| From: Michael Richardson [EMAIL PROTECTED]
| The problem is that one can't cast a pointer to a des_key_schedule
| (as it was defined before) because that is an array type, not a pointer to an
| array.
Without looking closely, I wonder if you can cast a pointer like this?
Hi,
please find attached a context diff patch applying to the following
openssl source code files:
apps/req.c
apps/x509.c
crypto/asn1/t_req.c
crypto/asn1/t_x509.c
Please review and apply to the openssl release. Of course this is
subject to your scrutiny, but I
I have the same problem verifying theserver certificate. I tried to runs_server and s_client tests so everything work fine a part from certificate verification.I get an
verify error: num=20:unable to get local issuer certificateverify return: 1
Then I decided to run verify test with the same
I'm committing this change anyway, but would be grateful if you could
confirm at your end that this makes the warnings/errors go away?
2. Linker error: unresolved symbols
a)EVP_DecryptInit_ex,
b)EVP_EncryptInit_ex,
c)ENGINE_load_openbsd_dev_crypto
I'm fixing (c) properly now, expect
I'm committing this change anyway, but would be grateful if you could
confirm at your end that this makes the warnings/errors go away?
2. Linker error: unresolved symbols
a)EVP_DecryptInit_ex,
b)EVP_EncryptInit_ex,
c)ENGINE_load_openbsd_dev_crypto
I'm fixing (c) properly
Hi,
regarding my yesterday's post to enable the apps x509 and req to work
with empty subject DNs (as permitted, even suggested by PKIX for certs
with non-human subjects), I found another problem that I'm going to do
something about now. The ca tool depends on the subject DN when using
the
Gunther Schadow wrote:
Hi,
regarding my yesterday's post to enable the apps x509 and req to work
with empty subject DNs (as permitted, even suggested by PKIX for certs
with non-human subjects), I found another problem that I'm going to do
something about now. The ca tool depends on the
Hmm, can someone tell me why this handcrafted database thing
is so critical to the ca tool in the first place? To me it
seems like superflous burden! I assume that even with a
couple of hundred certificates, a simple shell script interface
would give everyone far greater flexibility. With a
On my problem:
regarding my yesterday's post to enable the apps x509 and req to work
with empty subject DNs (as permitted, even suggested by PKIX for certs
with non-human subjects), I found another problem that I'm going to do
something about now. The ca tool depends on the subject DN
- What's the deep rationale behind the unique index on the
subject DN? Why not make a unique index on the keyid?
Because the crypto-using applications are more likely to present a name,
rather than a keyid. Because cert lifetimes should (when done properly
IMHO :) overlap -- when a new cert
Rich Salz wrote:
Suggestions? Is there any interest in such changes at all?
I think the CA program is proof of concept and not up to the quality
of the rest of openssl. Any improvement here would be good.
Yes ca.c is an example of how to write a CA and not a very good one at
that. It
-BEGIN PGP SIGNED MESSAGE-
I'm in the process of cleaning up some of the FreeSWAN IPsec kernel code.
I'm CC'ing Eric because he may still care, and openssl-dev since I suspect
that they are the current maintainers of the code.
Specifically dealing with testing of various pieces
-BEGIN PGP SIGNED MESSAGE-
Michael == Michael Richardson [EMAIL PROTECTED] writes:
Michael My suggestion:
Michael change the typedef, (or probably, add a new one):
Michael struct des_ks_struct
Michael{
Michaelunion {
Michaeldes_cblock
OpenSSL self-test report:
OpenSSL version: 0.9.6b
Last change: Change ssleay_rand_bytes (crypto/rand/md_rand.c)...
Options: --prefix=/var/qmail/openssl-0.9.6b
--openssldir=/var/qmail/openssl-0.9.6b
OS (uname): SunOS secure.priocom.com 5.8 Generic_108528-01 sun4u sparc
Doug Moore [EMAIL PROTECTED]:
Failure during big number tests. Make report output is attached...
[...]
test BN_sqr
Square test failed!
Please repeat the test using the current 0.9.6 snapshot available
at URL: ftp://ftp.openssl.org/snapshot;type=d. A bug in BN_sqr()
was recently fixed.
16 matches
Mail list logo