I've included two patches which fix issues introduced in OpenSSL 0.9.6e/f/g
(I found them when upgrading from d to g).
The first patch is a single character change that resolves ticket#260. The
bug is that in EVP_txt2obj() the content length rather than the length of
the tag+length+content is
I've included two patches which fix issues introduced in OpenSSL 0.9.6e/f/g
(I found them when upgrading from d to g).
The first patch is a single character change that resolves ticket#260. The
bug is that in EVP_txt2obj() the content length rather than the length of
the tag+length+content is
On Fri, Aug 30, 2002, Reddie, Steven wrote:
The bug is in OBJ_txt2obj at obj_dat.c:420. The 'i' in line:
op=d2i_ASN1_OBJECT(NULL,p,i);
should be replaced with 'j':
op=d2i_ASN1_OBJECT(NULL,p,j);
In the case of subject alt name (06 03 55 1D 11), i=3 and j=5. My guess is
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
followup in openssl-users suggested the
cause was calliing:
sk_X509_free(Ca);
instead of
sk_X509_pop_free(Ca, X509_free);
__
OpenSSL Project http://www.openssl.org
Development Mailing List
[[EMAIL PROTECTED] - Mon Aug 26 10:33:29 2002]:
I found the solution: I just commented out the lines 675-676 in
apps/ca.c -
now everything works as expected.
Since this just disables the check it isn't a good idea.
The error message suggested that index.txt has somehow had an invalid
[jaenicke - Fri Aug 23 09:46:13 2002]:
On Fri, Aug 23, 2002 at 01:48:48AM +0200, Stephen Henson via RT wrote:
I've applied most of this patch to OpenSSL 0.9.8-dev.
Would you think it would make sense to also apply it to the 0.9.7
tree?
SInce no one had raised any objections, I've
I agree that this should be done but there are quite a few cases to
cover.
The exit code could be modified to represent the actual verify error.
This is possible because code 1 is used for other errors and is not a
valid verify failure reason.
However theres also the issue of what should
The OpenSSL DSA implementation (as of 0.9.6g) appears to have the same
multithreading issue that the RSA implementation used to have, namely
that multiple threads simultaneously triggering the BN_MONT_CTX caching
results in a race condition. My own testing suggests that the DSA code
can
I have found that OpenSSL version 0.9.6g (or earlier) on Windows can cause a problem
that will prevent Window's
Disk Administrator from being able to delete a logical drive from a system that has
several logical drives associated
with a physical drive. By using a tool call Filemon.exe (from
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Howard Chu
The output from testca is still a little dodgy, there are a few certificate
fields that are printed in ASCII that need to be translated to EBCDIC for
appearance's sake. But that's simple to
Damn, sent an incomplete diff for crypto/x509v3/v3_utl.c. Sorry about that.
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
http://www.symas.com http://highlandsun.com/hyc
Symas: Premier OpenSource Development and Support
-Original Message-
12 matches
Mail list logo