On 24. jan. 2018, at 6:11 f.h., Benjamin Kaduk via openssl-dev
wrote:
> On 01/23/2018 07:19 PM, Salz, Rich via openssl-dev wrote:
>> Well, the most likely fix is to make the “safely” wording be more vague,
>> which I doubt you’ll like. But I doubt anyone on the team
On 9. jan. 2018, at 7:40 f.h., Randall S. Becker wrote:
> On January 9, 2018 10:05 AM, Rich Salz wrote:
>> It would be interesting to see how many changes you need to support your
>> platform.
>
> Surprisingly not many at all. The platform has been significantly
On Apr 18, 2016, at 6:11 PM, CHOW Anthony
wrote:
> I am trying to do “openssl verify –CAfile server.pem” and the command hang.
> When I debug, I see that after calling the function PEM_read_bio_X509_AUX in
> load_cert() it hangs.
>
> But I don’t seems to
On May 18, 2015, at 1:41 PM, Andy Polyakov via RT r...@openssl.org wrote:
Found by the https://github.com/xiw/stack tool and then I checked the
generated asm (gcc and clang) to confirm.
In the check if (d0 tmp_ulong) tmp_ulong always evaluates to true
because the compiler optimizes out the
On May 18, 2015, at 1:41 PM, Andy Polyakov via RT r...@openssl.org wrote:
Found by the https://github.com/xiw/stack tool and then I checked the
generated asm (gcc and clang) to confirm.
In the check if (d0 tmp_ulong) tmp_ulong always evaluates to true
because the compiler optimizes out the
On Mar 25, 2015, at 11:56 AM, Matt Cross matt.cr...@gmail.com wrote:
I am working with something that does a lot of SHA1's. I am trying to
profile my application and generate flame graphs (see
http://www.brendangregg.com/flamegraphs.html ), but profiling tools cannot
successfully
On Mar 25, 2015, at 2:42 PM, Matt Cross matt.cr...@gmail.com wrote:
This is done to align %rsp to a 64 byte boundary, and the original %rsp is
stored on the stack; so the only way to get the actual frame pointer is to
read 64(%rsp) and add an offset to that. I managed to do that by
On 28 Apr 2014, at 4:20 PM, Kurt Roeckx wrote:
To me this all sounds like an we end up in an inconsistent state.
I'm expecting write(2) like behaviour of SSL_write().
You can request write(2)-like behavior from SSL_write() by setting
SSL_MODE_ENABLE_PARTIAL_WRITE with SSL_CTX_set_mode().
On 11 Aug 2013, at 2:19 PM, Ahmed Charfeddine wrote:
It has been understood that the concurrent use of SSL_write and SSL_read is
dangerous.
However, is it correct to assume that the only crossing between these two
APIs happen at the handshake stage only ?
In other terms, once the SSL
I did a quick test, and found that 'make test' succeeds for -O0, -O1, -Os, and
-Oz, but fails for -O2 and -O3. This is using Apple's cc which is based on
clang-3.3 (it describes itself as clang-500.1.58 based on LLVM 3.3svn) and
openssl-1.0.1e.
It fails in the NIST test vectors stage of NIST
On 10 Apr 2013, at 5:25 PM, igenyar wrote:
After receiving a certificate, the client needs to send challenge to server
to verify that the server does have the private key associated with the
certificate. (Besides other checkings such as DNS, etc.)
This happens as part of the SSL handshake ---
On 7 Jan 2013, at 10:21 PM, shyamala wrote:
Hi, I have some queries regarding BIO_* calls. Our application uses BIO_*
calls (BIO_do_connect, BIO_new_connect etc) to establish connection with
Onboard Administrator. This works fine with IPv4 IP address, but
BIO_do_connect fails when IPv6
On 10 Oct 2012, at 4:58 AM, Vladimir Belov wrote:
After I got the message “Waiting for OCSP client connections...” I see that
process openssl.exe listen only TCPv6 port , no TCPv4.
How to set up OCSP responder to handle IPv4-connections? Or the only way is
to use only IPv6-connection
On 17 Sep 2012, at 9:13 PM, Santhosh AP wrote:
Kindly help us to create digital certificate having more than 365 day’s
validity. At present we are using OpenSSL 0.9.7a Feb 19 2003 version. Kindly
confirm is it possible to cross the certificate validity more than 1 year, if
it’s possible
(I think this is more appropriate for openssl-users than -dev, so I'm
responding to that list.)
On 10 Jul 2012, at 8:59 AM, Sirshendu Rakshit wrote:
My questions are:
1) Is this a good way to know the EC_KEY using the curve-name Or there is
some better way to know it?
If you're hardcoding a
About a year ago, building on some work by Yoni Londner, I posted some patches
to add more accurate debug information, mostly describing stack unwinding, to
the hand-optimized x86 assembly code. This is especially helpful when profiling
or debugging, since otherwise the debugger does not know
On 3 Apr 2012, at 2:34 AM, Tamir Khason via RT wrote:
It seemed that we are speaking about different things.
In certificate i pasted, integers used for exponent1, exponent2 and
coefficient encoded with different lengths.
Yes. This is OK. In fact, it is required by DER (ISO 8825, etc).
In
On 2 Apr 2012, at 10:21 AM, Tamir Khason via RT wrote:
Please see attached good and bad example + plain dump for both
The attached file was corrupted at some point in the mail ... perhaps you could
put it on your website? I couldn't read the PEM file you posted either because
it was
On 27 Mar 2012, at 3:01 AM, Frater wrote:
Where is any working example to encrypt file or long string using RSA Public
or private key.
in demos/maurice is example 1 but using certificate not privkey.
The code in demos/maurice reads a certificate and extracts an EVP_PKEY from it,
which is
On 18 Jul 2011, at 1:25 PM, Patrick Donnelly wrote:
Are you seriously suggesting that parsing the md5sums of multiple
files from the output of openssl md5 *.txt is a sensible use case?
It's not just sensible, it's fairly common. The DIGEST(filename)=hexhexhex...
output style is in imitation
FWIW, I worked on extending this to cover the other x86 perlasm files in
libcrypto over the weekend, by causing the %esp-tracking code in x86asm to emit
CFI directives when needed. Other than the SHA implementations (some of which
use a sliding-stack scheme that's hard to unwind) it needs only
FWIW, I worked on extending this to cover the other x86 perlasm files in
libcrypto over the weekend, by causing the %esp-tracking code in x86asm to emit
CFI directives when needed. Other than the SHA implementations (some of which
use a sliding-stack scheme that's hard to unwind) it needs only
I noticed this odd sequence of instructions in cbc.pl, near line 171. It seems
like a bug, but the code hasn't been modified since 1998, and it seems unlikely
this bug would have gone unnoticed for that long[1]:
set_label(ej3);
movb(HB(ecx), BP(2,$in,,0));
xor(ecx,
Well, I did some testing with the slightly-modified patch (debian squeeze and
openbsd 4.9), and confirmed that this produces an .eh_frame which allows gdb to
walk the stack successfully if the program is stopped in or singlestepped
through md5_block_asm_data_order(). Some notes, though:
- Not
On 28 Jun 2011, at 5:56 PM, Wim Lewis wrote:
Several of the other assembly files could use the same treatment as well:
md5-x86_64.pl uses %rbp to point to one of its arguments, sha1-586.pl uses
%ebp as a scratch register, etc.
It occurs to me that a lot of the CFI management could be done
On 28 Jun 2011, at 12:21 AM, yoni londner wrote:
1. I looked at a generated assembler from gcc. So I am not 100% sure what is
the 'most correct', but this is what gcc emits.
I was concerned that since this routine isn't compiler-generated it might be
doing something different from what
On 27 Jun 2011, at 9:27 AM, yoni londner wrote:
As you know, on 32bit systems, when using EBP for anything other than holding
the stack base, it is very difficult to get reasonable backtrace.
this can be fixed if directing the compiler to add a debug record which tells
(at runtime) where we
On Sep 8, 2010, at 8:51 AM, shibu nair via RT wrote:
We found that the error is due to the –days option. And when we
change the value 9996 this works fine. and was working fine three
date before (03-sept-2010. it seems to be issue related to the date
range.
Well, January 1st, 2038
28 matches
Mail list logo