Re: [openssl.org #900] non portable additions to OpenSSL_0_9_7-stable

In message <[EMAIL PROTECTED]> on Mon, 21 Jun 2004 08:49:26 +0200 (METDST), "Tim Rice via RT" <[EMAIL PROTECTED]> said: rt> The FIPS stuff needs a little tune up. rt> rt> Makefile.org rt> - if ! egrep 'define OPENSSL_FIPS' ..; then \ rt> + if egrep 'define OPENSSL_FIPS' ...; then \

Re: [openssl.org #900] non portable additions to OpenSSL_0_9_7-stable

In message <[EMAIL PROTECTED]> on Mon, 21 Jun 2004 08:49:26 +0200 (METDST), "Tim Rice via RT" <[EMAIL PROTECTED]> said: rt> The FIPS stuff needs a little tune up. rt> rt> Makefile.org rt> - if ! egrep 'define OPENSSL_FIPS' ..; then \ rt> + if egrep 'define OPENSSL_FIPS' ...; then \ r

Re: question on static/dynamic linking engines

In message <[EMAIL PROTECTED]> on Wed, 16 Jun 2004 19:27:27 -0400, Geoff Thorpe <[EMAIL PROTECTED]> said: geoff> On June 16, 2004 12:46 pm, Richard Levitte - VMS Whacker wrote: geoff> > kstef> I think we can make do with a less involved fix, actually, by geoff> &g

Re: question on static/dynamic linking engines

In message <[EMAIL PROTECTED]> on Wed, 16 Jun 2004 12:30:28 -0400, Kevin Stefanik <[EMAIL PROTECTED]> said: kstef> I think we can make do with a less involved fix, actually, by kstef> just backing out the conditional if the engine still _requires_ kstef> its own copy of the libcrypto code, or, pr

Re: question on static/dynamic linking engines

In message <[EMAIL PROTECTED]> on Mon, 14 Jun 2004 19:35:08 -0400, Geoff Thorpe <[EMAIL PROTECTED]> said: geoff> On June 14, 2004 12:00 pm, Kevin Stefanik wrote: geoff> > I just realized that we may not have been discussing the same geoff> > issue. When I was referring to dynamically or statical

Re: [openssl.org #896] [PATCH] Clearing wrong variable in crypto/engine/eng_cryptodev.c

In message <[EMAIL PROTECTED]> on Tue, 15 Jun 2004 12:49:26 +0200 (METDST), "Stefan Farfeleder via RT" <[EMAIL PROTECTED]> said: rt> rt> On Tue, Jun 15, 2004 at 10:05:32AM +0200, Richard Levitte - VMS Whacker via RT wrote: rt> > rt> > In message <[

Re: [openssl.org #896] [PATCH] Clearing wrong variable in crypto/engine/eng_cryptodev.c

In message <[EMAIL PROTECTED]> on Tue, 15 Jun 2004 12:49:26 +0200 (METDST), "Stefan Farfeleder via RT" <[EMAIL PROTECTED]> said: rt> rt> On Tue, Jun 15, 2004 at 10:05:32AM +0200, Richard Levitte - VMS Whacker via RT wrote: rt> > rt> > In message <[

Re: [openssl.org #896] [PATCH] Clearing wrong variable in crypto/engine/eng_cryptodev.c

In message <[EMAIL PROTECTED]> on Tue, 15 Jun 2004 08:56:12 +0200 (METDST), "Stefan Farfeleder via RT" <[EMAIL PROTECTED]> said: rt> the functions get_cryptodev_ciphers() and get_cryptodev_digests() should rt> set the pointer *cnids to NULL rather than the first member of the array rt> nids. Wh

Re: [openssl.org #896] [PATCH] Clearing wrong variable in crypto/engine/eng_cryptodev.c

In message <[EMAIL PROTECTED]> on Tue, 15 Jun 2004 08:56:12 +0200 (METDST), "Stefan Farfeleder via RT" <[EMAIL PROTECTED]> said: rt> the functions get_cryptodev_ciphers() and get_cryptodev_digests() should rt> set the pointer *cnids to NULL rather than the first member of the array rt> nids. Why

Re: [openssl.org #895] AEP engine breaks on Linux with pthreads

In message <[EMAIL PROTECTED]> on Fri, 11 Jun 2004 14:58:00 +0200 (METDST), "[EMAIL PROTECTED] via RT" <[EMAIL PROTECTED]> said: rt> rt> On June 11, 2004 03:00 am, Jack Lloyd via RT wrote: rt> > Summary: Threaded applications using the AEP engine break badly rt> > on Linux. rt> rt> I see. The

Re: [openssl.org #895] AEP engine breaks on Linux with pthreads

In message <[EMAIL PROTECTED]> on Fri, 11 Jun 2004 14:58:00 +0200 (METDST), "[EMAIL PROTECTED] via RT" <[EMAIL PROTECTED]> said: rt> rt> On June 11, 2004 03:00 am, Jack Lloyd via RT wrote: rt> > Summary: Threaded applications using the AEP engine break badly rt> > on Linux. rt> rt> I see. The p

Re: REMOVE ME PLEASE!

Wish granted. *KICK* - Please consider sponsoring my work on free software. See http://www.free.lp.se/sponsoring.html for details. -- Richard Levitte \ Tunnlandsvägen 52 \ [EMAIL PROTECTED] [EMAIL PROTECTED] \ S-168 36 BROMMA \ T: +46-708-26 53 44 \ SWEDEN

Re: [openssl.org #499] Patches to OpenSSL for Stratus VOS

If you could please send the new patch as an update to this ticket (for example by replying to this message and making sure it reaches [EMAIL PROTECTED]), that would be the best way. In message <[EMAIL PROTECTED]> on Mon, 7 Jun 2004 21:33:49 +0200 (METDST), "Green, Paul via RT" <[EMAIL PROTECTE

Re: [openssl.org #499] Patches to OpenSSL for Stratus VOS

If you could please send the new patch as an update to this ticket (for example by replying to this message and making sure it reaches [EMAIL PROTECTED]), that would be the best way. In message <[EMAIL PROTECTED]> on Mon, 7 Jun 2004 21:33:49 +0200 (METDST), "Green, Paul via RT" <[EMAIL PROTECTED

Re: [CVS] OpenSSL: openssl/ Configure Makefile.org openssl/crypto/engine/ ...

In message <[EMAIL PROTECTED]> on Tue, 1 Jun 2004 09:44:24 -0400, Geoff Thorpe <[EMAIL PROTECTED]> said: geoff> Yo, "Yo, yo, listen up..." (I think Eminem said that in 8 Mile) geoff> This is the install tree that would be created, but the geoff> installation would then try to place engine libs

Re: [CVS] OpenSSL: openssl/ Configure Makefile.org openssl/crypto/engine/ ...

In message <[EMAIL PROTECTED]> on Tue, 1 Jun 2004 05:18:59 +0200 (CEST), "Geoff Thorpe" <[EMAIL PROTECTED]> said: geoff> Log: geoff> This fixes the installation target for dynamic engines, geoff> which was trying to install to a different location than it geoff> had created. (BTW,

Fundraising for OpenSSL development

Fundraising for OpenSSL development Richard Levitte [EMAIL PROTECTED] Revision $Id: OpenSSL-funding.html,v 1.4 2004/05/24 11:09:14 levitte Exp $ Hello OpenSSL users and developper

Re: [openssl.org #886] bug in EVP_PKEY_bits(pubKey)

In message <[EMAIL PROTECTED]> on Tue, 18 May 2004 09:13:30 +0200 (METDST), "Valente, Luis via RT" <[EMAIL PROTECTED]> said: rt> The EVP_PKEY_bits() function doesn't always return the correct rt> size for an RSA public key. Consider the following CA certificate rt> (Verisign's RSA Secure Server

Re: [CVS] OpenSSL: openssl/crypto/engine/ eng_openssl.c openssl/crypto/evp...

In message <[EMAIL PROTECTED]> on Mon, 17 May 2004 08:58:45 +0200, Andy Polyakov <[EMAIL PROTECTED]> said: appro> > appro> >>I don't think everything has to be size_t-fied. In some situations it appro> > appro> > appro> > appro> > appro> > appro> > Do you care about 16bit platforms? appro> > ap

Re: [CVS] OpenSSL: openssl/crypto/engine/ eng_openssl.c openssl/crypto/evp...

In message <[EMAIL PROTECTED]> on Mon, 17 May 2004 02:37:10 +0200, Andy Polyakov <[EMAIL PROTECTED]> said: appro> >>I don't think everything has to be size_t-fied. In some situations it appro> > appro> > appro> > Do you care about 16bit platforms? appro> appro> Well, I was wondering this quest

Re: [CVS] OpenSSL: openssl/crypto/engine/ eng_openssl.c openssl/crypto/evp...

In message <[EMAIL PROTECTED]> on Mon, 17 May 2004 00:44:53 +0200, Andy Polyakov <[EMAIL PROTECTED]> said: appro> > appro> > appro> Log: appro> > appro> > appro> size_t-fication of message digest APIs. We should size_t-fy more appro> > appro> > appro> APIs... appro> > appro> > Well, I

Re: [CVS] OpenSSL: openssl/crypto/engine/ eng_openssl.c openssl/crypto/evp...

In message <[EMAIL PROTECTED]> on Sun, 16 May 2004 20:17:07 +0200, "Dr. Stephen Henson" <[EMAIL PROTECTED]> said: steve> On Sun, May 16, 2004, Richard Levitte - VMS Whacker wrote: steve> steve> > In message <[EMAIL PROTECTED]> on Sun, 16 May 2004 19:12:22

Re: [CVS] OpenSSL: openssl/crypto/engine/ eng_openssl.c openssl/crypto/evp...

In message <[EMAIL PROTECTED]> on Sun, 16 May 2004 19:12:22 +0200, Andy Polyakov <[EMAIL PROTECTED]> said: appro> > appro> Log: appro> > appro> size_t-fication of message digest APIs. We should size_t-fy more appro> > appro> APIs... appro> > appro> > Oh, I completely agree, and I have

Re: [CVS] OpenSSL: openssl/crypto/evp/ e_old.c

In message <[EMAIL PROTECTED]> on Sat, 15 May 2004 20:26:15 +0200 (CEST), "Geoff Thorpe" <[EMAIL PROTECTED]> said: geoff> Log: geoff> This file implements various functions that have since been geoff> redefined as macros. I'm removing this from the geoff> NO_DEPRECATED build. Thank

Re: [CVS] OpenSSL: openssl/crypto/engine/ eng_openssl.c openssl/crypto/evp...

In message <[EMAIL PROTECTED]> on Sat, 15 May 2004 13:29:56 +0200 (CEST), "Andy Polyakov" <[EMAIL PROTECTED]> said: appro> Log: appro> size_t-fication of message digest APIs. We should size_t-fy more appro> APIs... Oh, I completely agree, and I have a working directory with that going

Re: Inclusion of FIPS

In message <[EMAIL PROTECTED]> on Fri, 14 May 2004 08:43:33 -0400, "Marquess, Steve Mr JMLFDC" <[EMAIL PROTECTED]> said: Steve.Marquess> Note libssl is considered by FIPS 140 to be Steve.Marquess> "outside the cryptographic module boundary"; Yeah, my mentioning libssl is a mistake, or as my dea

Re: Inclusion of FIPS

In message <[EMAIL PROTECTED]> on Fri, 14 May 2004 07:29:51 -0400, "Marquess, Steve Mr JMLFDC" <[EMAIL PROTECTED]> said: Steve.Marquess> Richard Levitte wrote: Steve.Marquess> Steve.Marquess> >jaltman> One concern with your answer is that it Steve.Marquess> >jaltman> appears to imply that FIPS c

Re: Inclusion of FIPS

In message <[EMAIL PROTECTED]> on Thu, 13 May 2004 17:42:51 -0400, Jeffrey Altman <[EMAIL PROTECTED]> said: jaltman> One concern with your answer is that it appears to imply that jaltman> FIPS certification can only be useful to applications which jaltman> statically link in all libraries. There

Re: Inclusion of FIPS

In message <[EMAIL PROTECTED]> on Wed, 12 May 2004 08:48:52 -0400, "Marquess, Steve Mr JMLFDC" <[EMAIL PROTECTED]> said: Steve.Marquess> We are very close (a few days at most) from the point Steve.Marquess> where the 26 special source files in the ./fips/ tree Steve.Marquess> can no longer be mod

Re: Inclusion of FIPS

In message <[EMAIL PROTECTED]> on Wed, 12 May 2004 06:25:43 -0600, The Doctor <[EMAIL PROTECTED]> said: doctor> Why does no FIPS still include FIPS?? It doesn't, all it does is throw the FIPS files through the compiler. However, the FIPS source should be wrapped with #ifdef OPENSSL_FIPS .. #endi

Re: No CAs in CertificateRequest message

In message <[EMAIL PROTECTED]> on Thu, 6 May 2004 08:24:57 -0400, "Erik Tkal" <[EMAIL PROTECTED]> said: etssl> Can anyone answer this? How do I tell if this is a known etssl> problem with OpenSSL or if the RFC is incorrect, or if this is etssl> just a accepted deviation? I can't really say, as t

Re: [openssl.org #874] [Fwd: Bug#243509: openssl: genrsa get crasy with small key size]

In message <[EMAIL PROTECTED]> on Wed, 21 Apr 2004 10:37:45 -0400, Geoff Thorpe <[EMAIL PROTECTED]> said: geoff> On April 21, 2004 04:49 am, Richard Levitte via RT wrote: geoff> > I'm a little hesitant to do this, however, as it has a strong geoff> > smell of quick and dirty hack (which is about

Re: Patches for Stratus VOS

In message <[EMAIL PROTECTED]> on Tue, 23 Mar 2004 18:12:08 -0500, "Green, Paul" <[EMAIL PROTECTED]> said: Paul.Green> I have ported OpenSSL 0.9.7c to the Stratus VOS operating Paul.Green> system. Thanks for providing such a high-quality porting Paul.Green> base; it made my job much easier. I a

Re: [openssl.org #861] [PATCH] add Interix configuration

In message <[EMAIL PROTECTED]> on Thu, 01 Apr 2004 14:38:06 -0500, Rodney <[EMAIL PROTECTED]> said: rodney> Here are the "diff -u" output for the files "Configure", rodney> "config" and "Makefile.org" below. Sorry I missed the rodney> "Makefile.org" in the last submission. OK. I gotta ask, is t

Re: [openssl.org #866] BUG REPORT: openssl-0.9.7d, ca command, null pointer exception, Visual Studio .NET 2003

OK, Fiel, what's up with this? The last post in ticket 862 shows that you acknowledged the bug has been fixed, and now you send in the *exact* same bug report again? I'm killing this ticket, as I assume it was a mistake... - Please consider sponsoring my work on free software. See http://ww

Re: [openssl.org #866] BUG REPORT: openssl-0.9.7d, ca command, null pointer exception, Visual Studio .NET 2003

OK, Fiel, what's up with this? The last post in ticket 862 shows that you acknowledged the bug has been fixed, and now you send in the *exact* same bug report again? I'm killing this ticket, as I assume it was a mistake... - Please consider sponsoring my work on free software. See http://www

Re: [openssl.org #9] Re: [patch] Sign certs that aren't self signed for x509 -CA

In message <[EMAIL PROTECTED]> on Wed, 31 Mar 2004 11:51:13 +0200 (CEST), Richard Levitte - VMS Whacker <[EMAIL PROTECTED]> said: levitte> In message <[EMAIL PROTECTED]> on Wed, 31 Mar 2004 11:23:29 +0200 (METDST), "Simon Josefsson via RT" <[EMAIL PROTE

Re: [openssl.org #9] Re: [patch] Sign certs that aren't self signed for x509 -CA

In message <[EMAIL PROTECTED]> on Wed, 31 Mar 2004 11:51:13 +0200 (CEST), Richard Levitte - VMS Whacker <[EMAIL PROTECTED]> said: levitte> In message <[EMAIL PROTECTED]> on Wed, 31 Mar 2004 11:23:29 +0200 (METDST), "Simon Josefsson via RT" <[EMAIL PROTE

Re: [openssl.org #9] Re: [patch] Sign certs that aren't self signed for x509 -CA

In message <[EMAIL PROTECTED]> on Wed, 31 Mar 2004 11:23:29 +0200 (METDST), "Simon Josefsson via RT" <[EMAIL PROTECTED]> said: rt> rt> "Richard Levitte via RT" <[EMAIL PROTECTED]> writes: rt> rt> > I'm honestly very unsure about this one. After all, "openssl ca" rt> > already covers this, so

Re: [openssl.org #9] Re: [patch] Sign certs that aren't self signed for x509 -CA

In message <[EMAIL PROTECTED]> on Wed, 31 Mar 2004 11:23:29 +0200 (METDST), "Simon Josefsson via RT" <[EMAIL PROTECTED]> said: rt> rt> "Richard Levitte via RT" <[EMAIL PROTECTED]> writes: rt> rt> > I'm honestly very unsure about this one. After all, "openssl ca" rt> > already covers this, so

Re: [openssl.org #859] openssl-0.9.7d compilation bug solaris9 kerberos

RT and attachments, I tell ya... This mail is generated externally, so it does contain the intended attachment... In message <[EMAIL PROTECTED]> on Wed, 31 Mar 2004 09:44:21 +0200 (METDST), "Richard Levitte via RT" <[EMAIL PROTECTED]> said: rt> rt> I'm guessing that the definition of FAR is mi

Re: [openssl.org #853] serial/index file handling broken on Windows in 0.9.7d

In message <[EMAIL PROTECTED]> on Wed, 31 Mar 2004 12:57:48 +1000, "Steven Reddie" <[EMAIL PROTECTED]> said: smr> Sorry for the delay. The snapshot from after you asked me to test it the smr> first time (openssl-0.9.7-stable-SNAP-20040327) passed my tests. Thanks. - Please consider sponsor

OID "long name" vs. "short name"

I find the OID "long name" and "short name" thingy a little bit confusing. The "short name" is not too hard to understand, but it seems like the "long name" has multiple purposes. In some cases (like CN vs. commonName), there really are a short and a long name, but in other cases. In other cases

Re: x_cinf.c patch

In message <[EMAIL PROTECTED]> on Thu, 25 Mar 2004 22:22:16 +0100, "Gisle Vanem" <[EMAIL PROTECTED]> said: giva> The d2i_X509_CINF() is prototyped through some hairy giva> ifdef's by DECLARE_ASN1_FUNCTIONS(X509_CINF) giva> giva> The implementation in x_cinfo.c is however missing a 'const': giva>

Re: a bug in RSA_public_encrypt with RSA_NO_PADDING

In message <[EMAIL PROTECTED]> on Thu, 25 Mar 2004 11:09:42 -0500, Geoff Thorpe <[EMAIL PROTECTED]> said: geoff> On March 25, 2004 10:44 am, Richard Levitte - VMS Whacker wrote: geoff> > To begin with, I think the correct interpretation is that the output geoff> > buf

Re: a bug in RSA_public_encrypt with RSA_NO_PADDING

In message <[EMAIL PROTECTED]> on Thu, 25 Mar 2004 10:35:38 -0500, Geoff Thorpe <[EMAIL PROTECTED]> said: geoff> The only thing that would genuinely change the landscape of geoff> this issue IMHO would be to rerig the RSA API to allow input geoff> lengths to be specified independantly of the modu

Re: a bug in RSA_public_encrypt with RSA_NO_PADDING

In message <[EMAIL PROTECTED]> on Wed, 24 Mar 2004 10:40:14 -0500, Geoff Thorpe <[EMAIL PROTECTED]> said: geoff> Well I was meaning counter-intuitive at the nit-picking level geoff> more than anything warranting CVS action. To my mind, they geoff> *both* RSA_NO_PADDING and RSA_ALREADY_PADDED mean

Re: a bug in RSA_public_encrypt with RSA_NO_PADDING

In message <[EMAIL PROTECTED]> on Tue, 23 Mar 2004 10:48:00 -0800, Jose Castejon-Amenedo <[EMAIL PROTECTED]> said: Jose.Castejon-Amenedo> OK. I would like to add to what you Jose.Castejon-Amenedo> (correctly) wrote earlier on: a 1,024-bit RSA Jose.Castejon-Amenedo> key works on 1,024 bits of inp

Re: [openssl.org #849] WIN32 compile problems

In message <[EMAIL PROTECTED]> on Mon, 22 Mar 2004 14:33:59 +0100 (MET), "[EMAIL PROTECTED] via RT" <[EMAIL PROTECTED]> said: rt> Libeay32 linked fine. I got the problems when linking ssleay32. It rt> complained about 2 unresolved symbols. I ended up copying the rt> "asn1_lib.obj" line from t

Re: [openssl.org #849] WIN32 compile problems

In message <[EMAIL PROTECTED]> on Mon, 22 Mar 2004 14:33:59 +0100 (MET), "[EMAIL PROTECTED] via RT" <[EMAIL PROTECTED]> said: rt> Libeay32 linked fine. I got the problems when linking ssleay32. It rt> complained about 2 unresolved symbols. I ended up copying the rt> "asn1_lib.obj" line from th

Re: Bug in 0.9.7d apps/ocsp.c

In message <[EMAIL PROTECTED]> on Fri, 19 Mar 2004 10:37:41 +1100, "Steven Reddie" <[EMAIL PROTECTED]> said: smr> I'm getting a crash in apps/ocsp.c in the new 0.9.7d kit. Line smr> 876 now calls free_index(rdb) where it used to use TXT_DB_free. smr> If rdb is NULL (as can happen with ocsp when

Re: [openssl.org #842] [PATCH] Reduce probability of duplicate serial numbers

In message <[EMAIL PROTECTED]> on Mon, 15 Mar 2004 13:14:40 +0100 (MET), "Stephen Henson via RT" <[EMAIL PROTECTED]> said: rt> I'd be interested to know how people are managing to create duplicate rt> serial numbers: that is what commands and or scripts are being used to rt> do this. Easy: upgr

Re: [openssl.org #842] [PATCH] Reduce probability of duplicate serial numbers

In message <[EMAIL PROTECTED]> on Mon, 15 Mar 2004 13:14:40 +0100 (MET), "Stephen Henson via RT" <[EMAIL PROTECTED]> said: rt> I'd be interested to know how people are managing to create duplicate rt> serial numbers: that is what commands and or scripts are being used to rt> do this. Easy: upgra

Re: i2a_ASN1_OBJECT

In message <[EMAIL PROTECTED]> on Mon, 15 Mar 2004 03:03:54 -0800 (PST), "S.Mehdi Sheikhalishahi" <[EMAIL PROTECTED]> said: sm_justice> Hi Group sm_justice> I want to use i2a_ASN1_OBJECT function of openssl But sm_justice> when I want to compile my program it say sm_justice> sm_justice> /home/a

Re: [openssl.org #833] PEM_read_bio_PrivateKey unencrypted read bug

In message <[EMAIL PROTECTED]> on Fri, 27 Feb 2004 15:42:51 +0100 (CET), Richard Levitte - VMS Whacker <[EMAIL PROTECTED]> said: levitte> In message <[EMAIL PROTECTED]> on Fri, 27 Feb 2004 15:32:26 +0100 (MET), "Stephen Henson via RT" <[EMAIL PROTECTED

Re: [openssl.org #833] PEM_read_bio_PrivateKey unencrypted read bug

In message <[EMAIL PROTECTED]> on Fri, 27 Feb 2004 15:42:51 +0100 (CET), Richard Levitte - VMS Whacker <[EMAIL PROTECTED]> said: levitte> In message <[EMAIL PROTECTED]> on Fri, 27 Feb 2004 15:32:26 +0100 (MET), "Stephen Henson via RT" <[EMAIL PROTECTED

Re: [openssl.org #833] PEM_read_bio_PrivateKey unencrypted read bug

In message <[EMAIL PROTECTED]> on Fri, 27 Feb 2004 15:32:26 +0100 (MET), "Stephen Henson via RT" <[EMAIL PROTECTED]> said: rt> If windows.h is not included first then the #undef X509_NAME has no rt> effect but the structure still gets defined. When windows.h is included rt> X509_NAME gets #defin

Re: [openssl.org #833] PEM_read_bio_PrivateKey unencrypted read bug

In message <[EMAIL PROTECTED]> on Fri, 27 Feb 2004 15:32:26 +0100 (MET), "Stephen Henson via RT" <[EMAIL PROTECTED]> said: rt> If windows.h is not included first then the #undef X509_NAME has no rt> effect but the structure still gets defined. When windows.h is included rt> X509_NAME gets #define

Re: [openssl.org #832] ocsp and dsa key+socket option SO_REUSEADDR for responder

In message <[EMAIL PROTECTED]> on Fri, 27 Feb 2004 15:22:13 +0100 (MET), "Stephen Henson via RT" <[EMAIL PROTECTED]> said: rt> > So basically, you're saying that the following would be the right rt> > thing to do: rt> > rt> > evp_md = EVP_get_digestbynid(rkey->type); rt> > rt> rt> Yes it wo

Re: [openssl.org #832] ocsp and dsa key+socket option SO_REUSEADDR for responder

In message <[EMAIL PROTECTED]> on Fri, 27 Feb 2004 15:22:13 +0100 (MET), "Stephen Henson via RT" <[EMAIL PROTECTED]> said: rt> > So basically, you're saying that the following would be the right rt> > thing to do: rt> > rt> > evp_md = EVP_get_digestbynid(rkey->type); rt> > rt> rt> Yes it wou

Re: [openssl.org #833] PEM_read_bio_PrivateKey unencrypted read bug

In message <[EMAIL PROTECTED]> on Fri, 27 Feb 2004 14:09:07 +0100 (MET), "Stephen Henson via RT" <[EMAIL PROTECTED]> said: rt> The workaround we use is to #undef these first in the relevant header rt> file but as the OP reports this only works if you #include rt> (which includes wincrypt.h) fir

Re: [openssl.org #833] PEM_read_bio_PrivateKey unencrypted read bug

In message <[EMAIL PROTECTED]> on Fri, 27 Feb 2004 14:09:07 +0100 (MET), "Stephen Henson via RT" <[EMAIL PROTECTED]> said: rt> The workaround we use is to #undef these first in the relevant header rt> file but as the OP reports this only works if you #include rt> (which includes wincrypt.h) firs

Re: [openssl.org #832] ocsp and dsa key+socket option SO_REUSEADDR for responder

In message <[EMAIL PROTECTED]> on Fri, 27 Feb 2004 14:00:24 +0100 (MET), "Stephen Henson via RT" <[EMAIL PROTECTED]> said: rt> rt> [levitte - Fri Feb 27 00:04:45 2004]: rt> rt> > I noticed the EVP_dss1() hack, and am pondering about something a bit rt> > mkore generic. Could you test if the

Re: [openssl.org #832] ocsp and dsa key+socket option SO_REUSEADDR for responder

In message <[EMAIL PROTECTED]> on Fri, 27 Feb 2004 14:00:24 +0100 (MET), "Stephen Henson via RT" <[EMAIL PROTECTED]> said: rt> rt> [levitte - Fri Feb 27 00:04:45 2004]: rt> rt> > I noticed the EVP_dss1() hack, and am pondering about something a bit rt> > mkore generic. Could you test if the f

Re: OPENSSL'S BUG IN BASE64?

Questions like these are typical user questions, and should really be posted on openssl-users rather than openssl-dev. In message <[EMAIL PROTECTED]> on Fri, 27 Feb 2004 17:41:35 +0800, $AUE(B $Agy(B <[EMAIL PROTECTED]> said: todayhill> I use openssl 0.9.7c.In BASE64 fuction,128bit in but 17

Re: openssl cert policy handling

In message <[EMAIL PROTECTED]> on Mon, 23 Feb 2004 16:26:38 -0800, Lev Walkin <[EMAIL PROTECTED]> said: vlm> Dr. Stephen Henson wrote: vlm> > On Mon, Feb 23, 2004, Chris Brook wrote: vlm> > vlm> > vlm> >>Is there any support in crypto->x509(v3) for certificate policy vlm> >>processing/checking

Re: openssl cert policy handling

In message <[EMAIL PROTECTED]> on Mon, 23 Feb 2004 15:40:42 -0500, "Chris Brook" <[EMAIL PROTECTED]> said: cbrook> Is there any support in crypto->x509(v3) for certificate cbrook> policy processing/checking as described in X.509 or PKIX? No, not yet. I've plans to do that, but haven't gotten to

Re: [openssl.org #830] Bug Report (Building without HMAC)

In message <[EMAIL PROTECTED]> on Thu, 19 Feb 2004 08:35:59 +0100 (MET), "Bob Fishman via RT" <[EMAIL PROTECTED]> said: rt> rt> Greetings, rt> rt> System and version: rt> rt> OpenSSL 0.9.7c rt> rt> rt> rt> Type: rt> Building, Configuration Error rt> rt> rt> Description: rt> When doing a

Re: [openssl.org #830] Bug Report (Building without HMAC)

In message <[EMAIL PROTECTED]> on Thu, 19 Feb 2004 08:35:59 +0100 (MET), "Bob Fishman via RT" <[EMAIL PROTECTED]> said: rt> rt> Greetings, rt> rt> System and version: rt> rt> OpenSSL 0.9.7c rt> rt> rt> rt> Type: rt> Building, Configuration Error rt> rt> rt> Description: rt> When doing a m

Re: [openssl.org #829] PATCH: Checking issuer cert w/ self-signed certs

In message <[EMAIL PROTECTED]> on Wed, 18 Feb 2004 10:40:26 +0100 (MET), "Dave Roberts via RT" <[EMAIL PROTECTED]> said: rt> It also copes if they have the same Serial Number as well. The only way to cope with that situation is to return an error. The serial number must be unique for each cert

Re: [openssl.org #829] PATCH: Checking issuer cert w/ self-signed certs

In message <[EMAIL PROTECTED]> on Wed, 18 Feb 2004 10:40:26 +0100 (MET), "Dave Roberts via RT" <[EMAIL PROTECTED]> said: rt> It also copes if they have the same Serial Number as well. The only way to cope with that situation is to return an error. The serial number must be unique for each certi

Re: [openssl.org #823] openssl 0.9.7c build fails

In message <[EMAIL PROTECTED]> on Sun, 8 Feb 2004 18:31:16 +0100 (MET), "[EMAIL PROTECTED] via RT" <[EMAIL PROTECTED]> said: rt> fixed it by adding "#include " to crypto/des/des_locl.h rt> and adding a link "../../e_os.h" in include/openssl/ It's better if you add a '#include "../e_os.h"' ---

Re: RE : Patch: cswift engine openssl-0.9.7c

In message <[EMAIL PROTECTED]> on Thu, 12 Feb 2004 17:52:18 +0100, "Frederic Donnat" <[EMAIL PROTECTED]> said: frederic.donnat> Je constate que vous avez pu resoudre le probleme! ;) frederic.donnat> J'espere que notre "engine" a pu vous aider. frederic.donnat> Belle analyse de votre part dans tou

Re: [openssl.org #823] openssl 0.9.7c build fails

In message <[EMAIL PROTECTED]> on Sun, 8 Feb 2004 18:31:16 +0100 (MET), "[EMAIL PROTECTED] via RT" <[EMAIL PROTECTED]> said: rt> fixed it by adding "#include " to crypto/des/des_locl.h rt> and adding a link "../../e_os.h" in include/openssl/ It's better if you add a '#include "../e_os.h"'

Re: X509v3 extensions (repost)

In message <[EMAIL PROTECTED]> on Fri, 6 Feb 2004 10:32:45 + (GMT), Dave Roberts <[EMAIL PROTECTED]> said: dave.roberts> I've come across an issue with extensions. I have a dave.roberts> S/MIME signed message, where the signing cert has dave.roberts> signing + encrypting Key Usage flags, and

Re: [CVS] OpenSSL: openssl/crypto/des/ cfb64ede.c cfb_enc.c openssl/crypto...

Uhmmm, that's definitely not enough. Did you try to compile? In message <[EMAIL PROTECTED]> on Tue, 27 Jan 2004 22:47:36 +0100 (CET), "Andy Polyakov" <[EMAIL PROTECTED]> said: appro> OpenSSL CVS Repository appro> http://cvs.openssl.org/ appro> _

Re: Compile SnapShot - S_IFBLK

In message <[EMAIL PROTECTED]> on Mon, 26 Jan 2004 22:17:45 +0100, "ph-bgt" <[EMAIL PROTECTED]> said: philippe.bougeret> When I try to compile philippe.bougeret> openssl-0.9.7-stable-SNAP-20040126, S_IFBLK philippe.bougeret> (randfile.c) is not defined under windows. Thanks, I just fixed it (I h

Re: Windows DLL naming inconsistency

In message <[EMAIL PROTECTED]> on Mon, 26 Jan 2004 12:07:56 +0100, Andy Polyakov <[EMAIL PROTECTED]> said: appro> > and other details I'm not aware of. I've heard appro> > suggestions of creating several variants of the OpenSSL libraries that appro> > would be used in parallell with the differen

Re: Windows DLL naming inconsistency

In message <[EMAIL PROTECTED]> on Sun, 25 Jan 2004 11:02:06 -0500, Jeffrey Altman <[EMAIL PROTECTED]> said: jaltman> I think there are two very different markets. One is the jaltman> cygwin (unix on windows) environments which expect things to jaltman> be named the way they are on Unix/Linux. T

Re: [CVS] OpenSSL: OpenSSL_0_9_7-stable: openssl/ Configure configopenssl...

In message <[EMAIL PROTECTED]> on Wed, 21 Jan 2004 14:40:07 +0100, Andy Polyakov <[EMAIL PROTECTED]> said: appro> > You're not forgetting to apply this to HEAD, I hope... appro> appro> Well, gcc detection and hpux64-parisc2-gcc line were in HEAD since appro> November. Then as I mentioned in 772

Re: [CVS] OpenSSL: OpenSSL_0_9_7-stable: openssl/ Configure config openssl...

You're not forgetting to apply this to HEAD, I hope... In message <[EMAIL PROTECTED]> on Wed, 21 Jan 2004 10:58:20 +0100 (CET), "Andy Polyakov" <[EMAIL PROTECTED]> said: appro> OpenSSL CVS Repository appro> http://cvs.openssl.org/ appro>

Re: another Signal 11 (seg fault) in MD5_Init

In message <[EMAIL PROTECTED]> on Tue, 20 Jan 2004 21:19:03 +, [EMAIL PROTECTED] said: kjfw> I posted over a month ago about an "Unexpected Signal: 11" in kjfw> MD5_Init. The same error has happened again, but this time I kjfw> have a bit more information: MD5_Init was called with a null kj

Re: EXP1024 bug uncovered in 0.9.6k

In message <[EMAIL PROTECTED]> on Wed, 14 Jan 2004 18:35:52 +0200, Adi Stav <[EMAIL PROTECTED]> said: AdiS> In versions engine-0.9.6l and engine-0.9.6k it is no longer possible to AdiS> connect using the EXP1024-DES-CBC-SHA cipher suite: The following patch (or a recent snapshot of the 0.9.6 bra

Re: [CVS] OpenSSL: openssl/ssl/ ssltest.c

In message <[EMAIL PROTECTED]> on Sun, 4 Jan 2004 18:53:21 +0100 (CET), "Lutz Jaenicke" <[EMAIL PROTECTED]> said: jaenicke> OpenSSL CVS Repository jaenicke> http://cvs.openssl.org/ jaenicke> jaenicke> jaenicke>

Re: Bug in Makefile. (0.9.7c)

In message <[EMAIL PROTECTED]> on Wed, 31 Dec 2003 20:47:36 -0700, Doug Royer <[EMAIL PROTECTED]> said: Doug> Doug> I built 0.9.7c with: Doug> Doug> ./Configure solaris-sparcv9-cc Doug> Doug> And in the Makefile is: Doug> Doug> Doug> ... Doug> cp openssl.pc $(INSTALL_PREFIX)$(INSTAL

Re: openssl-0.9.7-stable-SNAP-20031228 not compiling on BSD/OS

In message <[EMAIL PROTECTED]> on Tue, 30 Dec 2003 07:34:27 -0700, The Doctor <[EMAIL PROTECTED]> said: doctor> This error is still occuring. You can stop now, I know about the problem. I have some connection problems, so it will take a couple more days before I can fix it. -- Richard Levitte

Re: openssl-0.9.7-stable-SNAP-20031228 not compiling on BSD/OS

OK, I'll restore it to what it was previously, tomorrow. In message <[EMAIL PROTECTED]> on Sun, 28 Dec 2003 06:59:44 -0700, The Doctor <[EMAIL PROTECTED]> said: doctor> inttypes.h seems to be the culprit doctor> doctor> Here is a script of the transaction doctor> doctor> doctor> Script starte

Re: [CVS] OpenSSL: openssl/crypto/objects/ obj_dat.pl

In message <[EMAIL PROTECTED]> on Sat, 27 Dec 2003 17:13:18 +0100 (CET), "Richard Levitte" <[EMAIL PROTECTED]> said: levitte> OpenSSL CVS Repository levitte> http://cvs.openssl.org/ levitte> levitte> levitte> Se

Re: CRYPTO_thread_setup/CRYPTO_thread_cleanup declaration?

In message <[EMAIL PROTECTED]> on Sat, 27 Dec 2003 04:54:29 +0100 (CET), Richard Levitte - VMS Whacker <[EMAIL PROTECTED]> said: levitte> In message <[EMAIL PROTECTED]> on Sat, 27 Dec 2003 02:33:36 +0100, Frédéric Giudicelli <[EMAIL PROTECTED]> said: levitte>

Re: CRYPTO_thread_setup/CRYPTO_thread_cleanup declaration?

In message <[EMAIL PROTECTED]> on Sat, 27 Dec 2003 02:33:36 +0100, Frédéric Giudicelli <[EMAIL PROTECTED]> said: groups> So I have to reimplement the code found in crypto\threads\th-lock.c? groups> Is there a problem with those codes? groups> Why aren't they compiled in the library by default? T

Re: CRYPTO_thread_setup/CRYPTO_thread_cleanup declaration?

In message <[EMAIL PROTECTED]> on Sat, 27 Dec 2003 01:23:25 +0100, Frédéric Giudicelli <[EMAIL PROTECTED]> said: groups> I cant' find where "CRYPTO_thread_setup" and groups> "CRYPTO_thread_cleanup" are declared. You need to use CRYPTO_set_locking_callback(), CRYPTO_set_dynlock_create_callback(),

Re: PEM inconsistency

In message <[EMAIL PROTECTED]> on Mon, 22 Dec 2003 16:36:30 -0500, Rich Salz <[EMAIL PROTECTED]> said: rsalz> > RFC1421 says: rsalz> > ... rsalz> >Two encapsulation boundaries (EB's) are defined for delimiting rsalz> >encapsulated PEM messages and for distinguishing encapsulated PEM rsalz

Re: AES_CBC decryption

In message <[EMAIL PROTECTED]> on Fri, 19 Dec 2003 10:49:49 -0600, "Stephen Sprunk" <[EMAIL PROTECTED]> said: stephen> Thus spake "mohanlal jangir" <[EMAIL PROTECTED]> stephen> >I was looking into the AES CBC code available at stephen> > http://openbsd.secsup.org/src/lib/libssl/src/crypto/aes

Re: nonRepudiation --> contentCommitment

In message <[EMAIL PROTECTED]> on Thu, 18 Dec 2003 17:50:20 +0100, "Dr. Stephen Henson" <[EMAIL PROTECTED]> said: steve> On Thu, Dec 18, 2003, Michael Bell wrote: steve> steve> > Hi all, steve> > steve> > there is a draft for a technical corrigendum of X.509. steve> > steve> > http://www.pki-p

Re: [openssl.org #798] Adding fieldName_required to req command (TSU NOTIFICATION)

In message <[EMAIL PROTECTED]> on Wed, 17 Dec 2003 12:33:14 -0500, Rich Salz <[EMAIL PROTECTED]> said: rsalz> Thanks, folks, for explaining. If RT2 is still being rsalz> maintained, they should add a note to the mail saying rsalz> "attachments not sent and not lost" :) Actually, we could do tha

Re: [openssl.org #798] Adding fieldName_required to req command (TSU NOTIFICATION)

[ this message has [EMAIL PROTECTED] removed as recipient, as it really doesn't need to get into the database :-) ] In message <[EMAIL PROTECTED]> on Wed, 17 Dec 2003 11:47:37 -0500, Rich Salz <[EMAIL PROTECTED]> said: rsalz> The mail stripped the attachments. Are they in RT? If not, rsalz> ho

Re: [openssl.org #796] bug & fix: "compatibility_version" incorrect in 0.9.7c on OSX 10.3.1

In message <[EMAIL PROTECTED]> on Fri, 12 Dec 2003 10:20:47 +0100 (MET), "OpenMacNews via RT" <[EMAIL PROTECTED]> said: rt> the following changes seem to cure the problem ... rt> rt> (EDITOR) Makefile.org rt> @ 304 rt> --- -compatibility_version ${SHLIB_MAJOR}.`echo ${SHLIB_MINOR}

Re: [openssl.org #796] bug & fix: "compatibility_version" incorrect in 0.9.7c on OSX 10.3.1

In message <[EMAIL PROTECTED]> on Fri, 12 Dec 2003 10:20:47 +0100 (MET), "OpenMacNews via RT" <[EMAIL PROTECTED]> said: rt> the following changes seem to cure the problem ... rt> rt> (EDITOR) Makefile.org rt> @ 304 rt> --- -compatibility_version ${SHLIB_MAJOR}.`echo ${SHLIB_MINOR}

Re: [openssl.org #794] BUG - BIO printf problem on HP-UX

In message <[EMAIL PROTECTED]> on Thu, 11 Dec 2003 18:21:22 +0100 (CET), Richard Levitte - VMS Whacker <[EMAIL PROTECTED]> said: levitte> I'll produce patches shortly, but first I've got to figure out some levitte> funnies with the fractional part. The followi

Re: [openssl.org #794] BUG - BIO printf problem on HP-UX

In message <[EMAIL PROTECTED]> on Thu, 11 Dec 2003 17:53:51 +0100 (CET), Richard Levitte - VMS Whacker <[EMAIL PROTECTED]> said: levitte> I get ooo.1 with BIO_printf() and 1000.1 with printf(). It's clear to levitte> me that this is in fact a bug in OpenSSL (especiall

<    1   2   3   4   5   6   7   8   9   10   >