Re: OpenSSL version 1.0.1f released

Also, the release notes list: Fix for TLS record tampering bug CVE-2013-4353 But the list of OpenSSL vulnerabilities linked from there does not mention this anywhere... Erik Tkal et...@me.com uʍop ǝpısdn ǝɹɐ noʎ sıɥʇ pɐǝɹ uɐɔ noʎ ɟı On 06 Jan 2014, at

Re: OpenSSL version 1.0.1f released

snip *) Integrate hostname, email address and IP address checking with certificate verification. New verify options supporting checking in opensl utility. [Steve Henson] *) Fixes and wildcard matching support to hostname and email checking functions. Add manual page.

[openssl.org #3216] Invalid shell syntax == in test/testssl (only 0.9.8 and 1.0.0)

File test/testssl in branches 0.9.8 and 1.0.0 contains the line if [ $protocol == SSLv3 ] ; then for 1.0.1, 1.0.2 and master it is: if [ $protocol = SSLv3 ] ; then The script is executed by /bin/sh and the == syntax is not supported for all basic shells, e.g. not on Solaris. Other

[openssl.org #3218] Typo in .../demos/cms_dec.c

Reported by a fellow on Stack Overflow (tuxmania) trying to run the cms demos .../demos/cms_enc.c and .../demos/cms_dec.c Around line 50 of cms_dec.c. * OLD: /* Decrypt S/MIME message */ if (!CMS_decrypt(cms, rkey, rcert, out, NULL, 0)) goto err; Causes the following:

openssl-1.0.0l compile error with VS2013 Win8.1

hi, I've got an error when compiling last release of openssl under vs2103 win8.1 D:\..\openssl-1.0.0lms\32all.bat .. lot of output ... Copying: ./ssl/kssl.h to inc32/openssl/kssl.h cl /Fotmp32.dbg\cryptlib.obj -Iinc32 -Itmp32.dbg /MTd /Od -DDEBUG -D_DE BUG -DOPENSSL_THREADS

openssl-1.0.0l compile error with VS2013 Win8.1

hi, I've got an error when compiling last release of openssl under vs2103 win8.1 D:\..\openssl-1.0.0lms\32all.bat .. lot of output ... Copying: ./ssl/kssl.h to inc32/openssl/kssl.h cl /Fotmp32.dbg\cryptlib.obj -Iinc32 -Itmp32.dbg /MTd /Od -DDEBUG -D_DE BUG -DOPENSSL_THREADS

openssl-1.0.0l compile error with VS2013 Win8.1

hi, I've got an error when compiling last release of openssl under vs2103 win8.1 D:\..\openssl-1.0.0lms\32all.bat .. lot of output ... Copying: ./ssl/kssl.h to inc32/openssl/kssl.h         cl /Fotmp32.dbg\cryptlib.obj  -Iinc32 -Itmp32.dbg /MTd /Od -DDEBUG -D_DE BUG -DOPENSSL_THREADS  

RE: Safe ECC curves

Ø 1.3.6.1.4.1.22232.15.0: Curve25519 (That's out of my arc) I’ve been in touch with Dan, who sent me to Werner Koch, who said that GPG is using { Curve25519, 1.3.6.1.4.1.3029.1.5.1 }, -- Peter Gutmann's arc So we should use that I’m gonna post an I-D today or tomorrow, and ask the TLS-WG

[PATCH] changes required for OpenVMS in 1.0.2

Hello, I have tested OPENSSL-1.0.2-STABLE-SNAP-20140107 and found the following problems that are mostly corrected (except the missing header file) with the patch below: 1. missing header file unbound.h #include unbound.h .^ %CC-F-NOINCLFILEF, Cannot find file unbound.h specified

RE: [PATCH] changes required for OpenVMS in 1.0.2

-1.0.2-STABLE-SNAP-20140107 builds correctly and the tests are passed as well on OpenVMS. Thank you. Regards, Z From: Zoltan Arpadffy [mailto:z...@polarhome.com] Sent: den 7 januari 2014 23:11 To: 'openssl-dev@openssl.org' Subject: [PATCH] changes required for OpenVMS in 1.0.2 Hello