Re: [openssl-dev] [openssl.org #4215] Results of regression for some apps

Dear Stephen, On Tue, May 17, 2016 at 3:26 AM, Stephen Henson via RT wrote: > On Mon May 16 22:17:57 2016, beld...@gmail.com wrote: > > Dear Stephen, > > > > There was one more bugreport merged to this ticket regarding the OCSP > > (#4216). > > Could you take a look at it? > >

Re: [openssl-dev] [openssl.org #4215] Results of regression for some apps

Dear Stephen, On Tue, May 17, 2016 at 3:26 AM, Stephen Henson via RT wrote: > On Mon May 16 22:17:57 2016, beld...@gmail.com wrote: > > Dear Stephen, > > > > There was one more bugreport merged to this ticket regarding the OCSP > > (#4216). > > Could you take a look at it? > >

[openssl-dev] Question on private_AES_set_decrypt_key "invert the order of the round keys"

Hi, In the function private_AES_set_decrypt_key, in aes_core.c, it inverts the order of the round keys before applying the MixColumn transform from low to high (excluding low and high, order doesn't really matter as each transformation is dependent only on the item in question). Then

[openssl-dev] [openssl.org #4215] Results of regression for some apps

On Mon May 16 22:17:57 2016, beld...@gmail.com wrote: > Dear Stephen, > > There was one more bugreport merged to this ticket regarding the OCSP > (#4216). > Could you take a look at it? > That should be fixed by commit 6302bbd21a79bd2ed Steve. -- Dr Stephen N. Henson. OpenSSL project core

Re: [openssl-dev] [openssl.org #4215] Resolved: Results of regression for some apps

Dear Stephen, There was one more bugreport merged to this ticket regarding the OCSP (#4216). Could you take a look at it? Thank you! On Mon, May 16, 2016 at 8:33 PM, Stephen Henson via RT wrote: > According to our records, your request has been resolved. If you have any >

Re: [openssl-dev] [openssl.org #2485] Heap walking in RAND_poll causes deadlock in process on Windows Server 2008 R2 (x64) that uses libCurl, OpenSSL and ADO

Thanks @mattcaswell for the review. Can I get another team member to look at pr-1079? On 5/16/2016 12:04 PM, Matt Caswell via RT wrote: Closing this ticket in favour of: https://github.com/openssl/openssl/pull/1079 -- openssl-dev mailing list To unsubscribe:

[openssl-dev] [openssl.org #2485] Heap walking in RAND_poll causes deadlock in process on Windows Server 2008 R2 (x64) that uses libCurl, OpenSSL and ADO

Closing this ticket in favour of: https://github.com/openssl/openssl/pull/1079 -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=2485 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe:

Re: [openssl-dev] [openssl.org #4471] 1.1.0-pre4 safestack.h compilation errors with -Wcast-qual

This is fixed, but there are similar problems that still exist, for example: — #include #include int main(int argc, char **argv) { return 0; } — clang -Wcast-qual -o foo.o foo.c -I openssl-SNAP-20160516/include/ In file included from foo.c:1: In file included from openssl-SNAP-20160516

[openssl-dev] [openssl.org #4215] Results of regression for some apps

On Sat May 14 21:43:05 2016, beld...@gmail.com wrote: > > Yes. The bug is still reproducable with the req command. > > To reproduce it, you need to specify the OPENSSL_CONF variable. > (You have to load the engine via config to enable the algorithms on > startup > of the openssl). > The engine you

[openssl-dev] [openssl.org #2459] ecdsa_method declaration prevents use in implementing a dynamic engine

This has been fixed in 1.1.0. Matt -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=2459 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #2622] Buffer overflow using UI_add_input_string

Fixed, both for upcoming 1.1.0 and for 1.0.2. On Mon May 16 13:42:16 2016, levitte wrote: > Fixing old ticket. > > https://github.com/openssl/openssl/pull/1077 > > On Fri Oct 14 18:14:51 2011, ramsd...@mitre.org wrote: > > TrouSerS is an open-source TCG Software Stack by IBM. It uses OpenSSL > >

Re: [openssl-dev] master failing unit tests inconsistently?

On 16/05/16 15:57, Matt Caswell wrote: > Yes, its a known issue. No fix as yet. Hopefully 6ae5452481 has fixed the issue. Matt > > Matt > > On 16/05/16 15:49, Short, Todd wrote: >> Hi openssl-dev: >> >> I’ve been running the master branch and have been noticing inconsistant >> unit tests

[openssl-dev] Need info on offloading TLS to hardware crypto accelerator

Hi, We have a HW IP block which implements TLS protocols cipher/hash offloading for TLS AEAD and TLS cipher's. Linux kernel doesn't support TLS in the kernel and hence can't access the HW IP block using linux kernel crypto framework. Any suggestions or information on implementing TLS offloading

Re: [openssl-dev] master failing unit tests inconsistently?

Yes, its a known issue. No fix as yet. Matt On 16/05/16 15:49, Short, Todd wrote: > Hi openssl-dev: > > I’ve been running the master branch and have been noticing inconsistant > unit tests results. It is failing on a number of tests, and has been for > several days. I’m using clang-3.6

[openssl-dev] master failing unit tests inconsistently?

Hi openssl-dev: I’ve been running the master branch and have been noticing inconsistant unit tests results. It is failing on a number of tests, and has been for several days. I’m using clang-3.6 (3.6.0-2ubuntu1~trust1) or gcc (4.84-2ubuntu1~14.04.01) on Linux 3.13-0-85-generic #129-Ubuntu.

[openssl-dev] [openssl.org #2590] change commonName entry for default openssl config file

There's no *requirement* in X.509 to have the host name in the CN. As a matter of fact, there are X.509v3 extensions that are better suited for this purpose. Closing ticket. On Wed Aug 31 07:03:17 2011, dtauerb...@gmail.com wrote: > Hi, > > This is just a minor thing that always bugs me whenever

[openssl-dev] [openssl.org #2611] [PATCH] Support of TLSv1 in s_time

Removing outdated ticket. On Fri Sep 23 09:03:13 2011, ber...@luffy.cx wrote: > Hi! > > When OpenSSL is compiled with SSLv2 disabled, s_time is not able to use > TLSv1 any more because it uses SSLv3_client_method(). This patch just > adds a "-tls1" switch to s_time, like s_client, to enable

[openssl-dev] [openssl.org #2612] Segfault protection in X509v3 extension API - PATCH

Old ticket, rejecting it. Those extension must be programmed correctly. On Fri Sep 23 09:08:53 2011, nick.le...@usa.g4s.com wrote: > Please find attached below a revised patch that provides further > protection against segmentation faults in the X509v3 extension API > > Best Regards > Nick > >

[openssl-dev] [openssl.org #2622] Buffer overflow using UI_add_input_string

Fixing old ticket. https://github.com/openssl/openssl/pull/1077 On Fri Oct 14 18:14:51 2011, ramsd...@mitre.org wrote: > TrouSerS is an open-source TCG Software Stack by IBM. It uses OpenSSL > to read passwords. The code in ssl_ui.c of the trousers library has a > buffer overflow. I suspect many