Re: [openssl-dev] [openssl.org #4569] Enhancement request: Macros for x86 capability bits

2016-07-31 Thread Andy Polyakov via RT
> For x86, define macros for capability bits (like for arm and pcc), according > to https://www.openssl.org/docs/manmaster/crypto/OPENSSL_ia32cap.html: As discussed in RT#4568 and RT#4570, these are internal interfaces and there is no intention to expose it to user, except through setting

[openssl-dev] [openssl.org #4628] EVP_f_cipher regression due to overlapping regions check

2016-07-31 Thread Rich Salz via RT
Does current master work? I think Andy checked in a fix. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4628 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] Building current master fails when option no-nextprotoneg is used

2016-07-31 Thread Salz, Rich
> Just to let you know that today's master fails to build when option > no-nextprotoneg is used. This will be fixed shortly; the fix is being reviewed. Thanks. -- Senior Architect, Akamai Technologies IM: richs...@jabber.at Twitter: RichSalz -- openssl-dev mailing list To unsubscribe:

Re: [openssl-dev] [openssl.org #4046] Fix xmm6 register clobbering in crypto/bn/asm/x86_64-mont5.pl:bn_power5() under Win64

2016-07-31 Thread Andy Polyakov via RT
Hi, > i had some problems on Win64 using BIO_do_handshake/BIO_should_retry in a > loop. The compiler optimizer placed a local variable value in the xmm6 > register. > The content of this register was destroyed after calling BIO_do_handshake. I > debugged this and found that the xmm6/xmm7

Re: [openssl-dev] [openssl.org #4628] EVP_f_cipher regression due to overlapping regions check

2016-07-31 Thread Andy Polyakov via RT
> Does current master work? I think Andy checked in a fix. Rich was few minutes ahead. Now it's committed. Provided test case was verified to work. Thanks for report. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4628 Please log in as guest with password guest if prompted --

Re: [openssl-dev] [openssl.org #4628] EVP_f_cipher regression due to overlapping regions check

2016-07-31 Thread David Benjamin via RT
On Sun, Jul 31, 2016 at 6:18 PM Michel via RT wrote: > > I was able to trigger a crash simply by chaining an encrypt BIO with a > memory BIO containing a large plaintext and then stream 100 bytes out of it > at a time. BIO_read would consistently return 128 and, by the time the

[openssl-dev] [openssl.org #4628] EVP_f_cipher regression due to overlapping regions check

2016-07-31 Thread Rich Salz via RT
Resolved by Andy's fix. Closing. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4628 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl.org #4530] [BUG] OpenSSL crash on Windows 10

2016-07-31 Thread Andy Polyakov via RT
Hi, > Hi, our team have been experiencing a crash in some production > machines (which I cannot reproduce in development machines) caused by > the libeay32 module in 64 bits Windows 10 machines. > > I was able to create a simple "crash application" and was able to get > the dump of the crash

Re: [openssl-dev] [openssl.org #4628] EVP_f_cipher regression due to overlapping regions check

2016-07-31 Thread David Benjamin via RT
Hey folks, I do not believe this fix works and introduces buffer overflows. Looking at this change: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=abdb460d8abe68fedcf00b52d2ba4bf4b7c1725c It makes EVP_CipherUpdate write to out directly. While not unreasonable (this BIO probably

[openssl-dev] OpenSSL 1.1.0 release dates

2016-07-31 Thread Matt Caswell
FYI, we have recently updated our release strategy for version 1.1.0: https://www.openssl.org/policies/releasestrat.html The change is to add the following two dates: - 4th August 2016, 1.1.0 beta 3 release - 25th August 2016, 1.1.0 public release Matt -- openssl-dev mailing list To

Re: [openssl-dev] [openssl.org #4628] EVP_f_cipher regression due to overlapping regions check

2016-07-31 Thread Michel
Not speaking for Greg, but for me, it is now working fine again. Thanks Andy ! -Message d'origine- De : openssl-dev [mailto:openssl-dev-boun...@openssl.org] De la part de Rich Salz via RT Envoyé : dimanche 31 juillet 2016 15:58 À : ghud...@mit.edu Cc : openssl-dev@openssl.org Objet :

Re: [openssl-dev] [openssl.org #4628] EVP_f_cipher regression due to overlapping regions check

2016-07-31 Thread Michel via RT
Not speaking for Greg, but for me, it is now working fine again. Thanks Andy ! -Message d'origine- De : openssl-dev [mailto:openssl-dev-boun...@openssl.org] De la part de Rich Salz via RT Envoyé : dimanche 31 juillet 2016 15:58 À : ghud...@mit.edu Cc : openssl-dev@openssl.org Objet :

Re: [openssl-dev] [openssl.org #4628] EVP_f_cipher regression due to overlapping regions check

2016-07-31 Thread Michel via RT
> I was able to trigger a crash simply by chaining an encrypt BIO with a memory BIO containing a large plaintext and then stream 100 bytes out of it at a time. BIO_read would consistently return 128 and, by the time the function returned, the stack was thoroughly clobbered. I am surprised. I

Re: [openssl-dev] [openssl.org #4628] EVP_f_cipher regression due to overlapping regions check

2016-07-31 Thread Michel
> I was able to trigger a crash simply by chaining an encrypt BIO with a memory BIO containing a large plaintext and then stream 100 bytes out of it at a time. BIO_read would consistently return 128 and, by the time the function returned, the stack was thoroughly clobbered. I am surprised. I