Re: [openssl-dev] Partially- vs. full- reduced inputs to ecp_nistz256_neg

2016-08-19 Thread Andy Polyakov
>> It appears to me that with multiplication, squaring, subtraction, >> negation, halving *preserving* property of being fully reduced (i.e. if >> inputs are fully reduced, then output is too), we only have to watch out >> for mul_by_[23], i.e. ensure that their outputs are fully reduced. This >>

[openssl-dev] [openssl.org #4652] [consultation] SSL_get_error returns SSL_ERROR_SSL if read() returns -1 / EAGAIN

2016-08-19 Thread Rich Salz via RT
Same situation, please use a current/modern release; 1.0.1 is only getting security fixes. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4652 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe:

[openssl-dev] [openssl.org #4384] [PATCH] Missing Sanity Check plus potential NULL pointer deref (CWE-476)

2016-08-19 Thread Rich Salz via RT
Fixed with commit a03f81f, will be part of next 1.0.2 release. Thanks! -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4384 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #4375] [PATCH] Missing Sanity Checks for OPENSSL_malloc() in OpenSSL-1.0.2g

2016-08-19 Thread Rich Salz via RT
Fixed with commit a03f81f, will be part of next 1.0.2 release. Thanks! -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4375 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #4653] [1.0.2] fails to compile on VC-WIN32

2016-08-19 Thread Richard Levitte via RT
Please try out this github pull request: https://github.com/openssl/openssl/pull/1470 Cheers, Richard On Fri Aug 19 14:40:02 2016, levitte wrote: > We totally missed out on adapting util/mk1mf.pl. Fix on its way. > > On Fri Aug 19 14:20:20 2016, simon.rich...@hogyros.de wrote: > > Hi, > > > >

[openssl-dev] [openssl.org #4385] [PATCH] Missing Sanity Checks for RSA_new_method() in OpenSSL-1.0.2g

2016-08-19 Thread Rich Salz via RT
Fixed with commit a03f81f, will be part of next 1.0.2 release. Thanks! -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4385 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #4653] [1.0.2] fails to compile on VC-WIN32

2016-08-19 Thread Simon Richter via RT
Hi, the 1.0.2 branch fails to compile for me: link /nologo /subsystem:console /opt:ref /debug /out:out32dll\dtlstest.exe @C:\Windows\TEMP\nm8D73.tmp Creating library tmp32dll\junk.lib and object tmp32dll\junk.exp dtlstest.obj : error LNK2019: unresolved external symbol _create_ssl_ctx_pair

[openssl-dev] [openssl.org #4653] [1.0.2] fails to compile on VC-WIN32

2016-08-19 Thread Richard Levitte via RT
We totally missed out on adapting util/mk1mf.pl. Fix on its way. On Fri Aug 19 14:20:20 2016, simon.rich...@hogyros.de wrote: > Hi, > > the 1.0.2 branch fails to compile for me: > > link /nologo /subsystem:console /opt:ref /debug > /out:out32dll\dtlstest.exe @C:\Windows\TEMP\nm8D73.tmp > Creating

[openssl-dev] [openssl.org #4386] [PATCH] Add sanity checks for BN_new() in OpenSSL-1.0.2g

2016-08-19 Thread Rich Salz via RT
Fixed with commit a03f81f, will be part of next 1.0.2 release. Thanks! -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4386 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #4374] [PATCH] Potential for NULL pointer dereferences in OpenSSL-1.0.2g (CWE-476)

2016-08-19 Thread Rich Salz via RT
Fixed with commit a03f81f, will be part of next 1.0.2 release. Thanks! -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4374 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #4371] [PATCH] Missing Sanity Check for malloc() in openssl-1.0.2g for 'apps/speed.c'

2016-08-19 Thread Rich Salz via RT
Fixed with commit a03f81f, will be part of next 1.0.2 release. Thanks! -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4371 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #4370] [PATCH] Potential for NULL pointer dereferences in OpenSSL-1.0.2g (CWE-476)

2016-08-19 Thread Rich Salz via RT
Fixed with commit a03f81f, will be part of next 1.0.2 release. Thanks! -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4370 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #4382] [PATCH] Missing Sanity Check(s) for BUF_strdup() in OpenSSL-1.0.2g

2016-08-19 Thread Rich Salz via RT
Fixed with commit a03f81f, will be part of next 1.0.2 release. Thanks! -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4382 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #4377] Prevent potential NULL pointer dereference in OpenSSL-1.0.2g (CWE-476)

2016-08-19 Thread Rich Salz via RT
Fixed with commit a03f81f, will be part of next 1.0.2 release. Thanks! -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4377 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #4380] [PATCH] Missing Sanity Checks for EVP_PKEY_new() in OpenSSL-1.0.2g

2016-08-19 Thread Rich Salz via RT
Fixed with commit a03f81f, will be part of next 1.0.2 release. Thanks! -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4380 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #3940] Missing CRL checks in cms/smime cmdline utilities

2016-08-19 Thread Rich Salz via RT
For now we just added a comment to master, 1.0.2, 1.0.1 in the cms.pod and smime.pod files: Note that no revocation check is done for the recipient cert, so if that key has been compromised, others may be able to decrypt the text. -- Ticket here:

Re: [openssl-dev] [openssl.org #3940] Missing CRL checks in cms/smime cmdline utilities

2016-08-19 Thread Dmitry Belyavsky
Thank you very much! 19 авг. 2016 г. 6:47 PM пользователь "Rich Salz via RT" написал: > For now we just added a comment to master, 1.0.2, 1.0.1 in the cms.pod and > smime.pod files: > > Note that no revocation check is done for the recipient cert, so if that > key has been

Re: [openssl-dev] [openssl.org #3940] Missing CRL checks in cms/smime cmdline utilities

2016-08-19 Thread Dmitry Belyavsky via RT
Thank you very much! 19 авг. 2016 г. 6:47 PM пользователь "Rich Salz via RT" написал: > For now we just added a comment to master, 1.0.2, 1.0.1 in the cms.pod and > smime.pod files: > > Note that no revocation check is done for the recipient cert, so if that > key has been