Re: [openssl-dev] openssl 1.0.2 SNAP stable 20161127 issue
On 28/11/16 09:51, Matt Caswell wrote: > > > On 27/11/16 13:27, The Doctor wrote: >> Can you get his fixed? >> >> ../util/shlib_wrap.sh ./heartbeat_test >> test_dtls1_not_bleeding failed: expected return value -1, received 0 >> ** test_dtls1_not_bleeding failed ** >> >> test_dtls1_not_bleeding_empty_payload failed: expected return value -1, >> received 0 >> ** test_dtls1_not_bleeding_empty_payload failed ** >> >> test_tls1_not_bleeding failed: expected return value -1, received 0 >> ** test_tls1_not_bleeding failed ** >> >> test_tls1_not_bleeding_empty_payload failed: expected return value -1, >> received 0 >> ** test_tls1_not_bleeding_empty_payload failed ** >> >> 4 tests failed >> *** Error code 1 >> >> Stop. >> make[1]: stopped in /usr/source/openssl-1.0.2-stable-SNAP-20161127/test >> *** Error code 1 >> >> Stop. >> make: stopped in /usr/source/openssl-1.0.2-stable-SNAP-20161127 >> > > Fix here: > > https://github.com/openssl/openssl/pull/2010 This has now been pushed so should show up in the next snapshot. Matt -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] FW: 1.1 master fails mac-then-encrypt test
On 28/11/16 23:00, Blumenthal, Uri - 0553 - MITLL wrote: > > The problem is in the test. Version negotiation happens before cipher > > selection. The test creates a connection which negotiates TLSv1.3. It > > then attempts to select a cipher. However no TLSv1.3 ciphers are offered > > by the test so the connection aborts. In truth the test is all about > > mac-then-encrypt which doesn't apply to TLSv1.3 anyway, so the test > > should just disable negotiation of that protocol version. > > Thanks for explaining! > > Would you be able to push a fix for this test? Fix is in github: https://github.com/openssl/openssl/pull/2013 Matt -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] Openssl 1.1 port - hash state serializing
On 28/11/16 20:16, Ken Goldman wrote: > There was no answer on the 'users' list, so this is perhaps now a > feature request. Please raise feature requests as issues on Github. Matt > > Is there a possibility of getting this function? > > ~~ > > I have a simulation of a hardware device that has the following > characteristics: > > - does hashing functions > - resource constrained > - multi-user > > Therefore, a typical pattern is that one application starts a digest > calculation, then the hash state must get swapped out for another user. > > In 1.0, I did this by (cheating) serializing the hash state to swap out, > than deserializing to swap back in. This required looking inside the > hash state structure. I know it wasn't portable across versions, but > the structure was pretty stable. > > Is there a way to do this in 1.1? Can one be added? > -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev