Reproduced on Windows 7 (likely on the all old versions)
I use OpenSSL v. 0.9.8k but I has looked the last version and the bug also
exist.
When we try call OPENSSL_cinfig with the path who specifies on the DvD(or
CD)-ROM without disc the openSSL is exiting.
I've been bitten by that exact
On Fri May 16 09:22:55 2014, sch...@eff.org wrote:
Hi,
The man page for the smime utility documents this about the symmetric
cipher selection:
If not specified 40 bit RC2 is used. Only used with -encrypt.
This policy is implemented at line 545 of apps/smime.c as of openssl-1.0.1g.
This
Reproduced on Windows 7 (likely on the all old versions)
I use OpenSSL v. 0.9.8k but I has looked the last version and the bug also
exist.
When we try call OPENSSL_cinfig with the path who specifies on the DvD(or
CD)-ROM without disc the openSSL is exiting.
I've been bitten by that exact
Stephen Henson via RT writes:
The S/MIME utility uses S/MIME v2 (PKCS#7) which are both rather ancient and
S/MIME v3 (CMS) is preferred.
CBC mode is all that is supported for S/MIME. Traditionally there were two
algorithms supported for S/MIME v2 40 bit RC2 and triple DES. For maximum
Stephen Henson via RT writes:
The S/MIME utility uses S/MIME v2 (PKCS#7) which are both rather ancient and
S/MIME v3 (CMS) is preferred.
CBC mode is all that is supported for S/MIME. Traditionally there were two
algorithms supported for S/MIME v2 40 bit RC2 and triple DES. For maximum
The patch is published as a git pull request here:
https://github.com/openssl/openssl/pull/109
--
Regards,
Hubert Kario
BaseOS QE Security team
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
__
OpenSSL
I've discussed this one with Steve who tells me that this is a known bug. The
current fix is to not have expired certificates in the trust store.
It can be fixed but it has some complex consequences which need to be explored.
Probably needs revision of the verification algorithm which is
Steve has committed the following fixes:
http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=6f719f063cff50cc2f2f25fa55c0d2384eea08fb
http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=558c94efc00ce15a9fcc9370598d8841392ff0f3
Closing this ticket.
Matt