From: "Dr. Stephen Henson"
> Have any of these patches been sent to the request tracker?
A similar question was raised back around 12-NOV-2009:
> Can you (and others in this thread) please submit bug fix patches to the
> request tracker (r...@openssl.org) so they don't get overlooked??
whic
Peter Waltenberg wrote:
"
I don't think you can avoid a dependency on the system threading library
though, but I don't see why that would be an issue. Many single-threaded
programs wind up requiring the threading library on many platforms anyway
as
it may contain functions like 'clock_gettime' or
"
I don't think you can avoid a dependency on the system threading library
though, but I don't see why that would be an issue. Many single-threaded
programs wind up requiring the threading library on many platforms anyway
as
it may contain functions like 'clock_gettime' or 'sched_yield'. (Does
anyo
Darryl Miles wrote:
> How does each of the 3 threads arbitrate in a thread-safe manner the
> initialization of the OpenSSL related libraries. How does any one of
> them know it is the "first user" ?
For existing code, there is no fix. They will set incompatible callbacks and
they will break. I d
Howard Chu wrote:
ELF shared libraries support .init and .fini sections to contain code
that should be executed just after load and just before unload. Assuming
you had a default set of callbacks in the library, it would be simple to
set them here. Likewise any other shared library that manipul
Howard Chu wrote:
Darryl Miles wrote:
Still don't get it. Lets use Linux as an example.
This is actually one of the easiest to solve. Of course the bigger
problem is that solutions here are all platform-dependent, and
maintenance will be a pain.
ELF shared libraries support .init and .fin
Darryl Miles wrote:
David Schwartz wrote:
Mark Phalan wrote:
In this case, I presume 'pkinit' only supports one threading model
(or one
set of compatible threading models). So it can set the callbacks.
It can set the callbacks but it can't set them in a way which is safe
from races.
It ca
David Schwartz wrote:
Mark Phalan wrote:
In this case, I presume 'pkinit' only supports one threading model
(or one
set of compatible threading models). So it can set the callbacks.
It can set the callbacks but it can't set them in a way which is safe
from races.
It can set them before it
Mark Phalan wrote:
> On 29 Mar 2010, at 20:20, David Schwartz wrote:
> > Mark Phalan wrote:
> >
> > I think this fix is actually a bad one.
> I'm still not clear why you think that.
Because it doesn't solve the problem case -- where one library user sets
callbacks that another library user
Mark Phalan wrote:
> > In this case, I presume 'pkinit' only supports one threading model
> > (or one
> > set of compatible threading models). So it can set the callbacks.
> It can set the callbacks but it can't set them in a way which is safe
> from races.
It can set them before it performs a
On Tue, Mar 30, 2010, Jeff Davey wrote:
> doing ./config no-comp ; make on OpenSSL 0.9.8n I get this:
>
> gcc -I../crypto -I.. -I../include -DDSO_DLFCN -DHAVE_DLFCN_H -m64
> -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int -DOPENSSL_BN_ASM_MONT
> -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAE
doing ./config no-comp ; make on OpenSSL 0.9.8n I get this:
gcc -I../crypto -I.. -I../include -DDSO_DLFCN -DHAVE_DLFCN_H -m64
-DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int -DOPENSSL_BN_ASM_MONT
-DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -c -o s23_clnt.o
s23_clnt.c
s23_clnt.c: In
Hello,
I think I've found a bug in openssl. When I run the following command
to decrypt a file in CMS format (DER encoded), openssl crashes with a
segmentation fault:
>openssl cms -decrypt -binary -inform der -in inputfile -recip
>certs/enc.crt-nopass -out outputfile
The inputfile is attached (
On Tuesday, 30. March 2010 16:01:54 Thomas Jarosch wrote:
> I'm just thinking what might happen if f.e. a TLS enabled postfix
> connects to an old Centos 3 based server to deliver emails.
> Guess that would fail like in 2009, wouldn't it?
Just rechecked the issue from 2009
(http://marc.info/?l=ope
Hello,
On Tuesday, 30. March 2010 15:51:31 Bodo Moeller wrote:
> So client-side OpenSSL is buggy if compiled with no-tlsext (in 0.9.8m
> and 0.9.8n) because it sends that pseudo-ciphersuite number without
> being able to handle the TLS extension then expected in the server's
> response. So the no
On Mar 30, 2010, at 3:04 PM, Adam Langley wrote:
On Tue, Mar 30, 2010 at 7:35 AM, Thomas Jarosch
wrote:
28141:error:14092073:SSL routines:SSL3_GET_SERVER_HELLO:bad packet
length:s3_clnt.c:878:
openssl is compiled with the "no-tlsext" option. no-tlsext was
added back
in 2009 as openssl 0.9.8j
On Tue, Mar 30, 2010 at 7:35 AM, Thomas Jarosch
wrote:
> 28141:error:14092073:SSL routines:SSL3_GET_SERVER_HELLO:bad packet
> length:s3_clnt.c:878:
>
> openssl is compiled with the "no-tlsext" option. no-tlsext was added back
> in 2009 as openssl 0.9.8j had trouble connecting to a Centos 3 based s
On Tue, Mar 30, 2010, Arpadffy Zoltan wrote:
> Hello,
>
> I am happy that 1.0.0 is released. Thank you all for the hard work and time
> spent for the community.
>
> I was really hoping and looking for a VMS ready 1.0.0 release. Some of us
> have sent many patches, suggestions - unfortunately, n
Hello,
I am happy that 1.0.0 is released. Thank you all for the hard work and time
spent for the community.
I was really hoping and looking for a VMS ready 1.0.0 release.
Some of us have sent many patches, suggestions - unfortunately, not all of
those changes have got through to the released co
Hello,
after updating from openssl 0.9.8l to openssl 0.9.8n,
I'm unable to connect to a TLS enabled SMTP server:
./openssl s_client -connect smtp.scriptroom.net:25 -starttls smtp -debug
28141:error:14092073:SSL routines:SSL3_GET_SERVER_HELLO:bad packet
length:s3_clnt.c:878:
openssl is compiled
20 matches
Mail list logo
