This isn't a big one, but the HP ANSI C (and the HP ANSI C++) compiler give
the following warnings when building crypto/pkcs12/p12_npas.c:
cc: warning 5004: Uninitialized variable "pbe_iter" in function
"newpass_p12" (5004)
cc: warning 5004: Uninitialized variable "pbe_saltlen" in function
"newp
[guest - Thu Feb 20 19:00:47 2003]:
The patch works, the app no longer crashes while verifying the DSA
signature that it crashed on before.
It took me a while to get my app running with 0.9.7a because I couldn't
figure out why the ubsec code wasn't being built in -- I wasn't crashing
when runnin
[geoff - Sat Feb 15 22:50:51 2003]:
> [geoff - Sat Feb 15 21:48:27 2003]:
>
> I've attached a diff that I think addresses the problem but I'll need to
> consider the consequences a bit more in terms of how this could affect
> existing (and 3rd party and future) DSA implementations. Could you
> p
[geoff - Sat Feb 15 21:48:27 2003]:
> Hi there,
>
> > (1) While testing I found that verification of certain signed
> > documents crashed OpenSSL. The problem appears to be that
> > hw_ubsec.c:ubsec_dsa_verify() calls
> > p_UBSEC_dsa_verify_ioctl() and if this call fails then the code tries
> >
Sorry for following up on my own mail, but I just wanted to say that
reverting the change now seems right to me (it's setting ex_data->sk
to NULL, not zeroing out sensitive data).
On Thu, Feb 20, 2003 at 10:06:55AM +0300, Solar Designer wrote:
> Hi,
>
> I've noticed this while reviewing diffs bet
On Thu, 20 Feb 2003, Richard Levitte - VMS Whacker via RT wrote:
>
> In message <[EMAIL PROTECTED]> on Thu, 20 Feb 2003 11:16:25
>+0100 (MET), "Alexey Semenov via RT" <[EMAIL PROTECTED]> said:
>
> rt> try ./config shared no-engine, then compile.
> rt> Apache 1.3.27/mod_ssl crashes with segmentat
On Wed, Feb 19, 2003 at 06:10:13PM +0100, Ralph via RT wrote:
> on AIX (64bit) I noticed a major problem with non-blocking sockets.
> Methods SSL_connect(), SSL_read() and SSL_write() should return
> SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE if they need to complete
> their tasks but the soc
In message <[EMAIL PROTECTED]> on Thu, 20 Feb 2003 11:16:25
+0100 (MET), "Alexey Semenov via RT" <[EMAIL PROTECTED]> said:
rt> try ./config shared no-engine, then compile.
rt> Apache 1.3.27/mod_ssl crashes with segmentation fault.
rt> if i remove 'no-engine' - all ok,
rt> linux 2.4.19/gcc 2.95.3
In message <[EMAIL PROTECTED]> on Thu, 20 Feb 2003 11:16:25
+0100 (MET), "Alexey Semenov via RT" <[EMAIL PROTECTED]> said:
rt> try ./config shared no-engine, then compile.
rt> Apache 1.3.27/mod_ssl crashes with segmentation fault.
rt> if i remove 'no-engine' - all ok,
rt> linux 2.4.19/gcc 2.95.3/
In message <[EMAIL PROTECTED]> on Thu, 20 Feb 2003 10:06:55 +0300,
Solar Designer <[EMAIL PROTECTED]> said:
solar> --- openssl-0.9.6h/crypto/x509/x509_vfy.c Thu Nov 28 11:06:30 2002
solar> +++ openssl-0.9.6i/crypto/x509/x509_vfy.c Tue Dec 10 11:28:16 2002
solar> @@ -897,7 +897,7 @@
so
System:
IA-64, SuSE SLES-8
Compiler:
Intel(R) C++ Itanium(R) Compiler for Itanium(R)-based applications
Version 7.0, Build 20021210
I've patched the Configure script by adding a new configuration,
"linux-ia64-ecc". It's based on the "linux-ia64" configuration with
the following chan
Hello,
try ./config shared no-engine, then compile.
Apache 1.3.27/mod_ssl crashes with segmentation fault.
if i remove 'no-engine' - all ok,
linux 2.4.19/gcc 2.95.3/glibc 2.1.3
---
WBR,
Alexey.
__
OpenSSL Proje
Hi,
I've noticed this while reviewing diffs between 0.9.6h and 0.9.6i:
--- openssl-0.9.6h/crypto/x509/x509_vfy.c Thu Nov 28 11:06:30 2002
+++ openssl-0.9.6i/crypto/x509/x509_vfy.c Tue Dec 10 11:28:16 2002
@@ -897,7 +897,7 @@
ctx->chain=NULL;
}
C
13 matches
Mail list logo