Re: [openssl-users] OpenSSL 0.9.8 - No more security fixes, nor updates and support, But NO CVEs listed either?

2016-01-12 Thread Joe Flowers
Thanks, Matt! I did not know that OpenSSL.org is the only organization that creates CVEs for OpenSSL. Thanks for clearing this up for me! Joe -- On 12/01/16 22:43, Joe Flowers wrote: >* Hello OpenSSL Developers, *> > >* I understand through your previous announcements that

Re: [openssl-users] Jks converted to Pem error in veirfying

2016-01-12 Thread Anil Mathew
Hi Jan, Thanks for you reply. I have sent you the mail with the certificates. The version is. OpenSSL 0.9.8k 25 Mar 2009 ​Regards Anil​ Sent with MailTrack On Tue, Jan 12, 2016 at 2:02 AM, Jan Just

[openssl-users] SSL_COMP

2016-01-12 Thread Michal Trojnara
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi Guys, Any idea how to properly use: STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void); STACK_OF(SSL_COMP) *SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP) *meths); in the latest

Re: [openssl-users] SSL_COMP

2016-01-12 Thread Michał Trojnara
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 12.01.2016 20:18, Viktor Dukhovni wrote: >> On Jan 12, 2016, at 4:05 AM, Michal Trojnara >> wrote: I guess openssl/ssl.h should >> be modified to include: typedef struct ssl_comp_st SSL_COMP; >>

Re: [openssl-users] SSL_COMP

2016-01-12 Thread Viktor Dukhovni
> typedef struct ssl_comp_st SSL_COMP; Yes, that needs to be visible. Thanks. Patch below: openssl base64 -d < ssl_comp.diff H4sIANFMlVYAA42SwW7iMBCG736KkfYCZJ3QNEArLkU0FLQUEM5hb1awHWIpJFFs tKyqffe1SygtpFUjRbZn/vnl8XxcJglgvJUaYk/mLNtz4RWlyJXKPPO7KWya40jm

Re: [openssl-users] SSL_COMP

2016-01-12 Thread Viktor Dukhovni
> On Jan 12, 2016, at 4:05 AM, Michal Trojnara > wrote: > > Any idea how to properly use: > STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void); > STACK_OF(SSL_COMP) *SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP) >

Re: [openssl-users] libssl.so.1.0.0

2016-01-12 Thread Kurt Roeckx
On Tue, Jan 12, 2016 at 04:03:42PM -0500, Jeff Archer wrote: > I am building from source that came from openssl-1.0.2e.tar.gz but it > appears to be producing output of libssl.so.1.0.0. Is this what I should > expect? Yes. That is the correct soname for all 1.0.X releases. Kurt

[openssl-users] libssl.so.1.0.0

2016-01-12 Thread Jeff Archer
I am building from source that came from openssl-1.0.2e.tar.gz but it appears to be producing output of libssl.so.1.0.0. Is this what I should expect? Jeff Archer jeffarch...@gmail.com ___ openssl-users mailing list To

[openssl-users] OpenSSL 0.9.8 - No more security fixes, nor updates and support, But NO CVEs listed either?

2016-01-12 Thread Joe Flowers
Hello OpenSSL Developers, I understand through your previous announcements that OpenSSL 0.9.8 is no longer "supported", and no more "security fixes", nor "security updates" will be provided by OpenSSL.org. Does this mean that we can expect no more CVEs to be generated or listed for OpenSSL

[openssl-users] OpenSSL 0.9.8 - No more security fixes, nor updates and support, But NO CVEs listed either?

2016-01-12 Thread Joe Flowers
Hello OpenSSL Developers, I understand through your previous announcements that OpenSSL 0.9.8 is no longer "supported", and no more "security fixes", nor "security updates" will be provided by OpenSSL.org. Does this mean that we can expect no more CVEs to be generated or listed for OpenSSL

Re: [openssl-users] OpenSSL 0.9.8 - No more security fixes, nor updates and support, But NO CVEs listed either?

2016-01-12 Thread Matt Caswell
On 12/01/16 22:43, Joe Flowers wrote: > Hello OpenSSL Developers, > > > I understand through your previous announcements that OpenSSL 0.9.8 is no > longer "supported", and no more "security fixes", nor "security updates" will > be provided by OpenSSL.org. > > > Does this mean that we can