Found it very helpful and highly informative.
Thanks (again :-) Matt.
-Message d'origine-
De : openssl-dev [mailto:openssl-dev-boun...@openssl.org] De la part de Matt
Caswell
Envoyé : jeudi 4 mai 2017 15:22
À : openssl-us...@openssl.org; openssl-dev@openssl.org
Objet : [openssl-dev] Using
Hi,
SRP_VBASE_get1_by_user() was ADDED to 1.0.2g 1 march 2016 [CVE-2016-0798].
I remember it very well !
;-)
Michel
-Message d'origine-
De : openssl-dev [mailto:openssl-dev-boun...@openssl.org] De la part de
Salz, Rich via openssl-dev
Envoyé : vendredi 27 janvier 2017 19:49
À : Kaduk
Regards,
Michel.
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
, is not necessarily the main concern
of other people, it could be easier,
depending what will be implemented, to just have a new parameter (or another
command tool ?) able to separate raw encrypted data from all the new 'magic'
(kind of import/export).
Regards,
Michel.
--
openssl-dev mailing
> Can you open an issue for the manpage bug you found?
Yes, I will.
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Hi,
Looks like one of my previous mail (see below) was lost in the cloud ;-)
Might be helpfull to send it again here ?
Regards,
Michel
De : Michel [mailto:michel.sa...@free.fr]
Envoyé : samedi 19 novembre 2016 14:16
À : 'wiki-supp...@openssl.org'
Objet : wiki update
HI
And what about using FNV or CityHash ?
https://en.wikipedia.org/wiki/Fowler%E2%80%93Noll%E2%80%93Vo_hash_function
https://en.wikipedia.org/wiki/CityHash
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Can we assume it is temporary due to "the process of transitioning from NPN
to ALPN" mentioned in ssl_locl.h ?
Regards,
Michel.
cl /I "." /I "include" -DDSO_WIN32 -DOPENSSL_THREADS -DOPENSSL_NO_DYNAM
IC_ENGINE -DOPENSSL_PIC -DOPENSSL_BN_ASM_PART_WORD
Hi Andrew,
I seem to recall that depending of the OpenSSL version, there was issue with
CFB1 mode.
Michel.
-Message d'origine-
De : openssl-dev [mailto:openssl-dev-boun...@openssl.org] De la part de
?? ? via RT
Envoyé : lundi 7 novembre 2016 11:40
Cc : openssl-dev
Hi Andrew,
I seem to recall that depending of the OpenSSL version, there was issue with
CFB1 mode.
Michel.
-Message d'origine-
De : openssl-dev [mailto:openssl-dev-boun...@openssl.org] De la part de
?? ? via RT
Envoyé : lundi 7 novembre 2016 11:40
Cc : openssl-dev
using a buffer greater than needed).
Regards,
Michel.
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4628
Please log in as guest with password guest if prompted
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Hi David,
After checking you are obviously right.
Contrary to my belief, my internal buffer was always larger than the longest
line I read.
:-(
Sorry for the noise, but thanks David for the explanations.
It helps me to fix my software (even if I will keep some spare bytes for
some time)
;-(
--
Hi David,
After checking you are obviously right.
Contrary to my belief, my internal buffer was always larger than the longest
line I read.
:-(
Sorry for the noise, but thanks David for the explanations.
It helps me to fix my software (even if I will keep some spare bytes for
some time)
;-(
--
rwritten.
I certainly misunderstand something, but I will be happy to test again my
use case if it can be of any help.
Regards,
Michel.
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4628
Please log in as guest with password guest if prompted
--
openssl-dev mailing list
To unsubs
rwritten.
I certainly misunderstand something, but I will be happy to test again my
use case if it can be of any help.
Regards,
Michel.
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Not speaking for Greg, but for me, it is now working fine again.
Thanks Andy !
-Message d'origine-
De : openssl-dev [mailto:openssl-dev-boun...@openssl.org] De la part de Rich
Salz via RT
Envoyé : dimanche 31 juillet 2016 15:58
À : ghud...@mit.edu
Cc : openssl-dev@openssl.org
Objet :
Not speaking for Greg, but for me, it is now working fine again.
Thanks Andy !
-Message d'origine-
De : openssl-dev [mailto:openssl-dev-boun...@openssl.org] De la part de Rich
Salz via RT
Envoyé : dimanche 31 juillet 2016 15:58
À : ghud...@mit.edu
Cc : openssl-dev@openssl.org
Objet :
Hi,
Just to let you know that today's master fails to build when option
no-nextprotoneg is used.
Build stop when linking ssl_test.exe :
cl /I "." /I "include" /I "include" -DOPENSSL_USE_APPLINK
-DDSO_WIN32 -DNDEBUG -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE
-DOPENSSL_PIC
Cool !
Many thanks Steve.
-Message d'origine-
De : Stephen Henson via RT [mailto:r...@openssl.org]
Envoyé : mardi 10 mai 2016 17:00
À : michel.sa...@free.fr
Cc : openssl-dev@openssl.org
Objet : [openssl.org #4173] help to check whether handshake negociates SRP or
PSK ciphersuite
This
Hi,
I was not able to build today's git repo.
May not be what you would like to do, but the attached patch should fix
that.
Regards,
Michel
Microsoft (R) Windows (R) Resource Compiler Version 6.3.9600.17336
Copyright (C) Microsoft Corporation. All rights reserved.
link /nologo /debug
Hi Rich,
> OpenSSL doesn't promise to protect against all such errors :)
Really ? I'm a bit surprise that you don't care to allow to divide by zero...
Especially when it's not a big work to prevent such a case.
It's up to you.
> block size of zero is nonsensical
Zero is the block size returned
* ((saltlen + v - 1) / v);
Regards,
Michel.
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4514
Please log in as guest with password guest if prompted
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
And attached a better patch, with updated documentation and some test data.
-Message d'origine-
De : openssl-dev [mailto:openssl-dev-boun...@openssl.org] De la part de Michel
via RT
Envoyé : samedi 26 mars 2016 17:21
Cc : openssl-dev@openssl.org
Objet : Re: [openssl-dev] [openssl.org
it if some other
issue arises.
Regards,
Michel.
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4472
Please log in as guest with password guest if prompted
enc-fixes_v2-1.1.0.patch
Description: Binary data
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman
-612), and
only work with 'regular' files (disable the use of stdin) ?
Michel.
-Message d'origine-
De : openssl-dev [mailto:openssl-dev-boun...@openssl.org] De la part de Michel
via RT
Envoyé : vendredi 25 mars 2016 17:49
Cc : openssl-dev@openssl.org
Objet : Re: [openssl-dev
this in the documentation.
Can I expect my patch to be applied as this anyway ?
Would you prefered I remove the part concerning the wrap mode ?
Thanks again for any advice,
Regards,
Michel
-Message d'origine-
De : Stephen Henson via RT [mailto:r...@openssl.org]
Envoyé : vendredi 25 mars
>Ah, yes. But that person seems to be rather quiet since that post.
And I can understand why now that I read the answer of Steve about AEAD and
Wrap modes.
:-(
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Hi Mr. Blumenthal,
I believed there is someone else who should have almost finished at this
time :
https://mta.openssl.org/pipermail/openssl-dev/2016-January/004034.html
Regards,
Michel.
-Message d'origine-
De : openssl-dev [mailto:openssl-dev-boun...@openssl.org] De la part de
case the salt must be supplied as an argument (along with the same
iteration count). I also added support for PKCS5 v2.
The previous behavior of the command is not modified.
I didn't work on the AEAD ciphers problem as I know someone else applied for
this job.
Regards,
Michel.
--
Ticket here
> I will make this work with our perl-based test framework.
Whao, I will feel like a member of your gang now !
;-)
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4472
Please log in as guest with password guest if prompted
--
openssl-dev mailing list
To unsubscribe:
> I will make this work with our perl-based test framework.
Whao, I will feel like a member of your gang now !
;-)
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
and oddities fixes
for the enc command.
I am still testing them, but in a few hours it should be ready.
Regards,
Michel.
-Message d'origine-
De : Rich Salz via RT [mailto:r...@openssl.org]
Envoyé : jeudi 24 mars 2016 15:53
À : michel.sa...@free.fr
Cc : openssl-dev@openssl.org
Objet
and oddities fixes
for the enc command.
I am still testing them, but in a few hours it should be ready.
Regards,
Michel.
-Message d'origine-
De : Rich Salz via RT [mailto:r...@openssl.org]
Envoyé : jeudi 24 mars 2016 15:53
À : michel.sa...@free.fr
Cc : openssl-dev@openssl.org
Objet
OpenSSL 1.1.
Regards,
Michel.
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4472
Please log in as guest with password guest if prompted
raw128.dat
Description: Binary data
raw192.dat
Description: Binary data
raw256.dat
Description: Binary data
wrap-128-128.ok.enc
Hi Jeff,
In case it may still be usefull, I have updated the patch against today's git
repo.
I was able to build OpenSSL VC-WIN32 configured with no-nextprotoneg option.
Regards,
Michel.
no-nextproto-1.1.0.patch
Description: Binary data
--
openssl-dev mailing list
To unsubscribe: https
Hi Jeff,
Just for information, I send a patch and had a previous exchange about this
with Rich :
http://openssl.6102.n7.nabble.com/openssl-org-4178-patch-OpenSSL-1-1-0-fails-when-configure-with-no-nextproto-td61662.html
Regards,
Michel.
-Message d'origine-
De : openssl-dev
' option, but not since I reported this.
Did I miss something else ?
Regards,
Michel.
-Message d'origine-
De : openssl-dev [mailto:openssl-dev-boun...@openssl.org] De la part de
Richard Levitte
Envoyé : mercredi 16 mars 2016 23:37
À : openssl-dev@openssl.org
Objet : Re: [openssl-dev] configure
Hi,
As per my previous post, this is still the case with OpenSSL version 1.1.0
pre release 4.
The configure script generate the ntdll.mak file containing CFLAG* with
conflicting CRT switches.
De : openssl-dev [mailto:openssl-dev-boun...@openssl.org] De la part de
Michel
Envoyé : mardi 15
Well, I am not lucky !
For once that documentation exists and was recently updated, it is not
accurate :-(
I saw that '--classic' was temporary, but I did not realize that an
alternative build scheme was already there for Windows.
You cannot imagine how many times I have manually modified the
I just would like to add that, for me,
'CALL ms\do_nasm'
is part of the 'configure scripts'.
Please excuse my poor english,
Michel
-Message d'origine-
De : openssl-dev [mailto:openssl-dev-boun...@openssl.org] De la part de
Richard Levitte
Envoyé : mercredi 16 mars 2016 23:37
À
Hi Matt,
Thank you very much for keeping me informed !
Regards,
Michel.
-Message d'origine-
De : openssl-dev [mailto:openssl-dev-boun...@openssl.org] De la part de Matt
Caswell
Envoyé : jeudi 17 mars 2016 10:37
À : openssl-dev@openssl.org
Objet : Re: [openssl-dev] libcryto 1.1 leaks
> Looks like some of these options are broken on Windows.
Ouf,
In some ways, that's good to hear.
:-)
I tried the patch and I was able to build the shared, debug and release
version of OpenSSL 1.1.
I was able to fully appreciate the new build system.
Thanks Matt, merci bien Richard,
Mic
Hi Richard,
Looks like my answer, with the files attached, is waiting for approval.
Regards.
-Message d'origine-
De : Michel [mailto:michel.sa...@free.fr]
Envoyé : jeudi 17 mars 2016 01:03
À : 'openssl-dev@openssl.org'
Objet : RE: [openssl-dev] configure results in conflicting CRT
11.exe!OTLS::TLSCtx::SetMinTLSVer() + 0x9 bytes
p:\mes programmes\tests\_testsshared\teststls-11\testtls.cpp (63):
TestsTLS-11.exe!main() + 0xC bytes
f:\dd\vctools\crt\crtw32\startup\crt0.c (165):
TestsTLS-11.exe!mainCRTStartup()
Regards,
Michel
--
openssl-dev mailing list
To
Hello again Richard,
And thanks for your help and answers.
but as I said, I am not lucky at all :-(
Hope I am not again missing something, I would not be particularly proud to
win the trophy of the dumbest user on this list ;-)
Doing :
PERL Configure no-rc2 no-rc5 no-md2 no-md4 no-ssl3 no-comp
Hi,
Just to let you know that conflicting CRT switches are produced when
configure for Windows DLL :
cl : Command line warning D9025 : overriding '/MD' with '/MT'
(and ct_test.exe can't be linked)
Regards.
--
openssl-dev mailing list
To unsubscribe:
grammes\shared\ocrypto-11\pkcs12.cpp (31):
TestsCrypto-11.exe!OCrypto::PKCS12Load() + 0xB bytes
p:\mes programmes\tests\_testsshared\testscrypto-11\testscrypto.cpp
(392): TestsCrypto-11.exe!main() + 0x17 bytes
f:\dd\vctools\crt\crtw32\startup\crt0.c (165):
TestsCrypto-11.exe!mainCRTStartup()
t is not clear to me :
Are locking callbacks() still needed with OpenSSL 1.1 ?
Thanks,
Michel.
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Hi,
Just to let you know that the links to EVP_PKEY_HKDF and EVP_PKEY_TLS1_PRF
are not [yet ?] operational.
https://www.openssl.org/docs/manmaster/apps/pkeyutl.html
Regards,
Michel.
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
penssl.org/pipermail/openssl-dev/2015-March/001015.html
https://mta.openssl.org/pipermail/openssl-bugs-mod/2015-December/000279.html
This is s a further demonstration that I still have to improve my english !
;-)
Regards,
Michel.
--
openssl-dev mailing list
To unsubscribe: https://mta.o
Hi,
FWIW, trying the exact same configure commands on OpenSSL 1.0.2f :
perl Configure VC-WIN32 no-asm --prefix=
ms\do_ms
nmake -f ms\ntdll.mak
I was NOT able to reproduce the problem under Windows 7 64 bits using Visual
Studio 2013 and Perl 5.22.1.
Everything goes fine.
Michel
Hi Viktor,
With your patch applied, I can confirm that the 'req' command now run just
fine.
Thanks,
Michel.
-Message d'origine-
De : openssl-dev [mailto:openssl-dev-boun...@openssl.org] De la part de
Viktor Dukhovni
Envoyé : lundi 29 février 2016 19:00
À : openssl-dev@openssl.org
exe!do_cmd(lhash_st_FUNCTION * prog, int argc, char * * argv) Line
620C
openssl.exe!main(int argc, char * * argv) Line 324 C
Let me know if I can help more.
Regards,
Michel.
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Yes !
With your 2 patches applied, tls_decrypt_ticket.patch and
fix-win-thread-stop.patch,
(looks like I lost the first one yesterday),
none of my tests programs using libSSL v1.1 reports leaks.
I feel better. :-)
Thank you Matt.
Regards,
Michel.
-Message d'origine-
De : openssl-dev
Hi Matt,
Here under is the new results after applying your patch.
Let me know anything I could do to investigate deeper.
Regards,
Michel.
Thread serveur 5324 demarre
Thread client 6348 demarre
OPENSSL_INIT: ossl_init_base: Setting up stop handlers
OPENSSL_INIT: ossl_init_add_all_ciphers
function.
Michel.
-Message d'origine-
De : openssl-dev [mailto:openssl-dev-boun...@openssl.org] De la part de Matt
Caswell
Envoyé : mercredi 17 février 2016 17:23
À : openssl-dev@openssl.org
Objet : Re: [openssl-dev] memory leaks detected using libSSL 1.1
> Am I missing anything e
Hi Matt,
Yes I am linking statically and I read the man about OPENSSL_init_crypto(),
thanks.
However I still have leaks reported.
:-(
What I have changed to adapt to v1.1 is calling OPENSSL_thread_stop() in
each thread before it leaves,
instead of ERR_remove_thread_state( NULL ),
and I am
.
Leaks are detected only when a client handshake with the server.
I might be wrong, but I do not think this is a false positive.
Could you please have a look at the informations below and share your
feelings ?
Regards,
Michel.
Windows _CrtDumpMemoryLeaks() output :
Detected memory
,
Michel.
Detected memory leaks!
Dumping objects ->
{4383} normal block at 0x006472C8, 8 bytes long.
Data: <> 00 00 00 00 01 00 00 00
{4381} normal block at 0x00646B48, 12 bytes long.
Data: < od } > D8 6F 64 00 00 00 00 00 20 7D 00 00
{4379} normal block at 0x00647248
, Michel wrote:
> Hi,
>
>
>
> I have a test program which is failing using version 1.1 because
> PKCS12_Parse() doesn't return the certificate, just the key. No error
> is signaled.
>
> I supposed it is not intended. Is it work in progress ?
>
That's a bug w
: 6E D1 .
Key Attributes:
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
-BEGIN ENCRYPTED PRIVATE KEY-
...
-END ENCRYPTED PRIVATE KEY-
Regards,
Michel
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
ucceeds.
Regards,
Michel.
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
|
SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
(server side).
Let me know if you need more informations.
Regards,
Michel
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
round the SECLEVEL=... keyword that I
completely missed.
Regards,
Michel.
-Message d'origine-
De : openssl-dev [mailto:openssl-dev-boun...@openssl.org] De la part de
Viktor Dukhovni
Envoyé : lundi 25 janvier 2016 15:55
À : openssl-dev@openssl.org
Objet : Re: [openssl-dev] s_client
ssl/SSL_set_security_level.html
> this is a good time to discuss whether @SECLEVEL should have any bearing
on aNULL support.
Unfortunatly, I have no valuable opinion, but I would be pleased to read
about arguments that will be discussed on this list.
Thanks again,
Michel.
-Message d'origine-
De : o
> And did you have problems with the x86 compiler too? Did you try the x64
version also?
No, I didn't try the x64 version.
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Hi,
FWIW I encountered the same problem last week with the statem_srvr.c.
I undestood that it was a compiler bug, but suspected there was an
underlying problem with the source code, as usually it is error in MY code
that make the compiler crashes...
:-(
So I gave a try to Visual Studio Community
Hello,
When the -s option is used with the 'ciphers' command (version 1.1) , the
SRP suites are not listed.
Here attached is a proposed patch, based on what you did for PSK.
Regards,
Michel.
srp-ciphers.patch
Description: Binary data
___
openssl
wants to do. But it is just my opinion.
Thanks again,
Regards,
Michel
-Message d'origine-
De : openssl-dev [mailto:openssl-dev-boun...@openssl.org] De la part de Michel
via RT
Envoyé : jeudi 10 décembre 2015 23:37
Cc : openssl-dev@openssl.org
Objet : [openssl-dev] TR: [openssl.org #4172
Hi,
When configured with the no-nextproto option, compilation fails (OpenSSL
1.1.0, Windows 7 64).
This updated patch just add a #ifdef directive around targeted lines.
Regards,
Michel.
no-nextproto-1.1.patch
Description: Binary data
___
openssl
: [openssl-dev] [openssl.org #4172] SRP VBASE stuff still leaking
memory
On Thu, Dec 10, 2015 at 01:16:48PM +0100, Kurt Roeckx wrote:
> On Mon, Dec 07, 2015 at 03:47:56PM +0000, Michel via RT wrote:
> > Hi,
> >
> > Following my previous mail, here attached is an updated patch
>
additional info :
I am working with Visual Studio 2015 community Ed., under Windows 7, OpenSSL
1.0.2e.
Thanks again,
Regards,
Michel
-Message d'origine-
De : Kurt Roeckx via RT [mailto:r...@openssl.org]
Envoyé : jeudi 10 décembre 2015 13:28
À : michel.sa...@free.fr
Cc : openssl-dev
Hi Kurt,
At first glance, it's a fact that your patch is better.
:-)
I should have thought to some of your improvement, like SRP_gN_new().
I will test it tonight and come back to you.
Many for thanks for your interrest in this matter,
Michel.
-Message d'origine-
De : Kurt Roeckx via
Hi Kurt,
At first glance, it's a fact that your patch is better.
:-)
I should have thought to some of your improvement, like SRP_gN_new().
I will test it tonight and come back to you.
Many for thanks for your interrest in this matter,
Michel.
-Message d'origine-
De : Kurt Roeckx via
elsewhere by OpenSSL.
Regards,
Michel.
De : openssl-dev [mailto:openssl-dev-boun...@openssl.org] De la part de
Michel
Envoyé : lundi 23 mars 2015 12:10
À : openssl-dev@openssl.org
Objet : [openssl-dev] SRP memory leaks and more leaks
Hi,
Trying to use the 'SRP' code, I found two kinds of memory
d
against NULL pointer dereference of SSL_CIPHER *c as in
SSL_CIPHER_get_bits() or SSL_CIPHER_get_name().
A patch against 1.0.2e is attached, but need update of .def ordinals.
Thanks for your work,
Michel
ssl_ciph-1.0.2e.patch
Description: Binary data
__
Message d'origine
De : Markus Rinne via RT r...@openssl.org
Date :24/08/2015 17:42 (GMT+01:00)
A :
Cc : openssl-dev@openssl.org
Objet : [openssl-dev] [openssl.org #4019] [PATCH] dgst.pod: Remove
redundant documentation of -hmac
Option -hmac was documented
Hi Julius,
I am afraid this is not related to the 'dev' list.
Did you try to modify the order of your header files as mentioned on several
other forums ?
http://comments.gmane.org/gmane.comp.encryption.openssl.devel/14135
(and include WinSock2.h before windows.h)
Regards,
Michel
Hi Julius,
I am afraid this is not related to the 'dev' list.
Did you try to modify the order of your header files as mentioned on several
other forums ?
http://comments.gmane.org/gmane.comp.encryption.openssl.devel/14135
(and include WinSock2.h before windows.h)
Regards,
Michel
the version of
OpenSSL ?
Regards,
Michel.
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
line 449
:(
Hope this will save time to other users,
Michel.
srp_vfy.patch
Description: Binary data
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Hi,
When configured with the no-engine option, compilation fails (OpenSSL
1.0.2a, Windows 7 64).
This patch moves up some #include directives (as suggested by other people
on the InterNet).
engines.patch
Description: Binary data
___
openssl-dev
Hi,
When configured with the no-nextproto option, compilation fails (OpenSSL
1.0.2a, Windows 7 64).
This patch just add a #ifdef directive around targeted line.
Regards,
Michel.
no-nextproto.patch
Description: Binary data
___
openssl-dev
TLSEXT_TYPE_next_proto_neg:
#endif
Best regards,
Michel.
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reading at previous post of Mr. Seth Schoen about using 40 bits RC2 for
the smime utility, it comes to my mind that PKCS12_create() also default
to RC2, even when OpenSSl is compile with -no-rc2 command line option.
I do not know what is the best solution, but I am guessing it is not as
Hello Daniel,
Starting with the source code of one of the command line tools (in apps
subdir) may be a good idea.
Le 05/05/2014 22:50, Daniel Hamacher a écrit :
Hi,
I am reading the mailing list for a week now and I would like to
contribute in the near future. I can only imagine how
With this patch, I am afraid in case of error, the context will not be
cleaned up.
Shouldn't the line :
EVP_MD_CTX_cleanup(ctxt);
be moved inside the 'err:' block ?
Le 10/01/2014 09:54, Florian Zumbiehl via RT a écrit :
---
crypto/srp/srp_lib.c | 27 ---
1 files
Your very good explanation makes me realised I was shortsighted.
Now I understand and share your point of view.
Thanks all for your interresting comments.
Le 28/08/2013 06:09, Yuan Kang a écrit :
I believe the masking part is there because of the UTF-8 standard:
themselves.
-Original Message-
From: owner-openssl-...@openssl.org [mailto:owner-openssl-...@openssl.org] On
Behalf Of Michel
Sent: Thursday, August 22, 2013 11:44 AM
To: openssl-dev@openssl.org
Subject: UTF8 decoding, unneeded byte masking
In a_utf8.c, lines 85 and 86 (1.0.1e) :
...
if((*p
I forgot to mention that, even though performance is not my concern
here, I do appreciate your comments on that matter.
Le 27/08/2013 11:13, Michel a écrit :
Thanks for your comment,
but no, I didn't talk about performance.
I understand this is not very costly, especially compared with other
In a_utf8.c, lines 85 and 86 (1.0.1e) :
...
if((*p 0x80) == 0) { // as this byte looks like :
0xxx
value = *p++ 0x7f; // this line could as well be
written : value = *p++;
...
If I don't miss something, it would seems clearer to me.
Sorry,
what I intended to say is : ... struggle/fight against *OUR OWN* laziness ...'
( I am famous to do much more 'bugs' using English langage than with C/C++ )
Anyway, still valuable document :
http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf
especially the 5 lessons at the second page.
***
Thanks for the link.
Actually interresting with good advices.
It reminds us that a secure lib is not enough, we have to fight
themselves against too much lazyness or negligence.
Le 22/10/2012 20:56, toorandom a écrit :
What do you think?
Hi,
Shouldn't there be a SRP_VBASE_free() call somewhere in s_server.c ?
At least for freeing the data allocated by the SRP_VBASE_new() call :
openssl 1.0.1c, apps/s_server.c line 1849 :
#ifndef OPENSSL_NO_SRP
if (srp_verifier_file != NULL)
{
srp_callback_parm.vb =
I understand your point, but this code is involved in a common and
standard openssl tool (s_server).
And because of the lack of documentation, a lot of people searches in it
how to use the API.
IMHO, it would have been greatly appreciated if it was done a little
'slower'.
;-)
Thanks anyway
Hi,
we need to check which encryption method is used in the ocsp response. The
output only says valid. How can we enable to print such status messages?
Any help would be appreciated!
Kind regards
Michel Pittelkow
Hi,
we need to check which encryption method is used in the ocsp response. The
output only says valid. How can we enable to print such status messages?
Any help would be appreciated!
Mit freundlichen Grüßen / Kind regards
Michel Pittelkow
IT-Dienstleistungen: beraten | planen | umsetzen
for
both Makefile.
An unrelated wish : it would be nice to be able to pass to configure -rpath
directive. It doesn't seem possible or I didn't find it in the
documentation.
Good luck.
Michel
*
* Michel Jouvin
]
--
Michel Labarre
Helicom
232, rue de la croix blanchot 77750 BASSEVELLE
Tel. +33 1 60 22 52 15
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED
It was a bug of PHP ...
I have informed them about this and a this problem has been corrected in the latest
CVS.
See this for more information :
http://bugs.php.net/bug.php?id=18295
Thanks for your help.
Michel.
Lutz Jaenicke via RT wrote:
On Fri, Jul 12, 2002 at 05:55:20PM +0200, Michel
1 - 100 of 102 matches
Mail list logo
