Hello!
1. I believe there are a couple of bugs in cms.h -
diff -ur openssl/crypto/cms/cms.h openssl-1.1.0/crypto/cms/cms.h
--- openssl/crypto/cms/cms.h 2010-04-07 20:22:01.185601800 +0600
+++ openssl-1.1.0/crypto/cms/cms.h 2010-04-24 12:39:05.350609800
+0600
@@ -56,9 +56,9 @@
#define
Hi!
I downloaded the openssl-fips-1.2 code. I did find out SHA 256 and SHA 512 code
from openssl-fips-1.2\crypto\sha.
Unfortunately, I could not find SHA 1 code (definitions/bodies of SHA1_Init,
SHA1_Update, SHA1_Final routines) declared on the
openssl-fips-1.2\crypto\sha\sha.h file.
Anybody
Side note:
You may want to ignore the 'const' in the prototype for now; we have an
in-house copy of OpenSSL which is quite severely const-ified and
size_t-ified.
--- h:\prj\1original\openssl\openssl\crypto\x509\x509_cmp.c2010-01-12
19:29:33.0 +-0200
+++
Bug Fix:
See attached diff.
--
Met vriendelijke groeten / Best regards,
Ger Hobbelt
--
web:http://www.hobbelt.com/
http://www.hebbut.net/
mail: g...@hobbelt.com
mobile: +31-6-11 120 978
Changelog says:
Changes between 0.9.6a and 0.9.6b [9 Jul 2001]
[...]
*) In crypto/bio/bf_buff.c, increase DEFAULT_BUFFER_SIZE to 4096
(previously it was 1024).
[Bodo Moeller]
However, the corresponding .pod hasn't been updated yet.
.pod fix/patch attached.
Also note that the
The callback calls BIO_printf(); it's return value is properly propagated
but is not checked in the error chain dumper func; when the errors are
streamed through any BIO which fails, such failure hence remains undetected
and the BIO is being hammered instead of aborting the error dump. Different
fix attached.
--
Met vriendelijke groeten / Best regards,
Ger Hobbelt
--
web:http://www.hobbelt.com/
http://www.hebbut.net/
mail: g...@hobbelt.com
mobile: +31-6-11 120 978
--
fix
fix attached.
--
Met vriendelijke groeten / Best regards,
Ger Hobbelt
--
web:http://www.hobbelt.com/
http://www.hebbut.net/
mail: g...@hobbelt.com
mobile: +31-6-11 120 978
--
fix
ssl\s3_clnt.c:
since the hash length lands in 'md_len' and the entire hash
would/should/might be used as the IV...
What do the protocol wizards have to say about this?
--- h:\prj\1original\openssl\openssl\ssl\s3_clnt.c2010-02-28
02:24:04.0 +-0200
+++
ssl3_read() does indirect, while ssl3_write does not.
Doesn't seem intentional to me, on the contrary.
Tick choice:
[ ] Correct reasoning fix?
[ ] Dead wrong, buster!
just in case: patch attached
--- h:\prj\1original\openssl\openssl\ssl\s3_lib.c2009-11-19
02:34:54.0 +-0200
+++
Dr. Stephen Henson wrote:
That's most peculiar. I've tested 1.0.0-stable with Visual Studio Express
2008. I did the following simple test:
Start openssl.exe
Start VS express.
Select tools-attach to process.
Debug-Break All.
I get a warning about deadlocked process but it is otherwise OK.
11 matches
Mail list logo