http://www.ibm.com/developerworks/power/library/pa-cellperf/
AES has been done before, unfortunately most of the links from that page
don't work.
Google also shows a few hits.
Peter
dtls1_process_out_of_seq_message() has two bugs:
- Only one handshake message fragment per sequence number is saved.
However, there may be multiple fragments with identical sequence
numbers. All of them should be buffered.
- Fragments with zero length are not saved. This is incorrect behavior
On Apr 1, 2010, at 17:44 , Stephen Henson via RT wrote:
That is most peculiar. If an ENGINE isn't in use I wouldn't expect that
to happen unless something somewhere is loading one.
OK, next step is to see what ENGINE it is. Can you in the debugger print
out the engine structure for
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
I would really like OpenSSL to add support for RFC5081.
- --
Stephen Paul Weber, @singpolyma
Please see http://singpolyma.net for how I prefer to be contacted.
edition right joseph
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)
To handle handshake message timeouts properly, DTLS sets the socket timeouts
according to the currently remaining time until the next timeout occurs.
However, in some cases this doesn't work because the operating system returns
the socket call a few milliseconds before the DTLS timer expires.
I've recently received a report that my application, fetchmail, should
call OpenSSL_add_all_algorithms(), see http://bugs.debian.org/576430
Apparently OpenSSL 0.9.8 does not load SHA256.
If this is needed, please document this requirement on the manpages
crypto(3), ssl(3), and
On Apr 2, 2010, at 15:30 , Stephen Henson via RT wrote:
This looks suspicious:
#3 0x414a0787 in engine_pkey_asn1_meths_free (e=0x39) at
tb_asnmth.c:165
165 EVP_PKEY_asn1_free(pkm);
Not sure where the 0x39 is coming from. In frame#2:
#2
Robin Seggelmann via RT wrote:
To handle handshake message timeouts properly, DTLS sets the socket timeouts
according to the currently remaining time until the next timeout occurs.
However, in some cases this doesn't work because the operating system returns
the socket call a few milliseconds
On Apr 6, 2010, at 10:56 AM, Daniel Mentz wrote:
Robin Seggelmann via RT wrote:
To handle handshake message timeouts properly, DTLS sets the socket timeouts
according to the currently remaining time until the next timeout occurs.
However, in some cases this doesn't work because the
[rainer-open...@7val.com - Tue Apr 06 10:53:48 2010]:
On Apr 2, 2010, at 15:30 , Stephen Henson via RT wrote:
This looks suspicious:
#3 0x414a0787 in engine_pkey_asn1_meths_free (e=0x39) at
tb_asnmth.c:165
165EVP_PKEY_asn1_free(pkm);
[rainer-open...@7val.com - Tue Apr 06 10:53:48 2010]:
On Apr 2, 2010, at 15:30 , Stephen Henson via RT wrote:
This looks suspicious:
#3 0x414a0787 in engine_pkey_asn1_meths_free (e=0x39) at
tb_asnmth.c:165
165EVP_PKEY_asn1_free(pkm);
Hi,
For your information, bug fix proposal :
I am currently working with openssl and i compile it with TLS_DEBUG.
Using openssl library for a https connection terminated in core with SEGFAULT.
Here my workaround, that is to disable a print :
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index
On Apr 2, 2010, at 15:30 , Stephen Henson via RT wrote:
This looks suspicious:
#3 0x414a0787 in engine_pkey_asn1_meths_free (e=0x39) at
tb_asnmth.c:165
165 EVP_PKEY_asn1_free(pkm);
Not sure where the 0x39 is coming from. In frame#2:
#2
How was this resolved? Is there a patch or new release?
On Tue, Apr 6, 2010 at 7:21 AM, Stephen Henson via RT r...@openssl.orgwrote:
According to our records, your request has been resolved. If you have any
further questions or concerns, please respond to this message.
--
Mark Aldred
Steve has checked-in today a fix to this issue in CVS :
http://cvs.openssl.org/chngview?cn=19520 and
http://cvs.openssl.org/chngview?cn=19521
You can grab the source from CVS or wait for tomorrow's snapshot.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
On 4/6/2010 3:47 PM, Mark Aldred
A clean build of openssl-1.0.0 (./config run without parameters) does not
use the hashed certificate files from -CApath and fails certificate
verification. The same behavior is seen when using openssl via the openssl
s_client command as well as the library with curl 7.20.0. The system
used here
[rainer-open...@7val.com - Tue Apr 06 16:56:50 2010]:
A clean build of openssl-1.0.0 (./config run without parameters) does
not
use the hashed certificate files from -CApath and fails certificate
verification. The same behavior is seen when using openssl via the
openssl
s_client command
http://antinode.info/ftp/openssl/1_0_0/test/tests.com
If you have a working bc on your VMS system:
http://antinode.info/ftp/openssl/1_0_0/test/bctest.com
http://antinode.info/ftp/openssl/1_0_0/test/bntest.com
http://antinode.info/ftp/openssl/1_0_0/test/tests.com
With
On Apr 6, 2010, at 17:08 , Stephen Henson via RT wrote:
[...]
Please try rehashing the directories using the 1.0.0 version of OpenSSL.
The certificate file hash algorithm changed in OpenSSL 1.0.0 and is not
compatible with 0.9.8: this was needed to support some additional
functionality.
The
On Apr 6, 2010, at 17:08 , Stephen Henson via RT wrote:
[...]
Please try rehashing the directories using the 1.0.0 version of OpenSSL.
The certificate file hash algorithm changed in OpenSSL 1.0.0 and is not
compatible with 0.9.8: this was needed to support some additional
functionality.
The
This should be a bit more helpful. The patch below (against 1.0.0) adds the
missing xmpp keyword to the list of supported -starttls keywords in the
s_client man page.
---
doc/apps/s_client.pod |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/doc/apps/s_client.pod
21 matches
Mail list logo