Re: [openssl.org #447] [Fwd: Bug#176058: openssl: Should askpassword only after basic input validation]

2003-01-22 Thread Florian Weimer
not verify that $FILE is a writable file. -- Florian Weimer[EMAIL PROTECTED] University of Stuttgart http://CERT.Uni-Stuttgart.DE/people/fw/ RUS-CERT fax +49-711-685-5898 __ OpenSSL

Re: Delayed release of OpenSSL 0.9.6a beta 3

2001-03-28 Thread Florian Weimer
to derive it as well (from d and q). OTOH, it's probably faster to calculate n = pq and not to rely CRT at all. -- Florian Weimer[EMAIL PROTECTED] University of Stuttgart http://cert.uni-stuttgart.de/ RUS-CERT +49-711-685-5973/fax +49-711-685

Wildcard support for certificate matching (plus fixes)

2012-11-07 Thread Florian Weimer
an internal error. Right now, it is not possible to tell match failures and internal errors apart. Florian -- Florian Weimer / Red Hat Product Security Team diff --git a/crypto/x509v3/Makefile b/crypto/x509v3/Makefile index 07e2df4..b54f540 100644 --- a/crypto/x509v3/Makefile +++ b/crypto/x509v3

SSL_connect.pod fix

2012-11-13 Thread Florian Weimer
There's a POD error in the manpage, resulting in quite misleading documentation. -- Florian Weimer / Red Hat Product Security Team commit cb06d593d1a59c932614c4e97055b441fc66c4ec Author: Florian Weimer fwei...@redhat.com Date: Tue Nov 13 14:22:44 2012 +0100 Fix POD usage

Re: [openssl.org #2909] Wildcard support for certificate matching (plus fixes)

2012-11-19 Thread Florian Weimer
this in any standard, so I suggest removing it (idna.patch). -- Florian Weimer / Red Hat Product Security Team commit 373bf51bb3a64f4d91241752be7178104d0de28b Author: Florian Weimer fwei...@redhat.com Date: Mon Nov 19 11:04:56 2012 +0100 Adjust v3nametest.c return value checking to API

Fix GCC asm constraints in crypto/bn/asm/x86_64-gcc.c

2012-11-19 Thread Florian Weimer
When x32 support was added to this file, the constraint was dropped, allowing GCC to overlap register assignments for inputs and outputs, resulting in broken assembler code. -- Florian Weimer / Red Hat Product Security Team commit 9dbf28460d10387c819d332b7a5c0397942b75ee Author: Florian

Replace scary comment in s3_pkt.c

2012-11-19 Thread Florian Weimer
Apparently, the IV initialization was moved to tls1_enc() t1_enc.c, so the commented-put initialization is indeed superfluous. And indeed, the IV on the wire appears to be random. Could someone please double-check this? Thanks. -- Florian Weimer / Red Hat Product Security Team commit

Add WEB cipher suite selector

2012-11-26 Thread Florian Weimer
a protocol-compliant client hello without explicitly disabling the cipher suites they do not support because they will never supply the required key material. -- Florian Weimer / Red Hat Product Security Team From af125d1abb2af6dd4853188d2e6d99963ae959c2 Mon Sep 17 00:00:00 2001 From: Florian

Re: Apple are, apparently, dicks...

2013-06-14 Thread Florian Weimer
one of the existing *ancient* flags. Does anyone really care about compatibility with a bug in SSLeay 0.80 for example? Wouldn't it be better to reverse the meaning of the flag and not set it in SSL_OP_ALL? -- Florian Weimer / Red Hat Product Security Team

Re: UTF8 decoding, unneeded byte masking

2013-08-26 Thread Florian Weimer
extension. If *p is unsigned, compilers are allowed to assume that (signed char)(*p) = 0 is always true (because signed overflow is undefined). -- Florian Weimer / Red Hat Product Security Team __ OpenSSL Project

Re: 1.0.1e: crash in sha1_block_data_order_ssse3()

2013-12-16 Thread Florian Weimer
. This is likely a toolchain bug, and not something that can be reasonably fixed in OpenSSL. -- Florian Weimer / Red Hat Product Security Team __ OpenSSL Project http://www.openssl.org Development

Re: [PATCH] sha1-x86_64/ssse3: enforce stack alignment

2013-12-17 Thread Florian Weimer
it is mandatory]). It's required by the amd64 ABI, and other things will break if this requirement is violated. -- Florian Weimer / Red Hat Product Security Team __ OpenSSL Project http

Re: 1.0.1e: crash in sha1_block_data_order_ssse3()

2013-12-17 Thread Florian Weimer
GCC version? -- Florian Weimer / Red Hat Product Security Team __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager

[PATCH] Reseed PRNG on PID change

2014-01-15 Thread Florian Weimer
for platforms where the gettimeofday() call is prohibitively slow. -- Florian Weimer / Red Hat Product Security Team commit 136a8da88ff52ad32f894fb0ecbcab5f4205ca49 Author: Florian Weimer fwei...@redhat.com Date: Wed Jan 15 16:46:17 2014 +0100 ssleay_rand_bytes: Re-seed on PID change diff --git

Re: [PATCH] Reseed PRNG on PID change

2014-01-16 Thread Florian Weimer
On 01/15/2014 05:44 PM, Dr. Stephen Henson wrote: On Wed, Jan 15, 2014, Florian Weimer wrote: Commit 3cd8547a2018ada88a4303067a2aa15eadc17f39 mixed the current time into the randomness pool each time RAND_bytes is called. As the resolution of gettimeofday() is limited, I propose to reseed

Re: [PATCH] Reseed PRNG on PID change

2014-01-16 Thread Florian Weimer
On 01/16/2014 01:57 PM, Dr. Stephen Henson wrote: On Thu, Jan 16, 2014, Florian Weimer wrote: The additional resolution of a tick counter might make reseeding after fork unnecessary, but it's difficult to be sure. Something not based on timing information looks desirable to me. I should

Re: [PATCH] Reseed PRNG on PID change

2014-01-16 Thread Florian Weimer
On 01/16/2014 03:39 PM, Florian Weimer wrote: I still propose to get rid of the time() call (md_rand-time.patch, AFAICT num == 0 at this point, so I pulled the initialization out of the loop). Disregard the patches, this doesn't work. -- Florian Weimer / Red Hat Product Security Team

Re: [PATCH] Reseed PRNG on PID change

2014-01-17 Thread Florian Weimer
. It also sidesteps the LinuxThreads issue. -- Florian Weimer / Red Hat Product Security Team __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev

[PATCH] dtls1_reassemble_fragment: Return error code on memory allocation failure

2014-04-10 Thread Florian Weimer
--- ssl/d1_both.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssl/d1_both.c b/ssl/d1_both.c index d8bcd58..2c06fc2 100644 --- a/ssl/d1_both.c +++ b/ssl/d1_both.c @@ -679,8 +679,8 @@ dtls1_reassemble_fragment(SSL *s, struct hm_header_st* msg_hdr, int *ok)

Re: Attribution of pull requests in git

2014-04-27 Thread Florian Weimer
* Ben Laurie: Is there an easy way to fix that? That is, I would expect it to show me as the committer and the original author as the author. git am does this, but merging from a Git repository does not because it changes the commit hashes and would force the submitter to rebase. In general,

Re: Which platforms will be supported in the future on which platforms will be removed?

2014-06-04 Thread Florian Weimer
(and int) of at least 32 bits (in the sense that there are unguarded integer overflows with 16-bit types). Wouldn't this rule out MS-DOS and 16-bit Windows as useful platforms? -- Florian Weimer / Red Hat Product Security Team

Re: Locking inefficiency

2014-06-11 Thread Florian Weimer
are protected by read locks? Often, RW locks aren't a win because maintaining just the read locks (without any writers) introduces contention at the hardware level, and parallelism does not increase all that much as a result. Paul McKenney's dissertation on RCU has some examples. -- Florian Weimer

Re: Locking inefficiency

2014-06-11 Thread Florian Weimer
of the threading library causes some other libraries to fall back to slower thread-safe variants. This mostly affects libstdc++ and std::shared_ptr (where atomics are used for maintaining the reference count), and to a lesser extend, malloc in glibc itself. -- Florian Weimer / Red Hat Product

Re: Locking inefficiency

2014-06-12 Thread Florian Weimer
implementation which uses native thread-local storage, which should be mostly contention-free. -- Florian Weimer / Red Hat Product Security Team __ OpenSSL Project http://www.openssl.org Development

Re: [openssl.org #3400] ccs received early

2014-06-12 Thread Florian Weimer
, this is about an interoperability issue. -- Florian Weimer / Red Hat Product Security Team __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org

Re: Very old release, unsupported platform

2014-07-02 Thread Florian Weimer
or Windows prior to the Win32 API) are still supported, but this is clearly not the case because a lot of bounds checks assume 32-bit ints. -- Florian Weimer / Red Hat Product Security __ OpenSSL Project

Re: Very old release, unsupported platform

2014-07-02 Thread Florian Weimer
of bounds checks assume 32-bit ints. Are there any of these platforms that would pass the Currency/Vendor support criteria? If so which ones? I fear that eComStation could fit these criteria, for the platforms I mentioned. -- Florian Weimer / Red Hat Product Security

Re: Patch to mitigate CVE-2014-3566 (POODLE)

2014-10-16 Thread Florian Weimer
for the broken fallback behavior because it is not a security vulnerability—it works as designed. This means that the TLS_FALLBACK_SCSV patch currently has no CVE associated with it. -- Florian Weimer / Red Hat Product Security

Re: Patch to mitigate CVE-2014-3566 (POODLE)

2014-10-16 Thread Florian Weimer
a limitation of the CVE authority file in the light of its current applications. -- Florian Weimer / Red Hat Product Security __ OpenSSL Project http://www.openssl.org Development Mailing List

Re: [openssl-dev] [openssl.org #2293] OpenSSL dependence on external threading functions is a critical design flaw

2015-05-04 Thread Florian Weimer
reporting library critically depends on working locking functions. You get strange results if you believe the FAQ that OpenSSL is thread-safe, even if you do not use any objects across threads. -- Florian Weimer / Red Hat Product Security ___ openssl-dev

Re: [openssl-dev] removing compression?

2015-04-08 Thread Florian Weimer
On 04/03/2015 09:53 PM, Salz, Rich wrote: If this will cause problems for you, please post on the list, ideally within the next week. PostgreSQL uses OpenSSL compression by default, and it is a deliberate feature (there is no application-layer compression support). -- Florian Weimer / Red

Re: [openssl-dev] Self-initialization of locking/threadid callbacks and auto-detection of features

2015-06-11 Thread Florian Weimer
avoid it. If you have received advice to the contrary, your source of advice is wrong. :-) -- Florian Weimer / Red Hat Product Security ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] A Question about CRYPTO_THREADID when upgrading to OpenSSL 1.0.1e

2015-06-11 Thread Florian Weimer
? Which platform are you on? -- Florian Weimer / Red Hat Product Security ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] Self-initialization of locking/threadid callbacks and auto-detection of features

2015-07-24 Thread Florian Weimer
On 06/15/2015 06:02 PM, Nico Williams wrote: On Thu, Jun 11, 2015 at 10:41:58AM +0200, Florian Weimer wrote: Detecting things in libcrypto is very difficult on GNU/Linux due to the way dynamic linking works. Details? Detection based on weak symbols can break due to linking order

Re: [openssl-dev] 0.9.8 support after 31 Dec 2015

2015-07-24 Thread Florian Weimer
, and fixing that while preserving binary compatibility with 0.9.8 is quite a challenge.) -- Florian Weimer / Red Hat Product Security ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

2015-11-17 Thread Florian Weimer
* Viktor Dukhovni: > If I were to guess, it would be that the base crypto implementations > of IDEA, SEED and binary elliptic curves need to stay. We could > perhaps get away with removing CAST and RIPEMD. Just one data point: CAST5 is still the default for GnuPG when using symmetric

Re: [openssl-dev] [openssl-team] Discussion: design issue: async and -lpthread

2015-12-07 Thread Florian Weimer
On 11/25/2015 06:48 PM, Kurt Roeckx wrote: > On Wed, Nov 25, 2015 at 01:02:29PM +0100, Florian Weimer wrote: >> On 11/23/2015 11:08 PM, Kurt Roeckx wrote: >> >>> I think that we currently don't do any compile / link test to >>> detect features but that we i

Re: [openssl-dev] [openssl-team] Discussion: design issue: async and -lpthread

2015-12-08 Thread Florian Weimer
* Nico Williams: > Maybe http://trac.mpich.org/projects/openpa/ would fit the bill? It seems to have trouble to keep up with new architectures. ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl-team] Discussion: design issue: async and -lpthread

2015-12-15 Thread Florian Weimer
* Nico Williams: > On Tue, Dec 08, 2015 at 11:19:32AM +0100, Florian Weimer wrote: >> > Maybe http://trac.mpich.org/projects/openpa/ would fit the bill? >> >> It seems to have trouble to keep up with new architectures. > > New architectures are not really a pro

Re: [openssl-dev] [openssl-team] Discussion: design issue: async and -lpthread

2015-11-25 Thread Florian Weimer
On 11/23/2015 11:08 PM, Kurt Roeckx wrote: > I think that we currently don't do any compile / link test to > detect features but that we instead explicitly say so for each > platform. > > Anyway, the gcc the documentation is here: > https://gcc.gnu.org/onlinedocs/gcc/Thread-Local.html > > TLS

Re: [openssl-dev] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

2015-11-17 Thread Florian Weimer
* Kurt Roeckx: > On Tue, Nov 17, 2015 at 07:10:00PM +0100, Florian Weimer wrote: >> * Viktor Dukhovni: >> >> > If I were to guess, it would be that the base crypto implementations >> > of IDEA, SEED and binary elliptic curves need to stay. We could >>

Re: [openssl-dev] License change agreement

2017-03-24 Thread Florian Weimer
* Kurt Roeckx: > On Fri, Mar 24, 2017 at 08:02:25PM +0100, Florian Weimer wrote: >> * Quanah Gibson-Mount: >> >> > Zero people that I know of are saying to switch to the GPL. What is >> > being pointed out is that the incompatibility with the current >> &g

Re: [openssl-dev] License change agreement

2017-03-24 Thread Florian Weimer
* Quanah Gibson-Mount: > --On Friday, March 24, 2017 9:02 PM +0100 Florian Weimer <f...@deneb.enyo.de> > wrote: > >> * Quanah Gibson-Mount: >> >>> Zero people that I know of are saying to switch to the GPL. What is >>> being pointed out is that the

Re: [openssl-dev] License change agreement

2017-03-24 Thread Florian Weimer
* Quanah Gibson-Mount: > Zero people that I know of are saying to switch to the GPL. What is > being pointed out is that the incompatibility with the current > OpenSSL license with the GPLv2 has been a major problem. The alleged incompatibility of OpenSSL with the GPLv2 has been used to promote

Re: [openssl-dev] The new OpenSSL license should be made GPLv2 compatible

2017-03-25 Thread Florian Weimer
* James Bottomley: > On Sat, 2017-03-25 at 16:10 +, Salz, Rich via openssl-dev wrote: >> >> > Please, in the final OpenSSL license text add the paragraph linked >> > in the above LLVM mailing list as an exception to the Apache >> > license. >> > >> > We should make sure using OpenSSL in

Re: [openssl-dev] Blog post; changing in email, crypto policy, etc

2018-01-23 Thread Florian Weimer
* Hubert Kario: > when I mark project as followed I'm getting messages from all issues > and all PRs - likely dozens if not hundred messages a day But isn't that the point? My main concern with Github is that I have no record of my own actions. (Their single-account policy is also a problem

Re: [openssl.org #447] [Fwd: Bug#176058: openssl: Should ask password only after basic input validation]

2003-01-13 Thread Florian Weimer via RT
not verify that $FILE is a writable file. -- Florian Weimer[EMAIL PROTECTED] University of Stuttgart http://CERT.Uni-Stuttgart.DE/people/fw/ RUS-CERT fax +49-711-685-5898