS defaults?

2016-03-06 Thread Viktor Dukhovni
> On Mar 6, 2016, at 6:20 AM, Ben Laurie wrote: > > Currently OpenSSL defaults to 32 bit in MacOS. I'm told it might be better to > default to 64 bit these days. > > Does anyone have any views? I support a switch to a 64bit default. -- Viktor. -- openssl-dev

Re: [openssl-dev] cipher order

2016-03-04 Thread Viktor Dukhovni
> On Mar 4, 2016, at 3:57 PM, Emilia Käsper wrote: > > I've updated the pull to do a much more substantial cleanup. What will @STRENGTH mean in this context? Will ignore the distinction between AES256 and AES128? What does this do to the @SECLEVEL interface which tries to

Re: [openssl-dev] links to KDF functions from pkeyutl man are broken

2016-03-04 Thread Viktor Dukhovni
> On Mar 4, 2016, at 5:24 AM, Salz, Rich wrote: > > Yes, links across sections (apps/crypto etc) don’t work well. We could put all the docs in a single directory. If we were worried about collisions, switch from: page.html => page..html where section is "1" or "3"

Re: [openssl-dev] [openssl.org #4362] chacha-x86.pl has stricter aliasing requirements than other files

2016-03-04 Thread Viktor Dukhovni
> On Mar 4, 2016, at 7:24 AM, Andy Polyakov via RT wrote: > > Fear is irrational and destructive feeling. Having faith that world is > better than that it nothing but healthy :-) What I'm saying is that > let's put a little bit more substance into discourse. Would anybody >

  1   2   3   4   5   >