Re: Add cipher to openssl

2012-09-24 Thread Arsen Babakhanyan
Hello all i am trying to add my crypto algorithm to openssl, but it is very hard to change all files in project to integrate it. please help me with this, how to do it, Is there any easy ways to do it? is there any manuals for it ? Thank you in advance.

Re: [openssl.org #2836] [PATCH] Staple the correct OCSP Response when multiple certs are configured

2012-09-24 Thread Rob Stradling
Hi Steve. I saw your update (to 1.0.2 and HEAD), and I did start looking at backporting it into my 1.0.1/1.0.0/0.9.8 patches. ssl_get_server_send_pkey() is not available in 1.0.1 and earlier, so the t1_lib.c patch would have to be something like... + X509 *x; +

Re: [openssl.org #2836] [PATCH] Staple the correct OCSP Response when multiple certs are configured

2012-09-24 Thread Rob Stradling
On 21/09/12 15:04, Stephen Henson via RT wrote: [rob.stradl...@comodo.com - Fri Sep 21 15:55:39 2012]: Hi Steve. I saw your update (to 1.0.2 and HEAD), and I did start looking at backporting it into my 1.0.1/1.0.0/0.9.8 patches. ssl_get_server_send_pkey() is not available in 1.0.1 and

Re: [openssl.org #2836] [PATCH] Staple the correct OCSP Response when multiple certs are configured

2012-09-24 Thread Rob Stradling
On 21/09/12 15:12, Rob Stradling via RT wrote: On 21/09/12 15:04, Stephen Henson via RT wrote: snip Easiest solution is to also backport ssl_get_server_send_pkey see: http://cvs.openssl.org/chngview?cn=22840 I didn't think of that. Thanks! I'll prepare patches to backport 22840 to 1.0.0

[openssl.org #2881] [BUG][PATCH] TLS 1 1.1 client ciphersuites incorrectly truncated

2012-09-24 Thread Tyler Hicks via RT
In Ubuntu, we build OpenSSL 1.0.1 with -DOPENSSL_NO_TLS1_2_CLIENT and -DOPENSSL_MAX_TLS1_2_CIPHER_LENGTH=50. At first glance, this seems like a strange combination of build options to me. Ignoring that for the moment, I've ran into a bug where the TLS 1 and TLS 1.1 ClientHello suggested

[openssl.org #2882] [Urgent] OpenSSLASN1 Bio vulnerability - Information Request

2012-09-24 Thread St├ęphane Boua via RT
Hi, Is OpenSSL ASN1 Bio vulnerability fixed in the version 1.0.0j of OpenSSL ? The recommended version to address that flaw was 1.0.0i which is prior to 1.0.0j Thanks in advance for your quick feedback. St├ęphane Boua [cid:image001.jpg@01CD9757.9F530720] www.gdfsuez.comhttp://www.gdfsuez.com/