Re: [openssl.org #1574] Session Ticket in OpenSSL 0.9.9 and EAP-FAST

On Wed, Nov 12, 2008 at 07:07:56PM +0100, Stephen Henson via RT wrote: > Well I'm assuming that there needs to be a way to obtain the ticket > value the peer has sent. Although it is possible to use the debugging > interface for that it then prevents it being used for anything else. > > Somethin

Re: [openssl.org #1574] Session Ticket in OpenSSL 0.9.9 and EAP-FAST

On Wed, Nov 12, 2008 at 07:07:56PM +0100, Stephen Henson via RT wrote: > Well I'm assuming that there needs to be a way to obtain the ticket > value the peer has sent. Although it is possible to use the debugging > interface for that it then prevents it being used for anything else. > > Somethin

Re: Expected cert-path validation behavior

Hi Patrick and Steve, Just to confirm one last thing about the NIST/RFC3280 discussion below again: if there is no CRL present at all for a given CA and we are doing string revocation information checking, then we fail the associated request? Or in other words, is absence of a CRL for a given CA

[openssl.org #1785] 0.9.9 HEAD: possible coredump in DSA; fix included

When the malloc() fails, the original code would still try to access the (invalid) pointer. --- \\Debbie\ger\prj\1original\openssl\openssl\crypto\dsa\dsa_asn1.c 2008-11-12 20:36:01.0 +-0100 +++ \\Debbie\ger\prj\3actual\openssl\crypto\dsa\dsa_asn1.c 2008-11-12 21:29:50.0 +-

Re: [openssl.org #1780] OSCP_REQUEST name collision between ossl_typ.h and Wincrypt.h using Windows Platform SDK 6.0a in openssl-0.9.8h and openssl-0.9.8i

Duplicate, see lists for solutions. Roumen __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager

[openssl.org #1574] Session Ticket in OpenSSL 0.9.9 and EAP-FAST

> [EMAIL PROTECTED] - Wed Nov 12 14:46:47 2008]: > > On Tue, Nov 11, 2008 at 12:09:55PM +0100, Stephen Henson via RT wrote: > > > OK, we'd need the generic extension part of the patch modified to > only > > override the session ticket extension. > > I replaced SSL_set_hello_extension() function

Re: [openssl.org #1574] Session Ticket in OpenSSL 0.9.9 and EAP-FAST

On Tue, Nov 11, 2008 at 12:09:55PM +0100, Stephen Henson via RT wrote: > OK, we'd need the generic extension part of the patch modified to only > override the session ticket extension. I replaced SSL_set_hello_extension() function with SSL_set_session_ticket_ext() and renamed the related structu

Re: [openssl.org #1574] Session Ticket in OpenSSL 0.9.9 and EAP-FAST

On Tue, Nov 11, 2008 at 12:09:55PM +0100, Stephen Henson via RT wrote: > OK, we'd need the generic extension part of the patch modified to only > override the session ticket extension. I replaced SSL_set_hello_extension() function with SSL_set_session_ticket_ext() and renamed the related structu

[openssl.org #1784] PATCH: trivial error in RFC 3779 i2r code

i2r_address() doesn't handle the all-zeros IPv6 address correctly (prints ":" when should print "::"). Trivial fix, to be applied to both 0.9.8 branch and HEAD, please. --- crypto/x509v3/v3_addr.c.~1~ 2008-10-14 16:00:15.0 -0400 +++ crypto/x509v3/v3_addr.c 2008-11-11 18:26:02.