early openssl and curl forks that support ESNI

2019-09-04 Thread Stephen Farrell
Hiya, We've done some work on an openssl fork [1] that has ESNI support and on a curl fork [2] that uses that. It's early days, but if anyone wants to try play with the build and give us feedback that'd be great. There's a HOWTO at [3]. If you find any issues with that you'd like to raise then

OPENSSL_armcap_P, OPENSSL_ia32_P, OPENSSL_ppccap_P

2019-09-04 Thread Roger No-Spam
Hi, I'm using openssl on a platform/OS that supports multiple CPU architectures. The context switching does not save SIMD registers unless the thread has a special options set. This creates some challenges when using openssl, which use SIMD registers in several assembler optimizations. I would

OPENSSL_armcap_P, OPENSSL_ia32_P, OPENSSL_ppccap_P

2019-09-04 Thread Roger No-Spam
Hi, I'm using openssl on a platform/OS that supports multiple CPU architectures. The context switching does not save SIMD registers unless the thread has a special options set. This creates some challenges when using openssl, which use SIMD registers in several assembler optimizations. I would

Re: [TLS] TLSv1.2 - Is zero signature allowed in client CertificateVerify message?

2019-09-04 Thread Viktor Dukhovni
> On Sep 3, 2019, at 11:27 AM, M K Saravanan wrote: > > Thanks Richard for the reply. Let me rephrase my question: > > If a client encounter any error condition (e.g. does not have access to the > private key for whatever reason) in generating the signature, can it send > zero bytes in the

OPENSSL_armcap_P, OPENSSL_ia32_P, OPENSSL_ppccap_P

2019-09-04 Thread Roger No-Spam
Hi, I'm using openssl on a platform/OS that supports multiple CPU architectures. The context switching does not save SIMD registers unless the thread has a special options set. This creates some challenges when using openssl, which use SIMD registers in several assembler optimizations. I would

Forthcoming OpenSSL Releases

2019-09-04 Thread Matt Caswell
The OpenSSL project team would like to announce the forthcoming release of OpenSSL versions 1.1.1d, 1.1.0l and 1.0.2t. These releases will be made available on 10th September 2019 between approximately 1200-1600 UTC. These are security fix releases. The highest severity security issue fixed by

RE: Compiling OpenSSL 1.1 - certs directory is empty, how to obtain?

2019-09-04 Thread Michael Wojcik
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of > Pete Cooper > Sent: Saturday, August 24, 2019 13:10 > The `config` and subsequent `make` complete without any visible issues shown. > However, > /etc/php/shared/openssl/certs is an empty directory. > Are there