Integration of #2578

Hi OpenSSL dev team ! Would you be able to integrate #2578 into next version of OpenSSL? http://rt.openssl.org/Ticket/Display.html?id=2578 Kris __ OpenSSL Project http://www.openssl.org

Re: Integration of #2578

Hello! +1. It's a very useful feature for testing purposes. On Thu, Sep 18, 2014 at 11:31 AM, Krzysztof Kwiatkowski krzys...@leeds.pl wrote: Hi OpenSSL dev team ! Would you be able to integrate #2578 into next version of OpenSSL? http://rt.openssl.org/Ticket/Display.html?id=2578 Kris

[openssl.org #3536] [PATCH] make locking code in load_builtin_compressions() look less scary

From 151cc7b47ebf8530c0357ddc909cea5c070fb023 Mon Sep 17 00:00:00 2001 From: Rolf Eike Beer e...@emlix.com Date: Thu, 18 Sep 2014 11:12:10 +0200 Subject: [PATCH] make locking code in load_builtin_compressions() look less scary This way it is obvious that read and write locks are not mixed. ---

Re: Windows folks -- comment on this patch for RT 2301?

I am programming in win32 for years, still today. The patch seems relevant, compliant with MS guidelines on Bitmaps manipulations. Anyway, it is documented that other memory allocation than VirtualAlloc for use with getdibits is not safe :

Re: Windows folks -- comment on this patch for RT 2301?

I meant in fact that calling two times getdibits could have given the necessary info to, then, allocate the proper buffer, instead of using getobject. Getdibits does not return a new pointer by itself. Sorry for the mistake. Le 18/09/2014 12:49, Pierre DELAAGE a écrit : GetDibits COULD also

[openssl.org #3535] TS high-precision time malformation - demo

Quick demonstration - doing a statistics on first decimal place digit of large number of time-stamps: - sample output: ... ### BEFORE: 0: 0% --- ! 1:11% 2:11% 3:11% 4:10% 5:11% 6:11% 7:12% 8:12% 9:11% ### AFTER: 0:10% 1:10% 2:10% 3:10% 4:10% 5:10% 6:10% 7:10% 8:10% 9:10% -

[openssl.org #3535] TS high-precision time malformation - demo fix

There is one missing step in the script above: echo foo | openssl ts -query -out /tmp/x.tsq (to be added e.g. below the EOF line) Michal Bozon __ OpenSSL Project http://www.openssl.org

RE: Integration of #2578

It's too late for 1.0.2, which is in feature-freeze and only getting bugfixes. But I'll put it in my branch on github for inclusion in the next release after. -- Principal Security Engineer, Akamai Technologies IM: rs...@jabber.me Twitter: RichSalz

RE: [openssl.org #3535] TS high-precision time malformation - demo

The default time comes from the gettimeofday() system call (see def_time_cb in ts_rsp_sign.c). I don't see any openssl bug here. -- Principal Security Engineer, Akamai Technologies IM: rs...@jabber.me Twitter: RichSalz -Original Message- From: owner-openssl-...@openssl.org

RE: [openssl.org #3535] TS high-precision time malformation - demo

Jeremy Farrell was kind enough off-list to provide me with a clue :) There is a bug in openssl formatting. :��IϮ��r�m (Z+�7�zZ)���1���x��hW^��^��%����jם.+-1�ځ��j:+v���h�

Re: [openssl.org #3333] [PATCH] Revert Make Makefiles OSF-make-friendly.

On Tue 16 Sep 2014 08:15:37 Andy Polyakov via RT wrote: This reverts commit d1cf23ac86c05b22b8780e2c03b67230564d2d34. When gcc is given a .s file and told to preprocess it, it outputs nothing. Since gcc targets are more common/important than OSF, revert it and let the original

[openssl.org #2301] Re: Slow crypto initialization.

Fixed in master and 1.0.2 OpenSSL_1_0_2-stable 5015a93 RT2301: GetDIBits, not GetBitmapBits in rand_win master 99b00fd RT2301: GetDIBits, not GetBitmapBits in rand_win Author: Jake Goulding gould...@vivisimo.com Date: Fri Sep 5 11:13:23 2014 -0400 RT2301: GetDIBits, not GetBitmapBits in rand_win

[openssl.org #3530] Problems measuring openssl speed

On Wed Sep 17 21:41:01 2014, beld...@gmail.com wrote: Hello Matt, the improved patch is attached. It uses the EVP_DigestSign* API instead of EVP_digest and does not modify any header files. Thank you! Hi Dmitry There are still some significant problems with this patch as it is currently

[openssl.org #1751] [PATCH] Support DTLS compatibility with Cisco AnyConnect VPN

Dong a spot-check, it looks like this code was integrated by Ben and maybe others. closing ticket. -- Rich Salz, OpenSSL dev team; rs...@openssl.org __ OpenSSL Project http://www.openssl.org

Re: [openssl.org #3291] Resolved: Patch/enhancement to CA.pl script

Thanks for taking into consideration my small contribution. I guess this will also impact on an update of the documentation. 2014-09-08 17:22 GMT+02:00 Rich Salz via RT r...@openssl.org: According to our records, your request has been resolved. If you have any further questions or concerns,

Re: [openssl.org #3528] [PATCH] ssl: SSL_MODE_ASYNC_KEY_EX

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Here is an example of how it could be used (in my TLS terminator): https://github.com/indutny/bud/compare/master...feature/async-key-ex Basically, if you have ever used async SSL API, you should be aware of things like: SSL_ERROR_WANT_READ

[openssl.org #3291] Patch/enhancement to CA.pl script

Right, doc updated: commit e8185aea878a5a83712ad40a2740edc47442a1c3 Author: Rich Salz rs...@openssl.org Date: Thu Sep 18 21:45:41 2014 -0400 RT3291: Add -crl and -revoke options to CA.pl Document the new features Reviewed-by: Tim Hudson t...@openssl.org --- -- Rich Salz, OpenSSL dev team;