Re: 0.9.7 make test needs work

2002-02-14 Thread Bodo Moeller
On Wed, Feb 13, 2002 at 08:37:24PM -0800, Tim Rice wrote: The make test in 0.9.7 needs a little work. [...] ./evp_test evptests.txt Auto configuration failed Fixed. -- Bodo Möller [EMAIL PROTECTED] PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html * TU

Re: cvs commit: openssl/crypto/err err.c

2002-02-14 Thread Bodo Moeller
On Thu, Feb 14, 2002 at 02:42:36PM +0100, [EMAIL PROTECTED] wrote: Log: For some reason, getting the topmost error was done the same way as getting the bottommost one. I hope I understood correctly how this should be done. It seems to work when running evp_test in an environment

Re: OpenSSL Makefiles - SUGGESTION

2002-02-15 Thread Bodo Moeller
On Thu, Feb 07, 2002 at 07:17:50AM -0500, Saju Paul Panikulam wrote: It would be nice to have a paragraph in the Makefiles to remove the TAB (^I) characters from the OpenSSL source and header files. The debugger on the platform that we use does not handle the TABs very well. Had to write a

Re: cvs commit: openssl/crypto/err err.c

2002-02-15 Thread Bodo Moeller
On Fri, Feb 15, 2002 at 10:55:13AM +, Ben Laurie wrote: This fix for err.c is correct. But evp_test.c should never have called OPENSSL_config() because OPENSSL_config() uses the configuration file found in an OpenSSL *installation*. If we want to use a configuration file during 'make

Re: cvs commit: openssl STATUS

2002-02-20 Thread Bodo Moeller
On Wed, Feb 20, 2002 at 03:07:16PM +0100, [EMAIL PROTECTED] wrote: Log: Including openssl/e_os.h in the OpenSSL 0.9.6 branch is legal, since it's exported. Changing that is a BIG step, which has been done in 0.9.7-dev. Revision ChangesPath 1.214 +1 -5

Re: [PATCH] argument passing to app_verify_callback

2002-02-20 Thread Bodo Moeller
On Sat, Feb 16, 2002 at 11:16:23AM +0100, Richard Levitte - VMS Whacker wrote: I see no problem adding this patch. Queued. The problem is that the application callback prototype is incompatibly changed. Otherwise I would have added the argument instead of simply adding comments pointing out

Re: cvs commit: openssl STATUS

2002-02-21 Thread Bodo Moeller
On Wed, Feb 20, 2002 at 06:45:41PM +0100, Richard Levitte - VMS Whacker wrote: [...] If you look in conf.h, you'll also see why it includes e_os.h: an #ifndef NO_FP_API. BTW, in 0.9.7-dev, we have the same (or almost, it depends on OPENSSL_NO_FP_API) #ifndef, but that one is meaningless,

Re: [PATCH] argument passing to app_verify_callback

2002-02-21 Thread Bodo Moeller
On Wed, Feb 20, 2002 at 10:18:55AM -0800, D. K. Smetters wrote: One comment made when I proposed the patch was that this functionality is currently almost entirely unused. Therefore changing the expected prototype is not likely to affect that many people, Well, maybe you and me are actually

Re: #ifdef DEBUG printf() in crypto/rand/rand_win.c (and others)

2002-02-21 Thread Bodo Moeller
On Thu, Feb 21, 2002 at 09:29:24AM +0100, Peter 'Luna' Runestig wrote: I just found a bunch of these things in crypto/rand/rand_win.c, that surprised me: #ifdef DEBUG printf(randomness from PROV_RSA_FULL\n); #endif I'm using a standard debug build on Windows, and was, as I said,

Re: [PATCH] argument passing to app_verify_callback

2002-02-21 Thread Bodo Moeller
On Thu, Feb 21, 2002 at 06:17:47PM +0100, Richard Levitte - VMS Whacker wrote: I'm not sure I see the problem. Let's see, if an application with a certificate verification callback registered through SSL_CTX_set_cert_verify_callback() is built for an older OpenSSL (i.e. doesn't take a user

Re: [PATCH] argument passing to app_verify_callback

2002-02-21 Thread Bodo Moeller
On Thu, Feb 21, 2002 at 06:30:04PM +0100, Bodo Moeller wrote: [...] If we add the paramter list declaration for app_verify_callback to ssl/ssl.h and ssl/ssl_lib.c (which I think we should do for type safety), applications written for old releases will not compile without modification

Re: libeay.num

2002-02-26 Thread Bodo Moeller
On Tue, Feb 26, 2002 at 09:50:43AM -0500, Jeffrey Altman wrote: -OpenSSL_add_all_algorithms 508 EXIST::FUNCTION: +OpenSSL_add_all_algorithms 508 NOEXIST::FUNCTION: +OPENSSL_add_all_algorithms_noconf 3212 EXIST::FUNCTION:

Re: Using SSL_clear to reuse SSL object

2002-02-26 Thread Bodo Moeller
Lutz Jaenicke [EMAIL PROTECTED]: On Wed, Feb 20, 2002 at 12:29:03PM +0200, Yoram Zahavi wrote: My server application is using SSL_clear to reuse the SSL object, instead of allocating a new one on every new connection. On first connection the client succeeds to connect the server, and later

Re: Using SSL_clear to reuse SSL object

2002-02-27 Thread Bodo Moeller
Yoram Zahavi [EMAIL PROTECTED] in epsilon.openssl.dev: Thanks for the explanation, I liked the SSL_set_session(s, NULL) usage. Any reasons for calling it *before* SSL_clear(s) ? I think you better call it after the call to SSL_clear(s). Otherwise, the current session is already freed by

Re: [PATCH] config mod for crays

2002-03-01 Thread Bodo Moeller
On Tue, Feb 05, 2002 at 06:42:08PM -0600, Wendy Palm wrote: --- config.orig Mon Feb 4 16:12:43 2002 +++ config Tue Feb 5 16:01:09 2002 @@ -302,6 +302,13 @@ echo ${MACHINE}-whatever-cygwin32; exit 0 ;; +*CRAY T3E) + echo cray-t3e; exit 0; + ;; +

Re: Fixes for 0.9.6-stable branch

2002-03-01 Thread Bodo Moeller
On Thu, Feb 21, 2002 at 10:34:47AM +0100, Oscar Jacobsson wrote: * The fix for crypto/tmdiff.c (ie. the diff between 1.9.2.1 1.9.2.2) needs to be merged into this branch as well. Missing #endif. Fixed. * crypto/bio/bss_bio.c now checks SSIZE_MAX, and in the visual c++ limits.h this won't

Re: error compiling openssl 0.9.7, windows 2000, mingw32

2002-03-01 Thread Bodo Moeller
On Thu, Feb 28, 2002 at 09:11:54AM +0100, Joerg Voelker wrote: if I try to compile openssl 0.9.7 under win2k with mingw32 I get the following error: ranlib out/libssl.a gcc -o tmp/md2test.o -Ioutinc -Itmp -DL_ENDIAN -DDSO_WIN32 -fomit-frame-pointer -O3 -m486 -Wall -DBN_ASM -DMD5_ASM

Re: Bug fix: crypto/bn/bntest.c calls to BN_free()

2002-03-01 Thread Bodo Moeller
On Wed, Feb 27, 2002 at 11:39:26PM +, Tom Cosgrove wrote: There's a problem in bntest.c from openssl-0.9.6c. It appears that this revision of the file is still the latest (rev 1.55), at least via CVSweb. The problem is that there are calls to BN_free() to attempt to free BIGNUMs that

Re: Wrong OIDS for PKCS #9 gender and pseudonym?

2002-03-01 Thread Bodo Moeller
On Wed, Feb 20, 2002 at 09:59:19AM -0800, Leonard Janke wrote: According to PKCS #9 v2 gender should have the OID 1 3 6 1 5 5 7 9 3 and psuedonym should have the OID 1 2 840 113549 1 9 3. According to OpenSSL's objects.h gender has the OID 1 3 6 1 5 5 7 9 4 and pseudonym has

Re: Fixes for 0.9.6-stable branch

2002-03-01 Thread Bodo Moeller
On Fri, Mar 01, 2002 at 06:36:59PM +0100, Oscar Jacobsson wrote: Sorry for not being clearer. The reason I (or my compiler rather) was worrying about it is that it's actually a case of _INT_MAX being used rather than INT_MAX. Oh, that. I think that was a typo; all the other branches use

Re: [PATCH] config mod for crays

2002-03-02 Thread Bodo Moeller
On Fri, Mar 01, 2002 at 12:22:45PM -0600, Wendy Palm wrote: the various architectures available from cray are c90, j90, t90, t90IEEE, sv1, ymp and t3e. t3e runs unicosmk, the rest run unicos. for openssl, the cray t3e requires different compile options than the other machines. (these

Re: IRIX 6.5 problem with BN_mod_mul in openssl-0.9.7-stable-SNAP-20020213

2002-03-07 Thread Bodo Moeller
On Wed, Mar 06, 2002 at 01:18:30PM -0500, Dawn Whiteside wrote: The latest OpenSSL-0.9.7 snapshot I've downloaded fails the BN_mod_mul test on both 32-bit and 64-bit IRIX 6.5 systems using either gcc or the vendor compiler. Results of 'make report' are attached (four files). [...] The BN

Re: IRIX 6.5 problem with BN_mod_mul in openssl-0.9.7-stable-SNAP-20020213

2002-03-07 Thread Bodo Moeller
On Thu, Mar 07, 2002 at 09:32:44AM -0500, Dawn Whiteside wrote: Okay, got it. Attached are the tmp.bntest files (modified to print the options c. from 'make report' so it's clear which is which) for the 20020306 snapshot on a 32-bit Irix 6.5 system both with and without no-asm (they do

Re: SSL_pending() and SSL_ERROR_WANT_READ

2002-03-14 Thread Bodo Moeller
John Hughes [EMAIL PROTECTED]: I can confirm: There is a discrepancy between the SSL_pending() manpage and the source. SSL_pending() returns rrec.length in ssl3_pending() (as of 0.9.6a, we also verify that the SSL record being processed is application data, else zero is returned). This

Re: SSL_pending() and SSL_ERROR_WANT_READ

2002-03-15 Thread Bodo Moeller
On Thu, Mar 14, 2002 at 01:00:46PM -0800, John Hughes wrote: Since s-rstate is set to SSL_ST_READ_HEADER prior to record decryption and decompression, wouldn't SSL_pending() still incorrectly indicate that there is data ready to be read in cases where either of these fail? I guess so, but

Re: Fixes for dh_gen.c

2002-03-19 Thread Bodo Moeller
On Tue, Mar 19, 2002 at 08:40:18AM +, Jason Holt wrote: I've added the general form of generator checking to crypto/dh/dh_gen.c and fixed the uninitialized t1,t2 bug. It compiles, but I haven't really tested it. What I have so far is at: http://www.lunkwill.org/dh_gen.c I had not

Re: Fixes for dh_gen.c

2002-03-20 Thread Bodo Moeller
On Tue, Mar 19, 2002 at 05:38:06PM +, Jason Holt wrote: I don't really understand the math very well. I assume that being a generator has something to do with ensuring that a^b%n has a long period as n increases. DH_generate_parameters() always uses a safe prime as modulus, i.e. p

Re: DES...

2002-03-22 Thread Bodo Moeller
On Thu, Mar 21, 2002 at 02:45:18PM -0500, Jeffrey Altman wrote: I prefer that des_old.h be compatible with libdes since that apps that are built using it assume that the api they were using was constant and unchanging. The way things work now, there is at least no clash with libdes on the

Re: Bug in ssl3_read_bytes()

2002-04-12 Thread Bodo Moeller
Alex Pankratov [EMAIL PROTECTED]: the following problem is present in 0.9.6 and 0.9.6c. It is possible to put server code into the internal infinite loop in ssl3_read_bytes() by sending the following data from the client right after establishing TCP connection: 01 03 01 00 01 00 [...]

Re: bug in ssl code

2002-04-12 Thread Bodo Moeller
Arne Ansper [EMAIL PROTECTED]: [...] okey, the bug: ssl3_read_internal function has special treatment for situations when renegotiation is going on and the handshake and data packets are arriving in random order. now, if i have a non-blocking socket on server side and i use BIO SSL

Small bugs in v3 client hello parsing

2002-04-13 Thread Bodo Moeller
It seems that I've found two small bugs in OpenSSL (at least 0.9.6c and the latest snapshot). In ssl/s3_srvr.c function ssl3_get_client_hello, after the last field (compression) has been parsed, there's a test: /* TLS does not mind if there is extra stuff */ if (s-version ==

Re: cvs commit: openssl/ssl s3_pkt.c

2002-04-29 Thread Bodo Moeller
On Mon, Apr 29, 2002 at 12:28:33PM +0200, [EMAIL PROTECTED] wrote: Log: Synchronise with 0.9.7-stable. Revision ChangesPath 1.49 +2 -2 openssl/ssl/s3_pkt.c Index: s3_pkt.c === RCS file:

Re: cvs commit: openssl/util pod2man.pl

2002-05-30 Thread Bodo Moeller
On Thu, May 30, 2002 at 03:14:17PM +0200, Richard Levitte - VMS Whacker wrote: pod2man is a command line wrapper around Pod::Man these days, and depends on other Pod:: modules. Do you *really* want them to be included? If we can't update our copy of pod2man, we should at least keep the old

Re: cvs commit: openssl/util pod2man.pl

2002-05-30 Thread Bodo Moeller
On Thu, May 30, 2002 at 03:39:21PM +0200, Richard Levitte - VMS Whacker wrote: Specifically, we'd have to test that multi-line NAME sections are handled correctly; it appears this bug was fixed only recently in the pod2man that comes with Perl. Hmm, I tested with doc/crypto/des.pod with the

Re: make depend from Configure?

2002-06-11 Thread Bodo Moeller
Richard Levitte - VMS Whacker [EMAIL PROTECTED]: In revision 1.81 of Configure, the automatic run of 'make depend' was commented out. IIRC, this was done because we had a dependency rebuild war happening a little now and then back then. Since then, we've unified the results of dependency

Re: getpid()

2002-06-13 Thread Bodo Moeller
On Sat, Jun 01, 2002 at 01:18:35PM +0100, Ben Laurie wrote: Also, the thread id may be used elsewhere - is there any point if its actually the PID? Applications that are actually multi-threaded should (and indeed, on most platforms, must) use CRYPTO_set_id_callback() so that OpenSSL can use

Re: [openssl.org #65] Ticket Resolved

2002-06-14 Thread Bodo Moeller
On Thu, Jun 13, 2002 at 06:05:34PM +0200, Kambez Sadeq via RT wrote: Any idea why web browsers such as MSIE and Opera work okay with the server? I'm guessing that these browsers ignore invalid records. No, the server (actually a broken proxy to a real server apparently) does not send

Re: getpid()

2002-06-14 Thread Bodo Moeller
On Thu, Jun 13, 2002 at 05:20:42PM +0100, Ben Laurie wrote: However, the number of calls is astonishing - and must be significantly expensive, too. Memory debugging *is* expensive. It is only enabled by default in debug configurations, where (starting with 0.9.7) it can be disabled by

Re: [openssl.org #85] 0.9.7 prototype constification problems

2002-06-15 Thread Bodo Moeller
Avery Pennarun [EMAIL PROTECTED]: On Thu, Jun 13, 2002 at 01:26:42PM +0200, Bodo Moeller via RT wrote: [[EMAIL PROTECTED] - Thu Jun 6 18:39:34 2002]: It appears the openssl guys goofed in 0.97beta. The prototype for the d2i_RSAPrivateKey function in 0.9.6c, which I use, is like

Re: [openssl.org #85] 0.9.7 prototype constification problems

2002-06-18 Thread Bodo Moeller
On Mon, Jun 17, 2002 at 07:02:45PM +0100, Ben Laurie wrote: Avery Pennarun via RT wrote: On Mon, Jun 17, 2002 at 11:19:31AM +0200, Bodo Moeller wrote: Good question, but this problem does not appear to apply to C, and anyway it only makes *existing* code uglier -- for new code, the modified

Re: cvs commit: openssl e_os.h

2002-06-27 Thread Bodo Moeller
On Thu, Jun 27, 2002 at 03:48:34PM +0200, [EMAIL PROTECTED] wrote: Modified:.Tag: BRANCH_WIN64 e_os.h Log: With Win64, define ssize_t as size_t. This is a very odd thing to do, really, since size_t is supposed to be unsigned while ssize_t is supposed to be signed.

Re: CBC vulnerability workaround

2002-07-03 Thread Bodo Moeller
a countermeasure against a vulnerability recently found in CBC ciphersuites in SSL 3.0/TLS 1.0: Send an empty fragment before application data chunks to avoid the use of known IVs with data potentially chosen by the attacker. [Bodo Moeller] As the protocols don't explicitly reset CBC

Re: CBC vulnerability workaround

2002-07-03 Thread Bodo Moeller
On Wed, Jul 03, 2002 at 12:07:01PM -0400, Jeffrey Altman wrote: Can they cite a particular provision in the specification that forbids records with a fragment length of zero? I haven't found one, and length-zero fragments are handled well by many implementations (including Microsoft IIS).

Re: create_empty_fragment in do_ssl3_write seems to breaks renegotiation in IE 6.0

2002-07-04 Thread Bodo Moeller
On Wed, Jul 03, 2002 at 01:57:26PM +0200, [EMAIL PROTECTED] wrote: I'm doing some testing of openssl. I'm realized that the 'create-empty-fragment' introduced in do_ssl3_write [OpenSSL 0.9.6d] to avoid IV weakness causes that IE 6.0 (other versions, too?) don't work if a client renegotiation

Re: [openssl.org #141] Error while writing zero-length string

2002-07-11 Thread Bodo Moeller
Martin Sjögren: When you write a zero-length string with SSL_write, OpenSSL signals a protocol-violating EOF even though no such thing has happened. My guess is that a zero returned is misinterpreted somewhere though I have not had time to dig through the source. SSL_write() with length 0

Re: [openssl.org #127] AES draft cipher suites

2002-07-11 Thread Bodo Moeller
Lutz Jaenicke: I have already worked in the cipher selection routines yesterday with respect to PR#130. I will add an appropriate NOTDEFAULT selection keyword that will cover cipher suites not selected by default. As this is a new feature I intend to only add it to 0.9.7 (and later).

Re: [openssl.org #141] Error while writing zero-length string

2002-07-13 Thread Bodo Moeller
Martin Sjögren via RT [EMAIL PROTECTED]: Bodo Moeller: Martin Sjögren: When you write a zero-length string with SSL_write, OpenSSL signals a protocol-violating EOF even though no such thing has happened. My guess is that a zero returned is misinterpreted somewhere though I have not had

Re: bug in RSA_padding_check_SSLv23()

2002-07-27 Thread Bodo Moeller
Rob Dugal [EMAIL PROTECTED]: I believe there is a bug in openssl function RSA_padding_check_SSLv23(). This function is supposed to verify that the data is padded with special PKCS #1 padding as described in SSL 3.0 draft/RFC 2246, App. E.2 Run the server without support for SSL3, and

Re: OpenSSL patches for other versions

2002-07-30 Thread Bodo Moeller
On Tue, Jul 30, 2002 at 03:50:17PM +0300, Arne Ansper wrote: These patches are known to apply correctly but have not been thoroughly tested. As I understand it, OpenSSL will call abort() when it detects attack against any hole in SSL. Not quite. The attacks against known holes are

Re: [openssl.org #170] OpenSSLDie not exported in Win32

2002-08-01 Thread Bodo Moeller
On Tue, Jul 30, 2002 at 06:08:46PM +0300, Arne Ansper wrote: attached is a patch for openssl-0.9.6e that removes the usage of die. please review it carefully. all changes are localized but the action i take in some places where error reporting is not possible might be little bit wrong (i.e.

Re: cvs commit: openssl/util mkerr.pl

2002-08-11 Thread Bodo Moeller
Ben Laurie [EMAIL PROTECTED]: As noted elsewhere, I really object to returning internal errors! It makes no sense to attempt to continue after the impossible has occurred. If we could be absolutely sure that these events are strictly impossible, then it wouldn't make a difference if we call

Re: cvs commit: openssl/util mkerr.pl

2002-08-13 Thread Bodo Moeller
On Tue, Aug 13, 2002 at 05:10:34PM +0100, Ben Laurie wrote: Bodo Moeller wrote: Ben Laurie [EMAIL PROTECTED]: As noted elsewhere, I really object to returning internal errors! It makes no sense to attempt to continue after the impossible has occurred. If we could be absolutely sure

Re: cvs commit: openssl/util mkerr.pl

2002-08-13 Thread Bodo Moeller
On Tue, Aug 13, 2002 at 08:09:02PM +0200, Lutz Jaenicke wrote: On Tue, Aug 13, 2002 at 07:45:30PM +0200, Bodo Moeller wrote: On Tue, Aug 13, 2002 at 05:10:34PM +0100, Ben Laurie wrote: Yes, and the application will continue as if it were sensible to do so. In fact it *is* often sensible

Re: cvs commit: openssl CHANGES

2002-08-14 Thread Bodo Moeller
On Wed, Aug 14, 2002 at 12:52:37PM +0200, Richard Levitte - VMS Whacker wrote: bodo bodo14-Aug-2002 12:49:35 bodo bodo Modified:.CHANGES bodo Log: bodo add 'TODO' items Don't these go into the STATUS file, usually? Only when noone is really working on them at

Re: cvs commit: openssl/util mkerr.pl

2002-08-14 Thread Bodo Moeller
On Wed, Aug 14, 2002 at 01:24:32PM +0300, Arne Ansper wrote: [...] what if some standalone application thinks that the best solution for _its own_ problems is to reboot the machine? (happens all the time under the windows btw, you install some crap and the installer happily

Re: cvs commit: openssl/util mkerr.pl

2002-08-14 Thread Bodo Moeller
On Wed, Aug 14, 2002 at 01:53:29PM +0100, Ben Laurie wrote: The consistency checks don't detect that memory *has* been corrupted. They detect that memory *would* be corrupted if the library simply continued to do what it is doing. But if we return an internal error, this does not actually

Re: cvs commit: openssl/util mkerr.pl

2002-08-14 Thread Bodo Moeller
On Wed, Aug 14, 2002 at 01:57:32PM +0100, Ben Laurie wrote: [...] But for various other potential errors, we do know what happened (e.g. a buffer has insufficient size) and we do know how to continue without doing significant harm (abort this one TLS/SSL connection, and in a way such that we

Re: cvs commit: openssl/util mkerr.pl

2002-08-14 Thread Bodo Moeller
On Wed, Aug 14, 2002 at 03:39:03PM +0100, Ben Laurie wrote: So how did the buffer get to be too small? Well, in one of the cases it was improper protocol data checking (fixed in 0.9.6f). The others should really be impossible, but if they ever become possible, this most likely is because of

Re: cvs commit: openssl/util mkerr.pl

2002-08-15 Thread Bodo Moeller
On Wed, Aug 14, 2002 at 08:42:47PM +0100, Ben Laurie wrote: I propose we have a compile time flag that determines whether impossible conditions are fatal or return errors, Go ahead, compile time flags are how we usually handle such things in

Re: [openssl.org #274] session ID length bug (in 0.9.6g and 0.9.7beta3)

2002-09-20 Thread Bodo Moeller
On Thu, Sep 19, 2002 at 01:44:01PM +0200, Bodo Moeller via RT wrote: I don't know why that message is empty. What I wrote is that this should now be fixed in the current snapshots (0.9.6-stable and 0.9.8-dev -- seems I forgot about 0.9.7-stable, this will have the fix tomorry). -- Bodo

Re: [openssl.org #262] bug: init race in SSLv3_client_method

2002-09-20 Thread Bodo Moeller
On Thu, Sep 19, 2002 at 06:28:16PM -0700, Patrick McCormick wrote: No locking should be needed because the assignments are idempotent. However, the assignments are not atomic. The following unprotected operation: if (init) { memcpy((char *)SSLv3_server_data,(char

Re: [openssl.org #262] bug: init race in SSLv3_client_method

2002-09-20 Thread Bodo Moeller
On Tue, Sep 03, 2002 at 05:29:41PM -0700, Patrick McCormick wrote: I needed to add the following calls in my single-thread openssl setup code to end several race conditions: SSLv23_client_method(); SSLv2_client_method(); SSLv3_client_method(); TLSv1_client_method();

Re: [openssl.org #262] bug: init race in SSLv3_client_method

2002-09-23 Thread Bodo Moeller
On Mon, Sep 23, 2002 at 04:26:00PM +0200, Bodo Moeller via RT wrote: Somehow the RT2 system doesn't like the comments I enter at the website when resolving a ticket ... I wrote that the next snapshots should solve the problem. Functions SSLv23_client_method

Re: [openssl.org #262] bug: init race in SSLv3_client_method

2002-09-25 Thread Bodo Moeller
On Tue, Sep 24, 2002 at 03:47:14PM -0700, Patrick McCormick wrote: Many thanks for putting in a lock. However, the race condition has not been eliminated. [...]init must be checked after the lock is entered in order to prevent the client_data setup from happening twice. So,

Re: [openssl.org #291] race condition in *get_cipher_by_char

2002-09-25 Thread Bodo Moeller
On Wed, Sep 25, 2002 at 05:31:08PM +0200, Bodo Moeller via RT wrote: As usual, I really wrote that the bug will be fixed in the next snapshot (but RT2 still does not believe me :-). -- Bodo Möller [EMAIL PROTECTED] PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658

Re: [PATCH] Adding Certicom licensing info

2002-09-25 Thread Bodo Moeller
On Wed, Sep 25, 2002 at 08:49:47AM -0400, John O Goyo wrote: Certicom has intellectual property rights relating to safe primes in DH [...] + Certicom has intellectual property rights relating to the use of safe primes + in the DH key-exchange, including US patent 5,933,504 and pending US +

Re: possible bug in BN_dec2bn()

2002-10-14 Thread Bodo Moeller
On Mon, Oct 14, 2002 at 12:52:30PM +0200, Richard Levitte - VMS Whacker wrote: The problem seems to be manifested in BN_dec2bn() because of the BN_mul_words and BN_add_words (e.g. line b). Since the upper parts of d aren't cleared out, those routines end up adding to whatever junk happened

Re: OpenSSL init races (WAS: Any updates on 0.9.6.(h))

2002-11-09 Thread Bodo Moeller
Miles Sabin [EMAIL PROTECTED]: First, the init flag needs to be volatile to prevent an aggressive compiler from optimizing away the second check (nb. there may be issues with compilers respecting volatile as mentioned in the key zeroizing thread). I know it should really be volatile (is

Re: OpenSSL Bug

2002-11-19 Thread Bodo Moeller
On Thu, Nov 14, 2002 at 11:14:49AM +0100, Lutz Jaenicke wrote: On Wed, Nov 13, 2002 at 04:14:54PM -0800, Jeremiah Gowdy wrote: I was doing application development (not the topic of this email) interacting with an IBM developed SSL library. I experienced unexpected disconnects immediately

Re: man page location

2003-01-29 Thread Bodo Moeller
On Sun, Jan 26, 2003 at 01:31:48PM -0800, Tim Rice wrote: I looks like man pages are being installed in the wrong place on non default installs. Ie. --prefix=/usr --openssldir=/etc/ssl It is intentional that we use the --openssldir value rather than the --prefix value in such cases. Files

Re: [openssl.org #359] Calling SSL_read and SSL_write with non-empty error stack may cause an error

2003-02-03 Thread Bodo Moeller
Arne Ansper [EMAIL PROTECTED]: Like I say, they should only do this if there was an error reported, surely? No. Take a look at the SSL_CTX_use_certificate_chain_file: ret=SSL_CTX_use_certificate(ctx,x); if (ERR_peek_error() != 0) ret = 0; /* Key/certificate mismatch

Re: openssl req prompting behavior

2003-02-04 Thread Bodo Moeller
On Wed, Jan 22, 2003 at 04:20:37PM -0600, Joel Daniels wrote: The openssl req command, when set up to prompt for the Distinguished Name, uses fgets() to read the Distinguished Name fields. This means that if someone uses the backspace key, a 0x08 character is inserted wherever they typed the

Re: Win32 update to the ssleay32.def file

2003-02-05 Thread Bodo Moeller
On Tue, Feb 04, 2003 at 04:32:24PM -0500, Joseph Ferner wrote: In OpenSSL 0.9.7 SSL_add_dir_cert_subjects_to_stack (ssl_cert.c) was added for Win32 but was omitted in the ssleay32.def file. Could this be added? Thanks for the report, this is now fixed. It would also be nice to have

Re: S/MIME PKCS7 and the famous CRLF

2003-02-11 Thread Bodo Moeller
On Tue, Feb 11, 2003 at 10:51:56AM +0100, Holger Sesterhenn wrote: I am playing around with PKCS7 mails and also have noticed the small gliches when dealing with multipart/mime. (yes, I have spent some time reading groups.google and the mailing list archives). If I understand RFC2046

IMPORTANT: please test snapshot openssl-0.9.7-stable-SNAP-20030214.tar.gz

2003-02-14 Thread Bodo Moeller
Please test snapshot openssl-0.9.7-stable-SNAP-20030214.tar.gz (or later), which will be available today around 8 p.m. GMT at URL: ftp://ftp.openssl.org/snapshot;type=d . We plan to release version 0.9.7a soon (next week if all goes well). OpenSSL 0.9.7a will be a bugfix release based on 0.9.7;

Re: [openssl.org #511] BUG: crypto/ec/ec_key.c:EC_KEY_dup()

2003-02-19 Thread Bodo Moeller
Bodo Moeller via RT [EMAIL PROTECTED]: [nothing] RT has cut off the message, which said that the fix will be in the next snapshot (which should be the latest snapshot by now). -- Bodo Möller [EMAIL PROTECTED] PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html

Re: [CVS] OpenSSL: openssl/crypto/asn1/ d2i_pu.c i2d_pu.c openssl/crypto/e...

2003-02-21 Thread Bodo Moeller
On Fri, Feb 21, 2003 at 02:58:24PM +0100, Bodo Moeller wrote: Log: ECPublicKey_set_octet_string and ECPublicKey_get_octet_string behaviour was not quite consistent with the conventions for d2i and i2d functions as far as handling of the 'out' or 'in' pointer is concerned

Re: [openssl.org #541] Problem with the blinding patch

2003-03-21 Thread Bodo Moeller
Bobco, Pete [EMAIL PROTECTED]: After applying the March 17, 2003 RSA Blinding patch, I am seeing some intermittant problems when I browse to my test server to retrieve pages. Sometimes a GIF file does not appear, but using the Refresh key will get it. I am wondering if anyone else out there

[OpenSSL Advisory] Klima-Pokorny-Rosa attack on PKCS #1 v1.5 padding

2003-03-19 Thread Bodo Moeller
OpenSSL Security Advisory [19 March 2003] Klima-Pokorny-Rosa attack on RSA in SSL/TLS === Czech cryptologists Vlastimil Klima, Ondrej Pokorny, and Tomas Rosa have come up with an extension of the Bleichenbacher attack on RSA with PKCS #1 v1.5 padding as

Re: RSA Blinding patch and a recent snapshot.

2003-04-01 Thread Bodo Moeller
On Mon, Mar 31, 2003 at 03:01:27PM -0500, Greaney, Kevin wrote: I downloaded a snapshot recently, openssl-e-0.9.6-stable-SNAP-20030327.tar.gz, and was comparing the files [.crypto.rsa]rsa_eay.c AND [.crypto.rsa]rsa_lib.c. I noticed that in rsa_eay.c that the patch used the positive

Re: reminder

1999-03-20 Thread Bodo Moeller
Please don't forget the enc_read.c bug fix. From: Michael Rayment [EMAIL PROTECTED] Subject: [ssl-bugs] Possible bug in crypto/des/enc_read.c Date: Mon, 15 Feb 1999 00:45:01 -0330 I am using enc_read.c and enc_write.c to easily read and write data into and from an encrypted file. I am

Re: cleaning up crypto/dsa

1999-03-20 Thread Bodo Moeller
+ s=BN_new(); if (s == NULL) ... + ret=DSA_SIG_new(); if (ret == NULL) ... + s = DSA_SIG_new(); if (s == NULL) ... __ OpenSSL Project http://www.openssl.org Development

Re: 386 assembler

1999-03-23 Thread Bodo Moeller
On Tue, Mar 23, 1999 at 06:17:21PM +0100, Ulf Möller wrote: With the following patch OpenSSL can be used on the 386 processor. I am not sure how it should be integrated in OpenSSL. The patch makes SHA-1 roughly 10% slower on a Pentium. I suspect that for most people performance on modern

Re: Strong Primes

1999-03-26 Thread Bodo Moeller
"Chad C. Mulligan" [EMAIL PROTECTED]: Hmmm... I don't know how _efficient_ it is, but in the tests I did on it, the average time to create a 1024 bit strong prime (and one _guaranteed_ strong, by construction) was 1014 seconds, as opposed to 2301 seconds for BN_generate_prime() with "strong"

Re: Strong Primes

1999-03-28 Thread Bodo Moeller
On Sat, Mar 27, 1999 at 04:03:00AM +0100, Bodo Moeller wrote: "Safe" primes, where q := (p - 1)/2 is prime, imply that there is one very large (order q) subgroup of (Z/pZ)*. More generally, we want a large prime q to be some divisor of p - 1. The order of the generato

Re: OpenSSL Error Handling

1999-03-29 Thread Bodo Moeller
Jeff Roberts [EMAIL PROTECTED]: Can anybody tell me how to get and interpret errors in OpenSSL ? For Example I call SSL_Connect() and get a return code of -1. How do I get the error code and error string associated with the error, I can't find any documentation on this and all of the

Re: 0.9.2b Sparc problem

1999-03-30 Thread Bodo Moeller
On Mon, Mar 29, 1999 at 05:20:36PM +0200, Bodo Moeller wrote: What I don't understand though is the redifinition of BN_ASM in openssl-0.9.2b/crypto/bn/Makefile: [...] The real definition is in openssl-0.9.2b/Makefile.ssl: [...] What's this redefinition about, and why does the make procedure

Re: re[2]: OpenSSL Error Handling

1999-03-30 Thread Bodo Moeller
[...] I do not have a file called error.doc on my hard drive. Actually, it's now part of doc/ssleay.txt. __ OpenSSL Project http://www.openssl.org Development Mailing List

Re: Strong Primes

1999-03-30 Thread Bodo Moeller
On Mon, Mar 29, 1999 at 01:12:03PM +, Chad C. Mulligan wrote: Bodo Moeller: What exactly do you mean by "strong" primes? BN_generate_prime() uses the word "strong" for what is more commonly called a "safe" prime, I mean a "safe" pri

SSL2_{CLIENT,SERVER}_VERSION

1999-03-31 Thread Bodo Moeller
. + [Bodo Moeller] I hope no-one circumenvented the API and used those macros directly in any applications? The comment in ssl.h was wrong, anyway: --- ssl.h 1999/03/22 12:22:03 1.17 +++ ssl.h 1999/03/31 12:06:29 1.18 @@ -477,10 +477,9 @@ struct ssl_st

Re: ocsp in openssl

1999-04-02 Thread Bodo Moeller
Tom Titchener [EMAIL PROTECTED]: Attached please find a compressed tar file containing patches and sources implementing with the OpenSSL libraries: http://www.ietf.org/internet-drafts/draft-ietf-pkix-ocsp-07.txt Here's a summary of the files you get: [...] mk1mf.pl.patch

Re: MD5 conflicts?

1999-04-02 Thread Bodo Moeller
Niels Poppe [EMAIL PROTECTED]: In packaging openssl, I change #include "foo.h" to #include ssl/foo.h and then install all ssl include files into /usr/include/ssl. This way nothing changes for openssl internally, but once installed in the system location, external programs can include

openssl/doc

1999-04-02 Thread Bodo Moeller
I thinkt that it is not a good idea to have files openssl.pod and openssl.txt in the same directory: The names suggest that the latter is a formatted version of the former, which is not true. The X509v3 documentation in openssl.txt (which could get a different filename) should mention that a

apps/sc.c

1999-04-02 Thread Bodo Moeller
apps/sc.c is a slight variation of apps/s_client.c. It exists in OpenSSL 0.9.1c, but not yet in SSLeay. The only changes to s_client.c are Windows-specific (mostly #if(n)defs); according to the comments, it has only been tested under Win95. Maybe someone who uses NT can look into it and, if it

Re: openssl/doc

1999-04-02 Thread Bodo Moeller
I wrote: pathLenConstraint counts just the CA path -- 0 means that a CA may sign only end entities --, while verify_depth counts all certificates, IIRC). I don't really mean all certificates (unless one starts counting at 0), but all steps on the path: Depth 1 means that CAs sign end-entity

Re: piping to s_client

1999-04-03 Thread Bodo Moeller
Mikko Hirvonen [EMAIL PROTECTED]: I have problems with pipes. I try to use s_client as fetchmail plugin, but something goes wrong. Transmission over ssl-tunnel will stop. I think s_client.c is buggy in that in does a select() loop where in fact it the first thing it should do in each

Re: patch to s23_srvr.c fixes crash for telnet with zero bytes to SSL port

1999-04-08 Thread Bodo Moeller
"Titchener, Tom" [EMAIL PROTECTED]: Ever try connecting to an SSLeay server that uses SSLv23_server_method() via a telnet session and then closing the session without sending any data? When you do that in our server, it crashes trying to use the handshake_func function in ssl23_read(),

Re: piping to s_client

1999-04-08 Thread Bodo Moeller
[EMAIL PROTECTED] (Bodo Moeller): Mikko Hirvonen [EMAIL PROTECTED]: I have problems with pipes. I try to use s_client as fetchmail plugin, but something goes wrong. Transmission over ssl-tunnel will stop. I think s_client.c is buggy in that in does a select() loop where in fact

make test revisited

1999-04-09 Thread Bodo Moeller
The shellscript test/testenc must be told somehow which ciphers have been configured. After a -DNO_IDEA build, it still tries to run "../apps/openssl idea-ecb" etc., which of course fails. I usually just ignored this error because I obviously knew that I explicitly did not include IDEA, so this

Re: make test revisited

1999-04-09 Thread Bodo Moeller
On Fri, Apr 09, 1999 at 11:45:47AM +0200, Richard Levitte - VMS Whacker wrote: What's the cleanest way to solve this? Exile the command list Run something like the following during compilation of the test directory: $(CC) $(CFLAGS) -E testenc_methods.c | sed -e 'd/^$/' |\

  1   2   3   4   5   6   7   >