mancha manc...@zoho.com:
Bodo Moeller wrote:
I certainly think that the claim that new SCSV does not help with
[the SSL 3.0 protocol issue related to CBC padding] at all is wrong,
and that my statement that TLS_FALLBACK_SCSV can be used to counter
CVE-2014-3566 is right.
The point
Jeffrey Walton noloa...@gmail.com:
Is there a way to compile without the patch? I think I would rather
'config no=ssl3' and omit the additional complexity. Its additional
protocol complexity and heartbleed is still fresh in my mind.
There's no way to compile without the patch, other than
Thanks for the patch.
Is there a way to compile without the patch? I think I would rather
'config no=ssl3' and omit the additional complexity. Its additional
protocol complexity and heartbleed is still fresh in my mind.
Also, are there any test cases that accompany the patch? I'm trying to
Hi,
There's a memory leak in DTLS code when re-negotiating already established
session. valgrind output:
==5475== HEAP SUMMARY:
==5475== in use at exit: 2,285 bytes in 17 blocks
==5475== total heap usage: 7,973 allocs, 7,956 frees, 789,213 bytes
allocated
==5475==
==5475== 432 (168 direct,
Hi,
I’m working on Network Time Security and the draft specification requires
RFC-5280 and -5652 formatting (i.e. pkcs#9 and pkcs#7).
How complete is OpenSSL’s support for both of these standards?
And if it’s not complete, what’s missing (i.e. how much effort would be needed
to round it out)?