Re: [openssl-dev] License compatibility: OpenSSL and Apache v2

> Let's imagine someone develop extension module to OpenSSL, and release it > under Apache v2 license. > Do you see any possible issues with using this extension module as a part of > OpenSSL? Are you writing an extension that you are going to distribute, or is it something you want to contribu

[openssl-dev] License compatibility: OpenSSL and Apache v2

Hello, Let's imagine someone develop extension module to OpenSSL, and release it under Apache v2 license. Do you see any possible issues with using this extension module as a part of OpenSSL? ___ openssl-dev mailing list openssl-dev@openssl.org https://m

Re: [openssl-dev] [openssl.org #3627] Enhancement request: add more "Protocol" options for SSL_CONF_CTX

|"Kurt Roeckx via RT" wrote: ||been one that sets the minimum and maximum version. But I think ||we're too late 1.0.2 process to still change this. Attached a git format-patch MBOX for 1.0.2 (on top of [6806b69]). It boils anything down into two changesets (SSL_CONF_CTX and pseudo protocols).

Re: [openssl-dev] [openssl.org #3627] Enhancement request: add more "Protocol" options for SSL_CONF_CTX

Richard Moore wrote: |On 9 December 2014 at 11:35, Steffen Nurpmeso wrote: |> Richard Moore wrote: |>|On 8 December 2014 at 19:20, Steffen Nurpmeso via RT |> wrote: |>|> and finally i propose three new values for the "Protocol" slot of |>|> SSL_CONF_CTX_cmd(): OLDEST, NEWEST and VULNERABL

Re: [openssl-dev] [openssl.org #3627] Enhancement request: add more "Protocol" options for SSL_CONF_CTX

Richard Moore wrote: |On 8 December 2014 at 19:20, Steffen Nurpmeso via RT wrote: |> and finally i propose three new values for the "Protocol" slot of |> SSL_CONF_CTX_cmd(): OLDEST, NEWEST and VULNERABLE. | |In Qt we've added an enum value for TLS versions that is SecureProtocols so |that w

Re: [openssl-dev] [openssl.org #3627] Enhancement request: add more "Protocol" options for SSL_CONF_CTX

"Salz, Rich" wrote: |I think magic names -- shorthands -- are a very bad idea. \ I _completely_ disagree. | They are point-in-time statements whose meaning evolves, \ |if not erodes, over time. Because i don't think that a normal user, or even normal administrators and programmers is and are

Re: [openssl-dev] [openssl.org #3627] Enhancement request: add more "Protocol" options for SSL_CONF_CTX

"Kurt Roeckx via RT" wrote: |On Mon, Dec 08, 2014 at 08:20:44PM +0100, Steffen Nurpmeso via RT wrote: |> and finally i propose three new values for the "Protocol" slot of |> SSL_CONF_CTX_cmd(): OLDEST, NEWEST and VULNERABLE. | |I actually find the option unfortunate and I think it should have

Re: [openssl-dev] [openssl.org #3625] Enhancement request: user convenience for SSL_CONF_CTX with SSLv2

"Kurt Roeckx via RT" wrote: |On Mon, Dec 08, 2014 at 07:58:31PM +0100, Steffen Nurpmeso via RT wrote: |> set ssl-protocol="ALL,-SSLv2" |> |> This results in the obvious problem that when they (get) |> upgrade(d) their OpenSSL library they will see a completely |> intransparent error messa

Re: [openssl-dev] [openssl.org #3627] Enhancement request: add more "Protocol" options for SSL_CONF_CTX

On 9 December 2014 at 11:35, Steffen Nurpmeso wrote: > Richard Moore wrote: > |On 8 December 2014 at 19:20, Steffen Nurpmeso via RT > wrote: > |> and finally i propose three new values for the "Protocol" slot of > |> SSL_CONF_CTX_cmd(): OLDEST, NEWEST and VULNERABLE. > | > |In Qt we've add

Re: [openssl-dev] [openssl.org #3622] bug: crypto, valgrind reports improper memory access with AES128 cbc and longer plaintext

> The demo program actually allocates a whole extra block for the output, so > there should always be extra space available. Yes, which is why I said "as for alleged buffer overruns in *your* program". I mean you said "I discovered this [suspected buffer overrun] in my real code" and as you didn'