On Wed May 27 06:41:51 2015, raysat...@yahoo.com wrote:
On 3/16/2015 5:45 AM, Kai Engert via RT wrote:
Thank you very much for your work on this issue!
In my testing so far, it works as requested.
I noticed the code changes in x509_vfy.c apply fine on top of the 1.0.2
stable branch, and
Hi,
r...@openssl.org via RT wrote:
And linux-x86_64 won't work here, since it uses some instructions not
supported by MIC.
But all x86_64 modules feature run-time switch, when processor
capabilities are detected [with cpuid] and code that can't be executed
on any particular
Dear Andy,
On Mon, May 25, 2015 at 5:26 PM, Andy Polyakov via RT r...@openssl.org
wrote:
ghash-x86_64.s:1383: Error: no such instruction: `vpclmulqdq
$0,%xmm6,%xmm14,%xmm0'
What does 'gcc -Wa,-v -c -o /dev/null -x assembler /dev/null' print on
your system?
$ gcc -Wa,-v -c -o
Dear Andy,
On Mon, May 25, 2015 at 5:26 PM, Andy Polyakov via RT r...@openssl.org
wrote:
ghash-x86_64.s:1383: Error: no such instruction: `vpclmulqdq
$0,%xmm6,%xmm14,%xmm0'
What does 'gcc -Wa,-v -c -o /dev/null -x assembler /dev/null' print on
your system?
$ gcc -Wa,-v -c -o
Hi,
r...@openssl.org via RT wrote:
And linux-x86_64 won't work here, since it uses some instructions not supported by MIC.
But all x86_64 modules feature run-time switch, when processor
capabilities are detected [with cpuid] and code that can't be executed
on any particular processor
Hello,
Please find file attached: EVP_PKEY_asn1_set_item.patch.
This is a patch to allow setting item_verify and item_sign handlers
in the internal structure evp_pkey_asn1_method_st
(see crypto/asn1/asn1_locl.h).
These handlers are called when a signature is encountered requiring
special
Hello,
First, I apologize for posting to the dev group, but my email to the users
group doesn't seem to get posted.
We use OpenSSL-1.0.2a and FIPS 2.0.9 and have questions we need to answer in
conjunction with the FIPS validation
process.
One question is whether SHA1 accepts NULL (zero-length)
Hi,
Building latest master from github on OSX Yosemite (10.10.3) with:
Apple LLVM version 6.1.0 (clang-602.0.53) (based on LLVM 3.6.0svn)
configured using:
./Configure darwin64-x86_64-cc enable-ec_nistp_64_gcc_128
I needed a few changes in crypto/ec to get things working; see attached
Hello OpenSSL Org:
This is a change that Akamai has made to its implementation of OpenSSL.
Version: master branch
Description: Add traffic counters
Add data counters to SSL structure bytes_written and bytes_read
Includes SSL_get_byte_counters() API.
Github link:
Hello OpenSSL Org:
This is a change that Akamai has made to its implementation of OpenSSL.
Version: master branch
Description: Add certificate verify data to SSL struct
Add app_verify_callback and app_verify_arg to the SSL structure and add
SSL_SESSION_set_verify_result() API. The values are
Hello OpenSSL Org:
This is a change that Akamai has made to its implementation of OpenSSL.
Version: master branch
Description: Do not complain if config file not found
Remove warning when OpenSSL config file can't be found
Github link:
Hello OpenSSL Org:
This is a change that Akamai has made to its implementation of OpenSSL.
Version: master branch
Description: Add X509 OCSP error codes and messages
Github link:
https://github.com/akamai/openssl/commit/6a4a5ae2cca42c5143d82b2fd5520c1c64724d4f
And attachment.
Thank you.
--
Hello OpenSSL Org:
This is a change that Akamai has made to its implementation of OpenSSL.
Version: master branch
Description: Add external X509_STORE to SSL_CTX
Add SSL_CTX_set_cert_store_ref() API to add an external X509_STORE to
an SSL_CTX. (There is no get API).
Github link:
Because it goes ahead and proceeds. Not it is explicit testing ENOTFOUND.
It should either error+exit or not complain.
I can be convinced the current behavior is useful.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
___
openssl-dev mailing list
To
I'll let the original author (Rich Salz, cc'd), explain.
--
-Todd Short
// tsh...@akamai.com
// Sent from my iPhone
// One if by land, two if by sea, three if by the Internet.
On May 27, 2015, at 6:40 PM, Daniel Kahn Gillmor via RT r...@openssl.org
wrote:
On Wed 2015-05-27 16:32:45
On Wed 2015-05-27 16:32:45 -0400, Short, Todd via RT wrote:
This is a change that Akamai has made to its implementation of OpenSSL.
Version: master branch
Description: Do not complain if config file not found
Remove warning when OpenSSL config file can't be found
Github link:
On Tue 2015-05-26 14:56:10 -0400, Short, Todd via RT wrote:
This is a change that Akamai has made to its implementation of OpenSSL.
Version: master branch
Description: Add DISALLOW_RENEGOTIATION option
Add support to disallow renegotiation in openssl
The bit definition may need to change
Hi Daniel:
I don't disagree. These patches were made by Akamai employees over the years,
and we are finally able to contribute to them. They are of varying quality when
it comes to documentation (usually based on the original author of the patch).
--
-Todd Short
// tsh...@akamai.com
// Sent
18 matches
Mail list logo
