Apologies for the name I’ve been sending under. I don’t represent Oracle of
A temporary new MUA that isn’t quite doing what I expected.
> On 8 May 2018, at 7:33 pm, Oracle wrote:
> Kurt wrote:
>> The comment about not hashing it is if you want to use
I also believe that we shouldn’t be relying on locale, it is a Pandora’s box we
don’t want to open.
Even claiming that OpenSSL is UTF-8 compliant is probably a stretch (e.g. the
isXXX functions aren’t).
Saying we accept unsigned eight bit byte inputs and process them unmodified is
as far as I’d
I’d like a prompt review of #7513 so I can push the second CVE out.
#7512 is kind of related but not CVE level.
openssl-project mailing list
Thanks, Richard. I’ll merge tomorrow and publish CVE 20181030.
> On 29 Oct 2018, at 8:21 pm, Richard Levitte wrote:
> In message <785270db-e18c-4c5a-a961-765859cd6...@oracle.com> on Mon, 29 Oct
> 2018 19:45:36 +1000, Dr Paul Dale said:
>> I’d like a
instantiation and move the latter into its own C file.
Dr Paul Dale | Cryptographer | Network Security & Encryption
Phone +61 7 3031 7217
> On 27 Jan 2019, at 8:33 pm, Tim Hudson wrote:
> From https://github.com/openssl/openssl/pull/7
should have separate data structures for the different uses, each
optimised for its specific usage.
This would be a long path (and I’m hijacking this thread a bit), but it is
something I’ve been wanting to do for a while now.
Dr Paul Dale | Cryptographer | Network Security
the DECLARE_LHASH_OF macro to prototype the functions.
The .c file uses the DEFINE_LHASH_OF macro to create them.
I chose lhash here because it is the simpler of the two, safestack has more
options and is a bit more convoluted. I’m willing to make a stab at a PR for
means we’ve a compatibility issue. The functions are in a public header,
they can be used by any application. We need to continue supporting such use.
Asking a user to add a DEFINE_ line is API breaking.
I would be pro making such a change but we’d need to accept the consequences.