code from
URL: http://www.pvv.ntnu.no/~josteitv/papers/ssl_vuln_code.tar.gz
if you are interested.
The file you want to look at is sslciphercheck.c.
--
Jostein Tveit [EMAIL PROTECTED]
__
OpenSSL Project
(./Configure solaris-sparcv9-gcc shared)
--
Jostein Tveit [EMAIL PROTECTED]
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated
make[1]: Leaving directory `/opt/home/jtv/apps/openssl-0.9.8-beta5/test'
make: *** [tests] Error 2
--
Jostein Tveit [EMAIL PROTECTED]
__
OpenSSL Project http://www.openssl.org
Development Mailing
tried to set RANDFILE, but that didn't help.
Is it possible to turn on some RNG debugging?
Regards,
--
Jostein Tveit [EMAIL PROTECTED]
__
OpenSSL Project http://www.openssl.org
Development Mailing
(RSA_F_RSA_SETUP_BLINDING, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
BN_BLINDING_set_thread_id(ret, CRYPTO_thread_id());
err:
BN_CTX_end(ctx);
--
Jostein Tveit [EMAIL PROTECTED]
__
OpenSSL
Hello, OpenSSL developers!
Have you ever thought of making a general PKCS#11 engine module
in OpenSSL?
Do you see any reasons why such a module wouldn't fit in?
Regards,
--
Jostein Tveit [EMAIL PROTECTED]
__
OpenSSL Project
Lutz Jaenicke [EMAIL PROTECTED] writes:
On Tue, Feb 03, 2004 at 08:41:23AM +0100, Jostein Tveit wrote:
What exactly does the comment in ssl/ssl_lib.c mean:
/* works well for SSLv2, not so good for SSLv3 */
char *SSL_get_shared_ciphers(SSL *s,char *buf,int len)
Its part of the protocol
cipher suite to determine the shared ciphers?
Thanks in advance.
Regards,
--
Jostein Tveit ([EMAIL PROTECTED])
__
OpenSSL Project http://www.openssl.org
Development Mailing List
: 0123456789abcdef)[fracpart % 10];
fracpart = (fracpart / 10);
} while (fplace max);
if (fplace == sizeof fplace)
Same bug. Should probably be sizeof(fconvert), not fplace.
fplace--;
fconvert[fplace] = 0;
--
Jostein Tveit ([EMAIL PROTECTED
: developers of products that provide SSL/TLS services and therefore may be
: vulnerable to the generic problems discovered. Unfortunately this means
: that we will not be able to release the material to you.
--
Jostein Tveit ([EMAIL PROTECTED
10 matches
Mail list logo