Re: [openssl-dev] [openssl.org #4540] openssl make test

Would be great to have updated source tarball. > On May 13, 2016, at 01:34, Viktor Dukhovni wrote: > > On Thu, May 12, 2016 at 09:58:25PM +, Stephen Henson via RT wrote: > >> It's caused by the S/MIME test certificates expiring. This is fixed in commit >>

Re: [openssl-dev] [openssl.org #4540] openssl make test

On Thu, May 12, 2016 at 09:58:25PM +, Stephen Henson via RT wrote: > It's caused by the S/MIME test certificates expiring. This is fixed in commit > 24762dee178bace3c3 either apply that, use a recent snapshot or just copy the > test/smime-certs directory from a recent snapshot. It might make

[openssl-dev] [openssl.org #4540] openssl make test

It's caused by the S/MIME test certificates expiring. This is fixed in commit 24762dee178bace3c3 either apply that, use a recent snapshot or just copy the test/smime-certs directory from a recent snapshot. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now

[openssl-dev] [openssl.org #4356] 64-bit OS X on x86_64 misidentified as i686

Hi, FYI, the changes were merged into master earlier today. I'm closing this ticket now, please open a new one should there be any new problems. Cheers, Richard On Tue May 10 21:32:05 2016, levitte wrote: > Hey > > Would you mind having a look at https://github.com/openssl/openssl/pull/1053 >

[openssl-dev] [openssl.org #4217] Fixing DJGPP port of openssl master branch.

On Thu May 12 19:44:04 2016, juan.guerr...@gmx.de wrote: > Hello Richard, > > I have verified that every thing works flawlessly. Please feel free > to go ahead > and merge the DJGPP specific changes. Flawlessly, I like the sound of that! Thank you for confirming, it's now been merged into master.

[openssl-dev] [openssl.org #4320] [Patch] OpenSSL 1.1.0-pre3: "unable to load Key" error in PEM_get_EVP_CIPHER_INFO()

closing per OP; we fixed the bug. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4320 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] use of X.509 lookup methods, X509_OBJECT internal or opaque?

Salz, Rich wrote: Can you look at https://github.com/openssl/openssl/pull/1044 [SNIP ] I pushed a new version that adds your feedback. 10x, it's fine by me. Roumen -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl.org #4217] Fixing DJGPP port of openssl master branch.

Am 10.05.2016 14:51, schrieb Richard Levitte via RT: > Hi Juan, > > sorry that I lost track of this, and thank you Matt for the ping. > > I've made this a github PR, here: https://github.com/openssl/openssl/pull/1050 > > Could you verify that it still works correctly? Or anyone else that's >

[openssl-dev] [openssl.org #4522] Update to openssl.spec supplied with 1.0.1s

It just got merged into the 1.0.2 branch. Closing this ticket. Cheers, Richard On Thu May 12 15:27:44 2016, levitte wrote: > If you want to make a quick test, the changes are found on github, in > this pull > request: > https://github.com/openssl/openssl/pull/1058 > > On Thu May 12 15:21:17

Re: [openssl-dev] Signing Internet-Drafts and RFCs

> > It would show up a release after 1.1, but it would be in a regular release. > > s/1.1/1.2/ No, it would be in a release after 1.1 :) Maybe that's 1.1.1 or maybe that's 1.2, we haven't figured it out yet. -- openssl-dev mailing list To unsubscribe:

Re: [openssl-dev] [openssl.org #1298] OpenSSL bug in libcrypto.so:RAND_poll() crashes apache2 @ startup

On Monday 09 May 2016 15:05:32 Salz, Rich via RT wrote: > It's probably not an issue because the number of file descriptors has > increased on the native O/S's. But "file descriptor exhaustion" is > still an issue for RNG's (google it) and we should keep it in mind > for the future. What's the

[openssl-dev] [openssl.org #4522] Update to openssl.spec supplied with 1.0.1s

If you want to make a quick test, the changes are found on github, in this pull request: https://github.com/openssl/openssl/pull/1058 On Thu May 12 15:21:17 2016, levitte wrote: > Ok. > > FYI, we decided to remove openssl.spec from master (i.e. upcoming > 1.1.0), as it > really belongs with the

[openssl-dev] [openssl.org #4522] Update to openssl.spec supplied with 1.0.1s

Ok. FYI, we decided to remove openssl.spec from master (i.e. upcoming 1.1.0), as it really belongs with the packagers rather than with us. The 1.0.1 series will not be fixed, as it's at its last year before EOL, and we only do security fixes on it. The 1.0.2 series is a viable target, though, and

Re: [openssl-dev] Signing Internet-Drafts and RFCs

On May 12, 2016, at 10:52 AM, Salz, Rich wrote: > >> (2) We need to validate signatures on I-Ds and RFCs with the standard >> release. I’m okay with needing 1.1 or later, but I’m not okay with users >> having to fetch a special version. > > It would show up a release after

Re: [openssl-dev] Signing Internet-Drafts and RFCs

> (2) We need to validate signatures on I-Ds and RFCs with the standard > release. I’m okay with needing 1.1 or later, but I’m not okay with users > having to fetch a special version. It would show up a release after 1.1, but it would be in a regular release. -- openssl-dev mailing list To

Re: [openssl-dev] Signing Internet-Drafts and RFCs

Three points: (1) There may be people willing to work on code at the hackathon. I have not looked around too much, but I could do that depending on the response to the second point. (2) We need to validate signatures on I-Ds and RFCs with the standard release. I’m okay with needing 1.1 or

Re: [openssl-dev] Signing Internet-Drafts and RFCs

On 12 May 2016 at 13:44, Dr. Stephen Henson wrote: > On Thu, May 12, 2016, Matt Caswell wrote: > > > > > > > On 11/05/16 22:03, Russ Housley wrote: > > > Today, the IETF uses OpenSSL to digitally sign Internet-Drafts. If > > > you care about the details, please see RFC 5485.

[openssl-dev] [openssl.org #4207] engine key format in 1.1

The remaining cases should be fixed now by commit d18ba3cc36d5fed032d. Thanks for the report. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4207

[openssl-dev] [openssl.org #4403] [PATCH] prevent OPENSSL_realloc() from clobbering old pointer value on failure in OpenSSL-1.1 pre-4

Fixed now, along with a few similar cases. Thanks for the report. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4403 Please log in as guest with

[openssl-dev] [openssl.org #4246] OpenSSL-1.1-pre2 openssl req fails to use engine

Fixed now, thanks for the report. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4246 Please log in as guest with password guest if prompted --

[openssl-dev] [openssl.org #4438] GOST ciphersuites and DTLS

Fixed now, thanks for the report. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4438 Please log in as guest with password guest if prompted --

Re: [openssl-dev] Signing Internet-Drafts and RFCs

So Matt already mentioned that it's too late for our upcoming 1.1 release. But do you think there'd be interest in adding this at an IETF hackathon? I can be there FWIW. Keeping a separate ietf-openssl branch that has the changes, for example, shouldn't be onerous. -- Senior Architect,

Re: [openssl-dev] Signing Internet-Drafts and RFCs

On Thu, May 12, 2016, Matt Caswell wrote: > > > On 11/05/16 22:03, Russ Housley wrote: > > Today, the IETF uses OpenSSL to digitally sign Internet-Drafts. If > > you care about the details, please see RFC 5485. > > > > We are looking to expand Internet-Draft signing, and start signing > >

[openssl-dev] [openssl.org #4104] A bug in the crl2pkc7 command in master

On Wed Oct 21 19:41:57 2015, beld...@gmail.com wrote: > Hello, > > I've found a bug in the crl2pkc7 command in the master branch. > > openssl crl2pkcs7 -in test.crl -certfile cert.pem -out p7.pem > > Output: > > error opening the file, -in > error loading certificates >

[openssl-dev] [openssl.org #3994] make clean leaves extra files

Dmitry reports this as fixed. Closing ticket. Matt -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=3994 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] Signing Internet-Drafts and RFCs

On 11/05/16 22:03, Russ Housley wrote: > Today, the IETF uses OpenSSL to digitally sign Internet-Drafts. If > you care about the details, please see RFC 5485. > > We are looking to expand Internet-Draft signing, and start signing > RFCs as well. Someone has suggested that we support RFC 5126,