Re: [openssl.org #2022] [PATCH] DTLS record header length bug

On Sep 2, 2009, at 2:55 PM, Stephen Henson via RT wrote: >> [seggelm...@fh-muenster.de - Wed Aug 26 19:49:38 2009]: >> >> This patch fixes the size of the read and write buffers which are 8 >> bytes too small for DTLS. The function ssl3_setup_buffers() is called >> to allocate the necessary memory

[openssl.org #2032] enc(1ssl) mistakenly claims -nosalt is the default

for openssl enc, -salt appears to be the default but the documentation claims -nosalt is the default. reading enc(1ssl): -salt use a salt in the key derivation routines. This option should ALWAYS be used unless compatibility with previous versions of OpenSSL or

[openssl.org #2031] [enhancement-request] mime-types in tsget (1.0.0 b3)

The behaviour of apps/tsget is technically RFC 3161-compliant, but some TSAs return responses based on a typo in the RFC, namely: 3.4. Time-Stamp Protocol via HTTP ... Two MIME objects are specified as follows. Content-Type: application/timestamp-query ... Content-Type: application/ti

[ANNOUNCE] OpenSSL.NET version 0.4 released

OpenSSL.NET - Managed wrapper for the OpenSSL toolkit http://openssl-net.sourceforge.net I've pleased to announce the release of version 0.4 of OpenSSL.NET. Description: A managed OpenSSL wrapper written in C# for the 2.0 .NET Framework that exposes both the Crypto API and the SSL API. This a

[openssl.org #2029] Fix openssl dgst -dss1

> [tm...@redhat.com - Tue Sep 01 09:50:59 2009]: > > In the openssl-1.0.0-beta3 the command openssl dgst -dss1 -verify fails > with error: > Error setting context > 139832466196296:error:0A07806A:dsa routines:PKEY_DSA_CTRL:invalid digest > type:dsa_pmeth.c:192: > > See https://bugzilla.redhat.com

[openssl.org #2013] Bug in OpenSSL 1.0.0 Beta 3 X509_time_adj_ex() function

> [david.coo...@nist.gov - Tue Aug 18 16:44:00 2009]: > > Steve, > > You may be correct, however, while I am aware of some ASN.1 types that > are defined as GeneralizedTime, I am not aware of any that are defined > as UTCTime, as this would make it impossible to denote times after > 2049. I chec

OpenSSL.NET version 0.4 released

OpenSSL.NET - Managed wrapper for the OpenSSL toolkit http://openssl-net.sourceforge.net I'm pleased to announce the release of version 0.4 of OpenSSL.NET. Description: A managed OpenSSL wrapper written in C# for the 2.0 .NET Framework that exposes both the Crypto API and the SSL API; based on

[openssl.org #2028] [PATCH] DTLS cookie management bugs

There appear to be several problems with this patch, see inline: > [seggelm...@fh-muenster.de - Mon Aug 31 17:04:19 2009]: > > This patch fixes several issues with DTLS cookies. > [snip] > cookie_secret is defined: > +unsigned char cookie_secret[COOKIE_SECRET_LENGTH]; > +int cookie_initialize

[openssl.org #2022] [PATCH] DTLS record header length bug

> [seggelm...@fh-muenster.de - Wed Aug 26 19:49:38 2009]: > > This patch fixes the size of the read and write buffers which are 8 > bytes too small for DTLS. The function ssl3_setup_buffers() is called > to allocate the necessary memory for the read and write buffers. This > is done in two s

[openssl.org #2026] [PATCH] app/s_server.c documentation fixes

> [daniel.s...@internode.on.net - Mon Aug 31 17:04:07 2009]: > > > -crl_check / -crl_check_all don't do anything. > They should work now on OpenSSL 1.0.0 where s_server and s_client have been updated to use the common verification options. Steve. -- Dr Stephen N. Henson. OpenSSL project core