On Mon, 16 Apr 2012 19:44:32 +0200, Andy Polyakov via RT r...@openssl.org
wrote:
http://cvs.openssl.org/chngview?cn=22397
Looks good, thanks!
--
Alexei.
__
OpenSSL Project
On Mon, 16 Apr 2012 19:44:32 +0200, Andy Polyakov via RT r...@openssl.org
wrote:
http://cvs.openssl.org/chngview?cn=22397
Looks good, thanks!
--
Alexei.
__
OpenSSL Project
I think from the point of view of both interoperability and security, the
original empty-fragment approach is best when a cipher using 8-byte blocks
has been negotiated (usually 3DES), while 1 / n-1 splitting is better for
interoperability and fully adequate for large block sizes (AES).
On 04/16/2012 04:41 PM, Simon Convey wrote:
Dear all,
( On a Linux 2.6.32 x86_64 ) I'm trying to build a
FIPS 2 openssl When I configure the fips code, config spits out as
warning
...
WARNING: OpenSSL has been configured using unsupported option(s) to internally
Hi,
I've had 2 users report a crash in RC4() on x86_64. The
backtrace looks like:
#0 RC4 () at rc4-x86_64.s:343
#1 0x012d in ?? ()
#2 0x00df in ?? ()
#3 0x020b5660 in ?? ()
#4 0x7fc075f6a9c9 in rc4_hmac_md5_cipher (ctx=optimized out,
out=0x20aae98
Issue got fixed after adding /fixed flag in the linker. One mistake was
fipscanister.lib was in the link like. Issue resolved after removing
fipscanister.lib from the link line.
Thanks everyone for your help.
Thanks,
-Vimol
On Mon, Apr 16, 2012 at 10:49 PM, Dr. Stephen Henson
Hello,
I would like to ask if any static analysis tool was ever used to detect
possible problems in OpenSSL source code. Is some tool used regularly?
I tried running Clang Static Analyzer [1] on the source of OpenSSL. It
found 222 possible bugs. You can see the full list here [2]. At least
65 of