This patch fixes clobbering of XMM6-XMM9 registers by the assembler
implementation of aesni_ecb_encrypt().
Windows x86_64 ABI requires XMM6-XMM15 registers to be preserved by
callee, unlike System V x86_64 ABI.
--- a/crypto/aes/asm/aesni-x86_64.pl2014-09-25 22:02:56.0 +0300
+++
- Original Message -
From: dE de.tec...@gmail.com
To: openssl-dev@openssl.org
Sent: Tuesday, 14 October, 2014 6:39:11 AM
Subject: Re: CIPHER STRINGS
On 10/13/14 17:09, Hubert Kario wrote:
- Original Message -
From: dE de.tec...@gmail.com
To: openssl-dev@openssl.org
Hi,
Any idea what this is about? Is it a threat for OpenSSL users:
http://www.theregister.co.uk/2014/10/14/nasty_ssl_30_vulnerability_to_drop_tomorrow/
Regards,
Kris
__
OpenSSL Project
On 10/14/14 16:47, Hubert Kario wrote:
- Original Message -
From: dE de.tec...@gmail.com
To: openssl-dev@openssl.org
Sent: Tuesday, 14 October, 2014 6:39:11 AM
Subject: Re: CIPHER STRINGS
On 10/13/14 17:09, Hubert Kario wrote:
- Original Message -
From: dE de.tec...@gmail.com
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
If there is a threat in SSLv3 it seems almost certain to affect OpenSSL.
The upstream dev team not commenting on this is probably fairly
standard protocol; I believe they don't comment on anything critical
that could be exploited before patches are
Have attempted another build using Win 32 option
perl Configure VC-WIN32 no-asm no-hw
ms\do_ms completes without error or warnings.
Running nmake -f ms\ntdll.mak compiles all C code but generates the
following error on linking
rc /fotmp32dll\libeay32.res /d CRYPTO
Here's a patch for the OpenSSL 1.0.1 branch that adds support for
TLS_FALLBACK_SCSV, which can be used to counter the POODLE attack
(CVE-2014-3566; https://www.openssl.org/~bodo/ssl-poodle.pdf).
Note well that this is not about a bug in OpenSSL -- it's a protocol issue.
If SSL 3.0 is disabled in
On Wed, Oct 15, 2014 at 01:46:40AM +0200, Bodo Moeller wrote:
Here's a patch for the OpenSSL 1.0.1 branch that adds support for
TLS_FALLBACK_SCSV, which can be used to counter the POODLE attack
(CVE-2014-3566; https://www.openssl.org/~bodo/ssl-poodle.pdf).
Hi Bodo. Many thanks for the OOB