[openssl-dev] [openssl.org #4101] [PATCH] Doc clarification for EVP_DigestVerifyFinal

Minor doc clarification: https://github.com/openssl/openssl/pull/446 I embarrassingly misread the previous documentation to indicate that 0 was a failure and other values mean success and figured others might do the same. Cheers, Adam ___

[openssl-dev] [openssl.org #4041] [PATCH] Add Certificate Transparency Support

First of a series of patches to add comprehensive Certificate Transparency support to OpenSSL. Splitting into chunks to help review process. The first sets of patches will add private API surface only. Later patches will add tests and public API surface. Many thanks to Rob Stradling and Dr.

[openssl-dev] [openssl.org #3984] [PATCH] Fix clang compiler warning where %ld is used for uint64_t on Mac OS X

See PR: https://github.com/openssl/openssl/pull/362 I'm really not sure if this is the best fix or not (or even if it is reliable on older platforms) - but it cleared the error on my Mac OS X system, and didn't appear to cause any issues on an Ubuntu or FreeBSD distribution I tested on and I

[openssl-dev] [openssl.org #3981] [PATCH] Fix clang uninitialized variable warning

Trivial patch, see PR: https://github.com/openssl/openssl/pull/361 ___ openssl-bugs-mod mailing list openssl-bugs-...@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod___ openssl-dev

[openssl-dev] [openssl.org #3980] [PATCH] Fix BIO_get_accept_socket so that port-only input works on FreeBSD

Please refer to linked PR: https://github.com/openssl/openssl/pull/359 Without this fix an OCSP responder started as openssl ocsp -port xxx will cause openssl s_server -status calls to hang on FreeBSD. I'm not 100% sure this is the right overall fix... my knowledge here is weak, but it is

[openssl-dev] [openssl.org #3982] [PATCH] Fix unhandled error condition in sslv2 client hello parsing

--strict-warnings started showing warnings for this today... My guess is that an error should be raised if these reads fail? I don't believe any of these are optional. PR: https://github.com/openssl/openssl/pull/360 ___ openssl-bugs-mod mailing list

[openssl-dev] [openssl.org #3961] [PATCH] Fix broken argument parsing for genrsa

Hi r...@openssl.org, Please see linked pull request for a small patch to fix various argument parsing issues noticed in genrsa and also some other tools: https://github.com/openssl/openssl/pull/339 Cheers, Adam ___ openssl-bugs-mod mailing list

[openssl-dev] [openssl.org #3962] [PATCH] Fix behavior of unspecified number of requests for OCSP responder

Documentation states that -nrequest pnum Number of requests to accept (default unlimited), but in practice not specifying -nrequest would have the affect of accepting only 1 request. Pull request to fix behavior to match docs: https://github.com/openssl/openssl/pull/343

[openssl-dev] [openssl.org #3963] [PATCH] Fix -rev, -www and -WWW modes to also allow OCSP-stapled responses

openssl s_server ignores all OCSP-stapling options if -rev, -www or -WWW are enabled. Fix by moving initialization of CTX to outside of the callback. At same time also set options on ctx2 if available (matching how other ctx options are set). See pull request: