On 7/06/2014 4:02 AM, Dr. Stephen Henson wrote:
On Fri, Jun 06, 2014, Mike Bland wrote:
__func__ is defined in C99. What version of the SGI C compiler are you
using? According to the following, as of version 7.4, the -c99 flag
should enable this to compile:
Neither help messages nor man pages include description of
-trusted_first option. This patch fixes this issue
Pull request: https://github.com/openssl/openssl/pull/124
--
Regards,
Hubert Kario
__
OpenSSL Project
Hello,
I've created a patch in the form of a pull request (
https://github.com/openssl/openssl/pull/119) which allows users to specify
a custom amount of iterations to use in key derivation for the PKCS#8 app
in app/pkcs8.c.
Thanks,
- NTK
Hello,
We ran parfait on OpenSSL and found the following errors in openssl-1.0.1g:
1. Error: Uninitialised memory (CWE 456)
Possible access to uninitialised memory 'num'
at line 267 of
components/openssl/openssl-1.0.1/build/sparcv9-wanboot/crypto/evp/bio_b64.c
in function
A colleague here noticed that the pthreads-based locking loses the distinction
between read and write locks. We've collected mutex contention data, and found
that the CRYPTO_ERR lock, used while getting error info, is one of the biggest
offenders.
It turns out that pthreads_locking_callback
On Thu, Jun 05, 2014 at 11:59:30PM +0200, Matt Caswell via RT wrote:
On Thu Jun 05 23:42:31 2014, k...@roeckx.be wrote:
We are likely to see
a lot more like this as Mike's test team get going. In unit testing
its okay
to access internal symbols.
But then you shouldn't link to the
On Thu, Jun 05, 2014 at 11:59:30PM +0200, Matt Caswell via RT wrote:
On Thu Jun 05 23:42:31 2014, k...@roeckx.be wrote:
We are likely to see
a lot more like this as Mike's test team get going. In unit testing
its okay
to access internal symbols.
But then you shouldn't link to the
Before this goes in, I'm going to take this opportunity to raise a
question that I've documented on the wiki (which came up in a
discussion off-list):
http://wiki.openssl.org/index.php/Unit_Testing#How_to_Manage_Private_Symbols
Why do any of the symbols need to be private? Is that degree of
Thanks! That corrects the problem.
Yes, problem was on the client side.
-Original Message-
From: owner-openssl-...@openssl.org [mailto:owner-openssl-...@openssl.org] On
Behalf Of Dr. Stephen Henson
Sent: Saturday, June 07, 2014 9:34 AM
To: openssl-dev@openssl.org
Subject: Re: OpenSSL
On Sat, Jun 7, 2014 at 4:33 AM, Tim Hudson t...@cryptsoft.com wrote:
On 7/06/2014 4:02 AM, Dr. Stephen Henson wrote:
On Fri, Jun 06, 2014, Mike Bland wrote:
__func__ is defined in C99. What version of the SGI C compiler are you
using? According to the following, as of version 7.4, the -c99
On Sat, Jun 07, 2014 at 09:46:38AM -0400, Mike Bland wrote:
Why do any of the symbols need to be private? Is that degree of
encapsulation necessary, and does it really discourage irresponsible
clients? The source code is open, so people can always build their own
copy and depend on internals
And I want to reduce the number of exposed APIs.
Except that as we (hopefully) move to making struct's opaque, then we'll need
add lots of accessors. I assume you know that, but just want to make sure
folks realize it.
In the medium term, I'd like to see things like this BN foo; break at
On Sat, Jun 07, 2014 at 11:06:56AM -0400, Salz, Rich wrote:
And I want to reduce the number of exposed APIs.
Except that as we (hopefully) move to making struct's opaque, then we'll need
add lots of accessors. I assume you know that, but just want to make sure
folks realize it.
Those
Because of a missing include fcntl.h we don't have O_CREATE and don't create
the file with open() using mode 0600 but fall back to using fopen() with the
default umask followed by a chmod().
Problem found by Jakub Wilk jw...@debian.org.
---
crypto/rand/randfile.c | 1 +
1 file changed, 1
Hello
On a windows 7 / gcc-for-windows configuration
the command ms/mingw32 fails :
In file included from tmp/e_os.h:282:0
from .\ssl\ssl_locl.h:150
from .\ssl\t1_lib.c:118
In file gcc-for-windows\include\ws2tcpip.h:38:2 erreor #error w2tcpip.h
is not compatible
Hello
I try to compile openssl
- OS : windows 7
- compiler : gcc-for-windows (mingw32)
With the ms/mingw32 -no-asm command, I get a gcc warning :
'-mcpu=' is deprecated, use '-mtune=' or '-march=' instead
The Configure file seems correct for mingw32 :
mingw, gcc:-mno-cygwin -DL_ENDIAN
Hello Mike
I work on / provide custom tools, based on source code analysis, that
can
help in
- generating autotest test suites according to each function signature :
random / full combinatory of argument values : to check the
function robustness
wide loops : to check memory
The recently released preview of MSVC14 has changed the ABI for the C Runtime
library. The intent is to avoid having to change it again in the future, so
that DLLs linked against the current version will be able to safely use later
versions.
In e_os.h there is the following code which does
Hello,
Our UC-KLEE tool found a NULL function pointer call in the latest OpenSSL 1.0.1
(and probably other versions) in n_ssl3_mac() (ssl/s3_enc.c) caused by an
unchecked return value from EVP_MD_CTX_copy_ex().
The offending code from n_ssl3_mac() is:
EVP_MD_CTX_init(md_ctx);
On 7/06/2014 7:10 PM, Jenny Yung via RT wrote:
Hello,
We ran parfait on OpenSSL and found the following errors in openssl-1.0.1g:
1. Error: Uninitialised memory (CWE 456)
Possible access to uninitialised memory 'num'
at line 267 of
On Sun, Jun 08, 2014 at 12:01:28AM +0200, Tim Hudson via RT wrote:
Already fixed in the 1.0.1 stable branch so it is already included in
1.0.1h onwards and 1.0.1m is the current recommended version.
[...]
Can you re-run parfait against the current release version of OpenSSL
for that branch -
On 6 June 2014 22:21, Zoltan Arpadffy z...@polarhome.com wrote:
Hi,
after some testing the new release I realized that 1.0.1h does not build nor
run HEARBEAT bug unit test on OpenVMS.
The following patch corrects the problem.
Best as a pull request on github.
Thanks,
Z
-
From: Mike Bland [mailto:mbl...@acm.org]
Sent: Saturday, June 07, 2014 6:36 PM
Just created https://github.com/openssl/openssl/pull/126 with what I
hope is a workable solution.
104 +#if __STDC_VERSION__ 199901L
105 +#define testutil_stringify_helper(s) #s
106 +#define testutil_stringify(s)
23 matches
Mail list logo