[openssl.org #1873] SMIME_write_PKCS7 and CRLF in base64 signature

This is verry old problem, but simple to solve (i guess). The patch for base64 BIO was submitted by Kai - Min - Sung 5 year ago. (http://marc.info/?l=openssl-dev&m=109079428007105&w=2). Using that patch, we only need to propagate flags given as argument to SMIME_write_PKCS7 into B64_write_PKCS

Bug in 0.9.8j: openssl s_server -nbio may lead to SSL3_WRITE_PENDING:bad write

Hello, Not sure if it's right place for posting bug reports, but I didn't find a better place. I rendered into a problem when server makes a lot of writes to client in non-blocking mode - this often resulted in shutdown of the session with SSL3_WRITE_PENDING:bad write error. The bug I discovered i

[openssl.org #1872] [PATCH] Change 'Q' and 'R' behavior in s_client

The attached patches alter the way 'openssl s_client' surprisingly interprets the 'Q' and 'R' characters at the start of a line. Option 1: openssl-removeqr.patch : eliminates the 'Q' and 'R' "commands" completely, from s_client and the documentation. Option 2: openssl-commandkeys.patch : adds a

Re: A trace appearred on the screen which was not expected when using SFTP.

There is no such message in OpenSSL. That looks like it's a diagnostic message from libcurl (or whatever component it uses to perform its FTP functionality.) -Kyle H 2009/3/18 曹婷 : > Hi developer, > > OPENSSL_0.9.8A_AIX5.3_64BIT is the version installed on my working server. > > Recently, i usin

Problem with RSA blinding and TLS

Hi folks, I think we found a bug in OpenSSL regarding RSA blindings that can lead to Bad Record MAC messages and would like to discuss with you how to fix this issue. Let me first describe the setup: we are using OpenSER, a SIP proxy. What's unusual about it is that its design is multi-processed

[openssl.org #1871] Openssl 0.9.8j patch: no failure for fips tests on mingw32

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, Compiling openssl0.9.8j source on mingw32/msys, the test/fips_* tests fail to compile; with a linker error for CRYPTO_malloc et al; they are missing -lcrypto. Patch that fixes compilation below. Best regards, Wouter -BEGIN PGP SIGNATURE--

Security Vulnerability Notification in OpenSSL

Dear OpenSSL Security Lead, Veracode was engaged to evaluate OpenSSL 0.9.8j for application security vulnerabilities, and, as part of our responsible disclosure policy, we wish to notify you to disclose the details of the vulnerabilities that were found during that evaluation. Can you pleas

A trace appearred on the screen which was not expected when using SFTP.

Hi developer, OPENSSL_0.9.8A_AIX5.3_64BIT is the version installed on my working server. Recently, i using libcurl to execute SFTP to do file rename on remote server. for example, the command is "rename a.cpp to b.cpp" then after calling curl_easy_perform, the trace "data: rename a