On Sun, 2012-04-15 at 16:45 +0200, Andy Polyakov via RT wrote:
Here is an experimental patch I wrote that implements the 1/n-1
record splitting technique for OpenSSL. I am sending it here for
consideration by OpenSSL upstream developers.
By default the 0/n split is used but in case the
Here is an experimental patch I wrote that implements the 1/n-1
record splitting technique for OpenSSL. I am sending it here for
consideration by OpenSSL upstream developers.
By default the 0/n split is used but in case the
SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS flag is set, we split the first
On Mon, 2012-04-16 at 11:49 +0200, Andy Polyakov via RT wrote:
Here is an experimental patch I wrote that implements the 1/n-1
record splitting technique for OpenSSL. I am sending it here for
consideration by OpenSSL upstream developers.
By default the 0/n split is used but in case the
On Fri, 13 Apr 2012 17:02:07 +0200, Andy Polyakov via RT r...@openssl.org
wrote:
2) Structure x509_lookup_method_st aka X509_LOOKUP_METHOD has a member
called free. It conflicts with MS Visual Studio memory debugger. When
memory debugger is enabled, it defines the following:
#define
On Fri, 13 Apr 2012 17:02:07 +0200, Andy Polyakov via RT r...@openssl.org
wrote:
2) Structure x509_lookup_method_st aka X509_LOOKUP_METHOD has a member
called free. It conflicts with MS Visual Studio memory debugger. When
memory debugger is enabled, it defines the following:
#define
you should definitely give this a look
http://www.panews15.net/biz/?employment=5423043
__
OpenSSL Project http://www.openssl.org
Development Mailing List
I've been investigating a memory leak in using a FIPS-capable OpenSSL in
non-FIPS mode.
For example, the following code does not seem to be correct in evp_enc.c:
int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE
*impl,
...
#ifndef OPENSSL_NO_ENGINE
On Mon, 16 Apr 2012 12:31:05 +0200, Alexei Khlebnikov via RT
r...@openssl.org wrote:
... but I've made a simple testing patch (attached) ...
Forgot to attach the testing patch! Attaching now.
--
Alexei.
redefined-free-testing.2012-04-16.patch
Description: Binary data
On Mon, 16 Apr 2012 12:31:05 +0200, Alexei Khlebnikov via RT
r...@openssl.org wrote:
... but I've made a simple testing patch (attached) ...
Forgot to attach the testing patch! Attaching now.
--
Alexei.
redefined-free-testing.2012-04-16.patch
Description: Binary data
It is still not working for me. I had tried all possible place to add
/dynamicbase:NO and/or /fixed flag.
I am wondering how it was working for Grant Averett.
Where did you exactly add the /FIXED flag?
Thanks,
-Vimol
On Sun, Apr 15, 2012 at 6:51 PM, Dr. Stephen Henson st...@openssl.orgwrote:
It is still not working for me. I had tried all possible place to add
/dynamicbase:NO and/or /fixed flag.
Well, lack of dynamic base in DLL characteristics in dumpbin output is
sufficient for knowing that /dynamicbase:no went down. As for /fixed,
double-check if it has .reloc segment left.
On Mon, Apr 16, 2012, Vimol Kshetrimayum wrote:
It is still not working for me. I had tried all possible place to add
/dynamicbase:NO and/or /fixed flag.
I am wondering how it was working for Grant Averett.
Where did you exactly add the /FIXED flag?
That's weird. I can reproduce that
http://cvs.openssl.org/chngview?cn=22397
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager
Hi,
This patch compiles out BIO_socket_nbio() and the body of
BIO_new_ssl_connect() if OPENSSL_NO_SOCK is set.
* BIO_socket_nbio() looks like its author forgot to put it in the #ifndef
block.
* BIO_new_ssl_connect() calls BIO_s_connect() which is compiled out by
OPENSSL_NO_SOCK. It
On Mon, Oct 31, 2011 at 05:56:53PM +0100, Tomas Mraz via RT wrote:
By default the 0/n split is used but in case the
SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS flag is set, we split the first
record with 1/n-1.
There are terminators that also have a problem with this 1/n-1
splitting. You might want to
On Sun, Apr 01, 2012 at 02:42:20PM +0200, Dr. Stephen Henson wrote:
On Sun, Apr 01, 2012, Dr. Stephen Henson wrote:
Did a quick hack modification setting header version to 0x3,0x0 and it now
*will* connect to some sites it didn't before with a long client hello
including paypal. It
Dear all,
( On a Linux 2.6.32 x86_64 ) I'm trying to build a
FIPS 2 openssl When I configure the fips code, config spits out as
warning
#cd openssl-fips-2.0-test-20120416
#./config
Configured for linux-x86_64.
WARNING: OpenSSL has been configured using unsupported option
17 matches
Mail list logo
