There is a missing initialization of a variable in the CHIL engine. In
case the uninitialized value of the variable answer is 'C' and there is
no prompt, the engine startup will erroneously fail.
The attached patch fixes this.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn
With update version i confirm that regression test of a software now
pass with OpenSSL HEAD version.
I still have problem with HEAD regarding check if is for self signed.
This case is not in openssl regression tests ans cannot be reproduced
with openssl command line. Case is when callback
To sum up what I've learned until now:
- There are workarounds that openssl implements, but major applications
(including apache) disable them, so they're mostly worthless
- All workarounds on AES-CBC have problems, chrome and firefox discuss
how to handle it, the only real fix is TLS 1.1/1.2
on OpenBSD -current with
ftp://ftp.openssl.org/snapshot/openssl-SNAP-20110927.tar.gz
Yours,
Ingo
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl
