[openssl.org #3436] Platform strategy

2014-07-05 Thread Tim Hudson via RT
I am closing this item as it is not actually a defect (although we do appreciate getting rapid feedback on the roadmap). The discussion in terms of platform strategy should continue on the openssl-dev mailing list as we work through tackling platform related issues. Separately I'm looking

[openssl.org #2204] Contribution [OS: all] [Version openssl-0.9.8m]

2014-07-05 Thread Tim Hudson via RT
Closing this item - see #3434 which is an overlapping (and more detailed replacement). Further discussions on AES wrapping should be added into that ticket and/or continue on openssl-dev. Thanks, Tim. __ OpenSSL Project

Re: [openssl.org #3387] Bug Report with fixes: null pointer and uninitialised memory errors

2014-06-09 Thread Tim Hudson via RT
On 8/06/2014 11:40 AM, Kurt Roeckx via RT wrote: On Sun, Jun 08, 2014 at 12:01:28AM +0200, Tim Hudson via RT wrote: Already fixed in the 1.0.1 stable branch so it is already included in 1.0.1h onwards and 1.0.1m is the current recommended version. [...] Can you re-run parfait against

Re: [openssl.org #3387] Bug Report with fixes: null pointer and uninitialised memory errors

2014-06-07 Thread Tim Hudson via RT
On 7/06/2014 7:10 PM, Jenny Yung via RT wrote: Hello, We ran parfait on OpenSSL and found the following errors in openssl-1.0.1g: 1. Error: Uninitialised memory (CWE 456) Possible access to uninitialised memory 'num' at line 267 of

Re: [openssl.org #2578] s_client bind ip

2014-05-24 Thread Tim Hudson via RT
On 24/05/2014 11:06 PM, Krzysztof Kwiatkowski via RT wrote: Hello, This patch implements request for ticket 2578. I've also created pull request in github that you can find here: https://github.com/openssl/openssl/pull/108 Why is there a crypto/objects/obj_xref.h change mixed in with this

[openssl.org #3289] base64 BIO decoding bug - patch supplied + examples

2014-05-06 Thread Tim Hudson via RT
Re-opening item. See https://rt.openssl.org/Ticket/Display.html?id=3345 This patch introduced an uninitialised read. A num=0 initialisation is required prior to the for loop. __ OpenSSL Project

[openssl.org #3345] potential bug in crypto/evp/bio_b64.c

2014-05-06 Thread Tim Hudson via RT
On Tue May 06 05:13:42 2014, arthurm...@gmail.com wrote: Coverity run has uncovered the following use of uninitialized local variable in b64_read(). This applies to both 1.0.1g and master branch: See https://rt.openssl.org/Ticket/Display.html?id=3289 which is the patch which introduced this

[openssl.org #3340] coverity issues 966593-966596

2014-05-04 Thread Tim Hudson via RT
coverity issues 966593-966596 966593 Uninitialized scalar variable The variable will contain an arbitrary value left from earlier computations. In SRP_create_verifier: Use of an uninitialized variable __ OpenSSL Project

[openssl.org #3341] coverity issue 966597

2014-05-04 Thread Tim Hudson via RT
966597 Uninitialized scalar variable The variable will contain an arbitrary value left from earlier computations. In d2i_SSL_SESSION: Use of an uninitialized variable __ OpenSSL Project

[openssl.org #3342] coverity issue 966577

2014-05-04 Thread Tim Hudson via RT
966577 Resource leak The system resource will not be reclaimed and reused, reducing the future availability of the resource. In init_client_ip: Leak of memory or pointers to system resources __ OpenSSL

[openssl.org #3046] bug report, openssl 1.0.1e sha1 hash generation

2014-04-29 Thread Tim Hudson via RT
The two echo commands are different values (being different actual echo programs) and hence have different digests. As a user: macbuild:~ tjh$ echo -n 12345 | od -x 000 3231 3433 0035 005 As root: echo -n 12345 | od -x 000 6e2d 3120 3332 3534 000a 011 The root echo is one

[openssl.org #3039] Can't Compile openssl-fips-1.1.2: collect2: ld returned 1 exit status

2014-04-29 Thread Tim Hudson via RT
On Fri May 03 19:05:13 2013, burton.sm...@williams.com wrote: Thanks, but after playing with this puzzle for a while I combined the configuration options that were supposed to correct it individually. It worked. Closed as resolved.

[openssl.org #3274] Quoting problem in v1.0.1f

2014-04-29 Thread Tim Hudson via RT
On Tue Mar 04 16:03:58 2014, dominik.stras...@onespin-solutions.com wrote: Hi all, the top level Makefile has a small with quoting when CC has an argument. The attached mini-patch fixes the problem Closing item s resolved as SteveH checked in a fix for this in master, 1.0.1 stable and 1.0.2

[openssl.org #3232] [PATCH] Makefile.org: Fix usage of CC=gcc -m32

2014-04-29 Thread Tim Hudson via RT
Note: PR#3274 is a duplicate of this issue just closed. Closing this item too as resolved as SteveH checked in a fix for this in master, 1.0.1 stable and 1.0.2 stable after the issue was reported. https://github.com/openssl/openssl/commit/24e20db4aa18ff8a6f67ae7faf80cf2b99f8b74a

[openssl.org #3289] base64 BIO decoding bug - patch supplied + examples

2014-04-29 Thread Tim Hudson via RT
On Wed Apr 02 19:22:14 2014, e...@pobox.com wrote: Fixing one of my own bugs, there since SSLeay days I belive :-) Closing item as resolved. SteveH committed the fix across all branches ... https://github.com/openssl/openssl/commit/10378fb5f4c67270b800e8f7c600cd0548874811

[openssl.org #3309] Bug: Missing critical flag for extended key usage not detected in time-stamp verification

2014-04-29 Thread Tim Hudson via RT
On Wed Apr 16 14:25:34 2014, s...@pdflib.com wrote: Am 15.04.14 20:00, schrieb Stephen Henson via RT: I've just added a fix (and to two other cases in the same file). Let me know of any problems. Closed as resolved. SteveH committed changes across all branches.

[openssl.org #3253] Compile issues - Solaris 10

2014-04-29 Thread Tim Hudson via RT
On Mon Feb 03 15:16:14 2014, steve wrote: ... I've just committed a fix. Let me know of any problems. Closed as resolved. __ OpenSSL Project http://www.openssl.org Development Mailing List

[openssl.org #3183] SSL_set_SSL_CTX() should apply more settings from the SSL_CTX being switched to

2014-04-29 Thread Tim Hudson via RT
Leaving issue open. Note: SteveH checked in a partial fix adding in a getter function - SSL_CTX_get_ssl_method https://github.com/openssl/openssl/commit/ba168244a14bbd056e502d7daa04cae4aabe9d0d Tim. __ OpenSSL Project

[openssl.org #3216] Invalid shell syntax == in test/testssl (only 0.9.8 and 1.0.0)

2014-04-29 Thread Tim Hudson via RT
On Tue Jan 07 09:26:25 2014, rainer.j...@kippdata.de wrote: File test/testssl in branches 0.9.8 and 1.0.0 contains the line if [ $protocol == SSLv3 ] ; then Closed as resolved. SteveH committed fixes. https://github.com/openssl/openssl/commit/080ae6843299c873808c04487d4ccf51624fe618 Tim

[openssl.org #3106] [PATCH] Fix build with OPENSSL_NO_NEXTPROTONEG.

2014-04-29 Thread Tim Hudson via RT
Marking issue as resolved. SteveH checked in fixes. https://github.com/openssl/openssl/commit/2911575c6e790541e495927a60121d7546a66962 Tim. __ OpenSSL Project http://www.openssl.org Development

[openssl.org #3172] Duplicated entry in ssl_option_single

2014-04-29 Thread Tim Hudson via RT
Closed as resolved. SteveH committed fix. https://github.com/openssl/openssl/commit/44314cf64d1e51c7493799e77b14ae4e94a4c8cf Tim. __ OpenSSL Project http://www.openssl.org Development Mailing

[openssl.org #3147] [PATCH 2/2] POD: Fix list termination

2014-04-29 Thread Tim Hudson via RT
Closed as resolved. SteveH committed patch. https://github.com/openssl/openssl/commit/c8919dde09d56f03615a52031964bc9a77b26e90 Tim. __ OpenSSL Project http://www.openssl.org Development Mailing

[openssl.org #3146] [PATCH 1/2] POD: Fix item numbering

2014-04-29 Thread Tim Hudson via RT
Closed item as resolved. SteveH committed patch. https://github.com/openssl/openssl/commit/ed77017b594754240013c378b4f7c10440c94d7a Tim. __ OpenSSL Project http://www.openssl.org Development

[openssl.org #3071] [PATCH] Documentation updates from the wiki

2014-04-29 Thread Tim Hudson via RT
On Fri Jun 07 20:12:54 2013, fr...@baggins.org wrote: This patch is the first submission of what is planned to be a regular series of patches. It represents the collected updates made to the pod documentation published on the openssl wiki: Closed as resolved. Patch was committed. Tim

[openssl.org #2538] Code error - bad condition in s3_srvr.c

2014-04-29 Thread Tim Hudson via RT
On Mon Jun 06 17:23:48 2011, tm...@redhat.com wrote: There is code error in s3_srvr.c function ssl3_get_cert_verify(). The bug was found by Coverity scan. Closing as resolved. Andy committed fix across all branches.

[openssl.org #2836] [PATCH] Staple the correct OCSP Response when multiple certs are configured

2014-04-29 Thread Tim Hudson via RT
Closing item as resolved. SteveH committed patches across all branches. Tim __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org

[openssl.org #3068] [PATCH] Safari broken ECDHE-ECDSA workaround

2014-04-29 Thread Tim Hudson via RT
On Tue Jun 04 17:53:41 2013, rob.stradl...@comodo.com wrote: The Safari browser on OSX versions 10.8 to 10.8.3 advertises support for several ECDHE-ECDSA ciphers but fails to negotiate them. Closing as resolved. Ben committed fixes across all branches.

[openssl.org #3033] Bug Report: Make Error: can't encode register '%ch' in an instruction requiring REX prefix.

2014-04-29 Thread Tim Hudson via RT
Closing item as resolved. Tim. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager

Re: [openssl.org #3320] Invalid large memory access in openssl due to a bug on the client side

2014-04-26 Thread Tim Hudson via RT
On 26/04/2014 11:04 PM, Kurt Roeckx via RT wrote: Libressl has a patch for this at: http://anoncvs.estpak.ee/cgi-bin/cgit/openbsd-src/commit/lib/libssl?id=cb8b51bf2f6517fe96ab0d20c4d9bba2eef1b67c I believe that patch is not really the correct fix. My understanding is that tot is what is

[openssl.org #2046] OpenSSL 1.0.0 beta 3 ASM fails on z/Linux 64-bit

2009-09-17 Thread Tim Hudson via RT
I kicked off some builds last night as I was curious as to the answer to the question - 0.9.8d fails in make test, 0.9.8k passes in make test. The 1.0.0 beta 3 fails with the SHA1 asm code and in the AES asm code. I haven't had a chance to look into this in any detail - just noting that the

[openssl.org #1642] patch purify errors

2008-02-14 Thread Tim Hudson via RT
There are a few UMRs and one FIU in the current OpenSSL-0.9.8g code base. The attached patch fixes this with minimal code changes. A better solution would be to use a BN_init call on each of the local BN variables being used which would be a trivial adaptation of this patch. Without this patch