Re: [openssl-dev] [openssl.org #3528] [PATCH] ssl: SSL_MODE_ASYNC_KEY_EX

Matt, I have looked through the APIs. Will have to experiment with them somewhen later to see how well they will perform, but from theoretical point of view I am a bit scared of having 2 fds (and one ucontext) for every job in a pool. It seems like this could be a bit of burden in event-loop

Re: [openssl-dev] [openssl.org #4214] [GitHub PR] RFC 7714 DTLS-SRTP profiles

This ticket can be closed. The fix is in master. Regards, Dmitry On Sun, Jan 3, 2016 at 8:40 AM, Dmitry Sobinov via RT wrote: > Hi, > > I’ve created a pull request with simple changes to support two new AEAD > profiles for DTLS-SRTP. > >

Re: [openssl-dev] [openssl.org #4214] [GitHub PR] RFC 7714 DTLS-SRTP profiles

This ticket can be closed. The fix is in master. Regards, Dmitry On Sun, Jan 3, 2016 at 8:40 AM, Dmitry Sobinov via RT wrote: > Hi, > > I’ve created a pull request with simple changes to support two new AEAD > profiles for DTLS-SRTP. > >

[openssl-dev] [openssl.org #2439] bug report: memory leak

In our review, the code is correct and there is no leak. Please provide a patch against the current release if you think otherwise. -- Rich Salz, OpenSSL dev team; rs...@openssl.org -

[openssl-dev] [openssl.org #3964] Fix OPENSSL_NO_STDIO build

This has been fixed. Still some work to do for UEFI, but that will be separate RT's and/or PR's. -- Rich Salz, OpenSSL dev team; rs...@openssl.org - http://rt.openssl.org/Ticket/Display.html?id=3964 Please log in as guest

[openssl-dev] [openssl.org #3461] PATCH: expanded explanation of PEM ENCRYPTION

fixed with 6c884ed. thanks! we also bad code style (plaintext private keys) and the netscape_cert routines. -- Rich Salz, OpenSSL dev team; rs...@openssl.org - http://rt.openssl.org/Ticket/Display.html?id=3461 Please log

[openssl-dev] [openssl.org #2890] ERR_string_error passes wrong buffer size

fixed in 6c884ed. also added more words about "use the safer routine err_string_eror_n" :) -- Rich Salz, OpenSSL dev team; rs...@openssl.org - http://rt.openssl.org/Ticket/Display.html?id=2890 Please log in as guest with

[openssl-dev] [openssl.org #2024] [doc bug] missing .pods

fixed in 6c884ed by removing the "see also" to non-existant pages. some aren't appropriate for public docs, and some still need to be written, but at least the docs are accurate now. -- Rich Salz, OpenSSL dev team; rs...@openssl.org

[openssl-dev] [openssl.org #4291] [PATCH] <-help> option in man pages

fixed in master with 0ae9e2926654657862e104a111a4e3028b0be8f6 thanks! -- Rich Salz, OpenSSL dev team; rs...@openssl.org - http://rt.openssl.org/Ticket/Display.html?id=4291 Please log in as guest with password guest if

[openssl-dev] [openssl.org #4255] OpenSSL-1.1.0-pre2 failures using MinGW-W64

    Hi, Got suggestion from Viktor Szakats (https://github.com/vszakats) concerning OpenSSL build errors using MinGW-W64 with  -std=c11 parameter: == [snip] The error details indicate that some source code is not compliant with the C11 standard

[openssl-dev] [openssl.org #4291] [PATCH] <-help> option in man pages

Hi, [-help] option in most of the commands documentation was missing and in ciphers and rehash commands it was wrongly specified as [-h], which is not considered as a valid option. I have create the below pull request with the changes. Please have a look.

[openssl-dev] [openssl.org #4260] [PATCH] Update the return value documented for X509_REQ_sign and X509_sign

fixed in master with 6c884ed thanks! -- Rich Salz, OpenSSL dev team; rs...@openssl.org - http://rt.openssl.org/Ticket/Display.html?id=4260 Please log in as guest with password guest if prompted

[openssl-dev] [openssl.org #4240] Document some of the speed options

fixed in master with 6c884ed thank you! -- Rich Salz, OpenSSL dev team; rs...@openssl.org - http://rt.openssl.org/Ticket/Display.html?id=4240 Please log in as guest with password guest if prompted

Re: [openssl-dev] [openssl.org #3964] Fix OPENSSL_NO_STDIO build

On Thu, 2016-02-04 at 03:04 +, Rich Salz via RT wrote: > So guys, sorry for dropping the ball. Where are we on this now? Dropping rt@ since the OPENSSL_NO_STDIO build is actually solved now so RT#3964 looks like it can be closed. I'm choosing to interpret your question in the wider sense of

[openssl-dev] [openssl.org #4175] Add new macro or PKCS7 flag to disable the check for both data and content

can you make a PR (separate from the one you have for UEFI) that does the right thing? Or attach it to this ticket? I've kinda lost track :( -- Rich Salz, OpenSSL dev team; rs...@openssl.org -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4175 Please log in as guest with password

[openssl-dev] [openssl.org #4087] Patch for openssl_1_0_2 link failure when OPENSSL_NO_SHA512 defined

Can you re-org the patch so that it doesn't break into the middle if a compound statement? (across the else) thanks. -- Rich Salz, OpenSSL dev team; rs...@openssl.org -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4087 Please log in as guest with password guest if prompted --

Re: [openssl-dev] [openssl.org #4175] Add new macro or PKCS7 flag to disable the check for both data and content

On Fri, 2016-02-05 at 17:31 +, Salz, Rich via RT wrote: > And update the PR to say that it also closes this ticket :) Well, it can be a separate PR if the first is already merged... -- dwmw2 -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4175 Please log in as guest with

Re: [openssl-dev] [openssl.org #4175] Add new macro or PKCS7 flag to disable the check for both data and content

On Fri, 2016-02-05 at 17:31 +, Salz, Rich via RT wrote: > And update the PR to say that it also closes this ticket :) Well, it can be a separate PR if the first is already merged... -- dwmw2 smime.p7s Description: S/MIME cryptographic signature -- openssl-dev mailing list To

[openssl-dev] [openssl.org #4292] SSL_CTX_set_mode.pod:101: Unknown command paragraph "======"

OpenSSL 1.1.0 produces the error SSL_CTX_set_mode.pod:101: Unknown command paragraph "==" during "make install". It looks like line 101 is indeed an unintended addition introduced by https://github.com/openssl/openssl/commit/bc8857bf70f5428bc2f0d26162ed59e3abb11fb1 The error does

[openssl-dev] [openssl.org #1596] Re: wrong AKI in cert

we updated the doc in commit 724a1d2 for master. closing ticket. -- Rich Salz, OpenSSL dev team; rs...@openssl.org -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=1596 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe:

[openssl-dev] [openssl.org #4292] SSL_CTX_set_mode.pod:101: Unknown command paragraph "======"

fixed in commit 0dc2255 thanks -- Rich Salz, OpenSSL dev team; rs...@openssl.org -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4292 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe:

Re: [openssl-dev] [openssl.org #4175] Add new macro or PKCS7 flag to disable the check for both data and content

And update the PR to say that it also closes this ticket :) -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4175 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl.org #4175] Add new macro or PKCS7 flag to disable the check for both data and content

On Fri, 2016-02-05 at 17:20 +, Rich Salz via RT wrote: > can you make a PR (separate from the one you have for UEFI) that does > the right > thing? Or attach it to this ticket? > I've kinda lost track :( Oops, forgot this one in the set of patches I lined up today. Will add it.  -- dwmw2

Re: [openssl-dev] [openssl.org #3528] [PATCH] ssl: SSL_MODE_ASYNC_KEY_EX

Matt, I have looked through the APIs. Will have to experiment with them somewhen later to see how well they will perform, but from theoretical point of view I am a bit scared of having 2 fds (and one ucontext) for every job in a pool. It seems like this could be a bit of burden in event-loop

[openssl-dev] [openssl.org #4070] OpenSSL 1.0.1p bug and suggested fix: su-filter.pl regex for struct/union definitions also matches other code

fixed in master (not worth backporting) commit 2b52de9 -- Rich Salz, OpenSSL dev team; rs...@openssl.org -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4070 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe:

Re: [openssl-dev] [openssl.org #3528] [PATCH] ssl: SSL_MODE_ASYNC_KEY_EX

On 05/02/16 22:42, Fedor Indutny wrote: > Matt, > > I have looked through the APIs. Will have to experiment with them > somewhen later to see how well they will perform, but from theoretical > point of view I am a bit scared of having 2 fds (and one ucontext) for > every job in a pool. It seems

Re: [openssl-dev] [openssl.org #3528] [PATCH] ssl: SSL_MODE_ASYNC_KEY_EX

On 05/02/16 22:42, Fedor Indutny wrote: > Matt, > > I have looked through the APIs. Will have to experiment with them > somewhen later to see how well they will perform, but from theoretical > point of view I am a bit scared of having 2 fds (and one ucontext) for > every job in a pool. It seems

Re: [openssl-dev] [openssl.org #3528] [PATCH] ssl: SSL_MODE_ASYNC_KEY_EX

On Fri, Feb 5, 2016 at 7:14 PM, Matt Caswell wrote: > > > On 05/02/16 22:42, Fedor Indutny wrote: > > Matt, > > > > I have looked through the APIs. Will have to experiment with them > > somewhen later to see how well they will perform, but from theoretical > > point of view I

Re: [openssl-dev] [openssl.org #3528] [PATCH] ssl: SSL_MODE_ASYNC_KEY_EX

On Fri, Feb 5, 2016 at 7:14 PM, Matt Caswell wrote: > > > On 05/02/16 22:42, Fedor Indutny wrote: > > Matt, > > > > I have looked through the APIs. Will have to experiment with them > > somewhen later to see how well they will perform, but from theoretical > > point of view I