Re: [openssl.org #3165] tru64-alpha-cc compatibility fixes

2013-11-11 Thread Daniel Richard G. via RT
On Sun, 2013 Nov 10 23:01+0100, Andy Polyakov via RT wrote: If 'perl | cc -E - a.s' was used, then consequent 'cc -c a.s' was observing truncated file, as if buffer was not flushed in time. Ah, strange. Maybe a bug in their early implementation of support for preprocessing stdin. (I think it

Re: [openssl.org #3165] tru64-alpha-cc compatibility fixes

2013-11-11 Thread Daniel Richard G.
On Sun, 2013 Nov 10 23:01+0100, Andy Polyakov via RT wrote: If 'perl | cc -E - a.s' was used, then consequent 'cc -c a.s' was observing truncated file, as if buffer was not flushed in time. Ah, strange. Maybe a bug in their early implementation of support for preprocessing stdin. (I think it

[openssl.org #3169] [PATCH] Additional chain_cert functions for 1.0.2-dev

2013-11-11 Thread Rob Stradling via RT
This patch, which currently applies successfully against master and 1_0_2, adds the following functions: SSL_[CTX_]select_current_cert() - set the current certificate without disturbing the existing structure. SSL_[CTX_]get0_chain_certs() - get the current certificate's chain.

PIC code on Sparc Solaris

2013-11-11 Thread Tom Kacvinsky
The short story is that I want to make static libraries of Open SSL so that I can make Python modules (_ssl) that link against Open SSL statically, thereby reducing the amount of run time dependencies we have. But when I link these libraries in statically, I get relocation errors form the linker

Re: PIC code on Sparc Solaris

2013-11-11 Thread Tom Kacvinsky
It helps if I tell you I am using opnessl-1.0.1e On Mon, Nov 11, 2013 at 1:06 PM, Tom Kacvinsky tom.kacvin...@vectorcast.com wrote: The short story is that I want to make static libraries of Open SSL so that I can make Python modules (_ssl) that link against Open SSL statically, thereby

openssl-1.0.2-stable-SNAP-20131111

2013-11-11 Thread The Doctor
This might have cropped into all the SSL snapshots. /usr/bin/ranlib ../libssl.a || echo Never mind. if [ -n libcrypto.so.1.0.0 libssl.so.1.0.0 ]; then (cd ..; make libssl.so.1.0.0); fi [ -z ] || gcc3 -fPIC -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -pthread -D_THREAD_SAFE

Re: [PATCH 0/4] ppc64 port to little-endian

2013-11-11 Thread Marcelo Cerri
On Fri, Nov 08, 2013 at 09:59:11PM +0100, Andy Polyakov wrote: Andy, do you think the changes in the config scripts can already be committed? Sure. Basically, explicit confirmation that everything works would have sufficed. Only one remaining thing. As for config patch, I don't quite

How to tweak openSSL vulnerabilities CVE-2013-0169

2013-11-11 Thread Alok Sharma
One of the openSSL vulnerabilities is: CVE-2013-0169: The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, , do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote

Fwd: How to tweak openSSL vulnerabilities CVE-2013-0169

2013-11-11 Thread Alok Sharma
One of the openSSL vulnerabilities is: CVE-2013-0169: The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, , do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote