[PATCH] Support DTLS compatibility with DTLS1_BAD_VER client

2012-06-28 Thread Ghennadi Procopciuc
Hello All, We observed that the current implementation contains a client that can communicate with a DTLS1_BAD_VER server but does not contains the server that can communicate with a DTLS1_BAD_VER client, so we wrote a patch that enables OpenSSL to negotiate DTLS1_BAD_VER with itself. Changes

OpenSSL FIPS Object Module v2.0 validation now complete

2012-06-28 Thread Steve Marquess
The long awaited validation of the OpenSSL FIPS Object Module v2.0 (2.0 module) is now complete: http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401val2012.htm#1747 The 2.0 module is designed for use with OpenSSL 1.0.1. This module is similar in many ways to the earlier OpenSSL FIPS

OpenSSL FIPS Object Module v2.0 validation -- CD requests

2012-06-28 Thread Steve Marquess
The number of requests for CD-ROM disks arriving since our announcement of the OpenSSL FIPS Object Module v2.0 FIPS 140-2 validation earlier today has exceeded our expectations. We will need to order additional mailers and CDs, and/or arrange to have a large number of disks professionally

Re: libintel-accel-1.4

2012-06-28 Thread no_spam_98
From: Andy Polyakov ap...@openssl.org To: openssl-dev@openssl.org Sent: Tuesday, June 26, 2012 8:38 AM Subject: Re: libintel-accel-1.4 http://www.openssl.org/contrib/intel-accel-1.4.tar.gz I'm attempting to use the libintel-accel-1.4 ENGINE with my

RE: [openssl.org #2835] question/proposal for openssl 1.0.1c to make do_ms.bat and do_win64a.bat somewhat more consisent + solve build errors for WIN64a.

2012-06-28 Thread Kees Dekker
Hi, I used a slightly modified script: if (@ARGV[0]) { while() { print foo.$_; } } else { print Running on $^O, using: $^X, version $]\n; open STDOUT,| \$^X\ $0 -; print bar\n; close STDOUT; } Results (the first sentence is comments of me regarding the

RE: [openssl.org #2838] build issue on Solaris 10/Sparc for 64-bit build of OpenSSL 1.01c

2012-06-28 Thread Kees Dekker
I think you can indeed remove ar rs completely for 64-bit sparc too... In a 10 year timeframe some things may have changed... It is really impressive that you found something in your archive that happened so long ago. If you put Solaris 10 as minimum OS version, then you can safely remove that

Re: OpenSSL FIPS Object Module v2.0 validation now complete

2012-06-28 Thread carlyoung
On Thu 28/06/12 3:25 PM , Steve Marquess marqu...@opensslfoundation.com sent: The long awaited validation of the OpenSSL FIPS Object Module v2.0 (2.0 module) is now complete: One very important difference to note is that a new requirement has been imposed on the distribution of the 2.0 module.

[PATCH] Restore alg_section to 1.0.1c

2012-06-28 Thread David McCullough
Hi all, The code to handle the fips_mode/alg_section mentioned in the various FIPs user guides for enabling FIPs mode from openssl.cnf seems to have not made it into the 1.0 versions. This patch adds it back in, Cheers, Davidm --- openssl-1.0.1c/crypto/evp/Makefile.orig 2012-06-27