Re: [openssl-project] To use or not use the iconv API, and to use or not use other libraries

> On Jun 12, 2018, at 6:56 PM, Richard Levitte wrote: > > Some implementations of the iconv library take the empty string as > the locale-specific encoding, but that is in no way universal, and > isn't specified in the standard: > > http://pubs.opengroup.org/onlinepubs/009695399/functions/ico

Re: [openssl-project] To use or not use the iconv API, and to use or not use other libraries

In message <333784c8-4870-4ddb-a892-13d552724...@dukhovni.org> on Tue, 12 Jun 2018 16:02:16 -0400, Viktor Dukhovni said: openssl-users> openssl-users> openssl-users> > On Jun 12, 2018, at 3:39 PM, Richard Levitte wrote: openssl-users> > openssl-users> >> The flags I'd like to see are: opens

Re: [openssl-project] To use or not use the iconv API, and to use or not use other libraries

> On Jun 12, 2018, at 3:39 PM, Richard Levitte wrote: > >> The flags I'd like to see are: >> >> -latin1: Passphrase is a stream of octets, each of which is a single >> unicode >> character in the range 0-255. > > I would prefer to call it -binary or something like that... it

Re: [openssl-project] To use or not use the iconv API, and to use or not use other libraries

In message on Tue, 12 Jun 2018 11:06:40 -0400, Viktor Dukhovni said: openssl-users> openssl-users> openssl-users> > On Jun 7, 2018, at 3:40 PM, Salz, Rich wrote: openssl-users> > openssl-users> > I think you forgot that this is not what I suggested. One flag indicates it's utf-8 encoded,

Re: [openssl-project] To use or not use the iconv API, and to use or not use other libraries

> On Jun 7, 2018, at 3:40 PM, Salz, Rich wrote: > > I think you forgot that this is not what I suggested. One flag indicates > it's utf-8 encoded, don't touch it. The other flag indicates it might have > high-bit chars, don't touch it. The flags I'd like to see are: -latin1: Passphras

Re: [openssl-project] To use or not use the iconv API, and to use or not use other libraries

> On Jun 11, 2018, at 11:46 AM, Salz, Rich wrote: > > And the docs for this *new flag* explain that the behavior could change in > the future. There must be no "change in the future". Whatever flags we add now, must implement a stable interface. A flag that changes behaviour is useless. -

[openssl-project] OpenSSL Security Advisory

) in the OpenSSL git repository. This issue was reported to OpenSSL on 5th June 2018 by Guido Vranken who also developed the fix. References == URL for this Security Advisory: https://www.openssl.org/news/secadv/20180612.txt Note: the online version of the advisory may be updated with

Re: [openssl-project] Please approve 6457 for backport

On 12/06/18 10:16, Matt Caswell wrote: > This is the PR for the CVE. I forgot to add the branches to the > PR...this is for 1.1.0 and 1.0.2. Please can someone approve the > backport asap? This is now done (thanks Tim). Now looking for an approval for the web updates: https://github.com/opens

[openssl-project] Please approve 6457 for backport

This is the PR for the CVE. I forgot to add the branches to the PR...this is for 1.1.0 and 1.0.2. Please can someone approve the backport asap? Thanks Matt ___ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/list

Re: [openssl-project] To use or not use the iconv API, and to use or not use other libraries

In message <2418fe0a-8a61-47ad-9e60-f40bd0c79...@openssl.org> on Mon, 11 Jun 2018 19:29:09 +0200, Richard Levitte said: levitte> levitte> levitte> "Salz, Rich" skrev: (11 juni 2018 18:54:37 CEST) levitte> >>Except that, because of the way PKCS12_gen_mac() works, this isn't levitte> >