Just wondering if we should have two new labels: “hold: tests needed” and
“hold: documentation needed” labels?
There are a number of PRs that come through where one or both of these are
missing (this post posed by @slontis’s comment in 12826
Still no need for the added complexity:
Push:
OPENSSL_CTX *prevctx = OPENSSL_CTX_set0_default(libctx);
Pop is:
OPENSSL_CTX_set0_default(prevctx);
Push before callback:
OPENSSL_CTX_set0_default(prevctx);
Pop after callback:
prevctx =
On Wed, 09 Sep 2020 16:08:10 +0200,
Tomas Mraz wrote:
>
> On Wed, 2020-09-09 at 22:29 +1000, Dr Paul Dale wrote:
> > > On 9 Sep 2020, at 9:38 pm, Tomas Mraz wrote:
> > >
> > > We could even provide a convenience thread local stack of lib
> > > contexts
> > > so the caller would not have to keep
On Wed, 2020-09-09 at 22:29 +1000, Dr Paul Dale wrote:
> > On 9 Sep 2020, at 9:38 pm, Tomas Mraz wrote:
> >
> > We could even provide a convenience thread local stack of lib
> > contexts
> > so the caller would not have to keep the old value but would just
> > push
> > the new libctx when
On Wed, 09 Sep 2020 13:38:42 +0200,
Tomas Mraz wrote:
> > Regarding model 3, it must be said that there is potential for
> > confusion
> > on what it's supposed to do, replace the default property query
> > string
> > (settable with EVP_set_default_properties()), or merge with it.
> > Remember
rough runtime
> configuration. Also
> >> >> note that the affected ciphersuites are only available on the server
> side if a
> >> >> DH certificate has been configured. These certificates are very
> rarely used and
> >> >> for this reason this issue has been cla
gt; that affected ciphersuites are disabled through runtime configuration.
>> >> Also
>> >> note that the affected ciphersuites are only available on the server side
>> >> if a
>> >> DH certificate has been configured. These certificates are very rarely
;> for this reason this issue has been classified as LOW severity.
> >>
> >> This issue was found by Robert Merget, Marcus Brinkmann, Nimrod Aviram
> and Juraj
> >> Somorovsky and reported to OpenSSL on 28th May 2020 under embargo in
> order to
>
Robert Merget, Marcus Brinkmann, Nimrod Aviram and
>> Juraj
>> Somorovsky and reported to OpenSSL on 28th May 2020 under embargo in order to
>> allow co-ordinated disclosure with other implementations.
>>
>> Note
>>
>>
>> OpenSSL 1.0.2 is out of sup
port customers:
> https://www.openssl.org/support/contracts.html
>
> OpenSSL 1.1.0 is out of support and no longer receiving updates of any
> kind.
> The impact of this issue on OpenSSL 1.1.0 has not been analysed.
>
> Users of these versions should upgrade to O
0 has not been analysed.
Users of these versions should upgrade to OpenSSL 1.1.1.
References
==
URL for this Security Advisory:
https://www.openssl.org/news/secadv/20200909.txt
Note: the online version of the advisory may be updated with additional details
over time.
For details of OpenSSL
> On 9 Sep 2020, at 9:38 pm, Tomas Mraz wrote:
>
> We could even provide a convenience thread local stack of lib contexts
> so the caller would not have to keep the old value but would just push
> the new libctx when entering and pop the old one when leaving. With
> that, I think the changes
On Wed, Aug 26, 2020 at 04:58:26PM +0100, Matt Caswell wrote:
> Please can anyone with PRs that they wish to have included in OpenSSL
> 3.0 beta1 ensure that they are merged to master by 8th September.
So that date has passed now. Can someone give an overview of what
we think is still needed to
On Wed, 2020-09-09 at 11:41 +0200, Richard Levitte wrote:
>
> Regarding the library context, when viewed as a global state, it
> makes
> sense to have it as a first argument where it's being passed, if at
> all. The question is, where should we actually pass it? We have a
> few different
A few of the more active developers currently have a videocall meeting
every tuesday, in the morning for us in Europe.
We talked about this issue yesterday, and realised quite a few things.
One pretty important thing to realise is that while many new functions
take a library context and a
15 matches
Mail list logo
