[openssl-dev] Fwd: [openssl.org #4095] X509_STORE_get_by_subject crash

Hi, Can you please help me in below query Thanks & regards, Tosif -- Forwarded message -- From: tosif tamboli Date: Fri, Oct 16, 2015 at 3:26 PM Subject: Re: [openssl.org #4095] X509_STORE_get_by_subject crash To: r...@openssl.org My application is written

Re: [openssl-dev] [openssl.org #3712] TLS Renegotiation with Java is broken

Hubert Kario wrote: >> Fixing this sort of problem is going to be *hard* and probably require >> quite a lot of non-trivial changes - definitely not the sort of the >> thing I want to be doing in a stable branch. Fixing this is an >> example of what I meant by "onerous mitigations", but I now

Re: [openssl-dev] [openssl.org #3712] TLS Renegotiation with Java is broken

Hubert Kario wrote: >> Fixing this sort of problem is going to be *hard* and probably require >> quite a lot of non-trivial changes - definitely not the sort of the >> thing I want to be doing in a stable branch. Fixing this is an >> example of what I meant by "onerous mitigations", but I now

Re: [openssl-dev] OCSP issues in master 2015-10-17

On Sat, Oct 17, 2015, Roumen Petrov wrote: > Hello, > > After embed some attributes OCSP in master stop to work. > > The current status is the client comment report "Cert Status: > unknown" and "Nonce Verify error" for X.509 certificates used in my > ssh regression tests. > > The last known

Re: [openssl-dev] [openssl.org #3712] TLS Renegotiation with Java is broken

On Monday 19 October 2015 10:19:09 Albe Laurenz via RT wrote: > 7 0.18990200010.155.6.40 10.153.93.229 TLSv1259 > Client Hello > 8 0.19269900010.153.93.229 10.155.6.40 TLSv11485 > Server Hello, Certificate, Server Key Exchange, Server

[openssl-dev] [openssl.org #4100] Overlapping memcpy arguments in bn_add.c

Hello, this is a follow-up to #3891 (https://mta.openssl.org/pipermail/openssl-dev/2015-June/001667.html ). Kurt Roeckx has committed many fixes to the bugs aggregated in that report. Since, we have been replaying the tests in a recent OpenSSL development version, posterior to these commits,

Re: [openssl-dev] [openssl.org #4100] Overlapping memcpy arguments in bn_add.c

On Mon, Oct 19, 2015 at 08:10:01PM +0200, Kurt Roeckx wrote: > The manpage says that for BN_add(), BN_mul(), BN_sqr(), BN_mod_mul() > and BN_gcd() r can be one of the other BIGNUMs that got passed, but > it doesn't say so for BN_sub(). BN_add() can of course already call BN_usub(), and BN_uadd()

[openssl-dev] [openssl.org #4101] [PATCH] Doc clarification for EVP_DigestVerifyFinal

Minor doc clarification: https://github.com/openssl/openssl/pull/446 I embarrassingly misread the previous documentation to indicate that 0 was a failure and other values mean success and figured others might do the same. Cheers, Adam ___

Re: [openssl-dev] [openssl.org #4100] Overlapping memcpy arguments in bn_add.c

On Mon, Oct 19, 2015 at 08:10:01PM +0200, Kurt Roeckx wrote: > The manpage says that for BN_add(), BN_mul(), BN_sqr(), BN_mod_mul() > and BN_gcd() r can be one of the other BIGNUMs that got passed, but > it doesn't say so for BN_sub(). So one could also argue that > probable_prime_dh_safe()

Re: [openssl-dev] [openssl.org #4100] Overlapping memcpy arguments in bn_add.c

On Mon, Oct 19, 2015 at 03:55:09PM +, Pascal Cuoq via RT wrote: > > One actual sequence for which the pointers ap and rp end up being identical > is as follows: > > 1/ probable_prime_dh_safe calls BN_sub(q, q, t1) > > 2/ in BN_sub, r and a are then aliases > > 3/ BN_sub calls BN_usub(r,