RE: [openssl.org #3494] Possible sign bit bug in openssl 1.0.1i handling of 128-bit serial numbers

> From: owner-openssl-...@openssl.org On Behalf Of Igor Levicki via RT > Sent: Monday, August 18, 2014 15:10 > [serial number sometimes has extra 00 byte] > depending on whether the sign bit is set or not. > Yes. Decades ago X.509 defined serialNumber in ASN.1 as INTEGER, which is two's-compleme

Platform query

Does anyone want to speak up for the requirement that we continue to support BEOS (apparently B/1 and R5?), OS/2, or pre-Windows MSDOS? Unless there is strong interest and commitment, we will drop these after 1.0.2 /r$ -- Principal Security Engineer Akamai Technologies, Cambridg

[openssl.org #2847] [PATCH 2/4] Don't "check" uninitialized memory

Fix committed to HEAD, for next release after 1.0.2; thanks. commit 89fb142b49e100ec35edcfee81ddee59ba2fb149 Author: Martin Olsson Date: Tue Aug 19 11:38:54 2014 -0400 RT2847: Don't "check" uninitialized memory Don't check err variable until after it's been set. Reviewed-by: Emilia Kasper --

[openssl.org #2848] [PATCH 3/4] Drop auth null check since we've already dereferenced it earlier

Fixed in HEAD for next release after 1.0.2; thanks. commit 96208cb1821f92dd6e94c3aa2882bc9cc47904f9 Author: Martin Olsson Date: Tue Aug 19 11:46:52 2014 -0400 RT2848: Remove extra NULL check Don't need to check auth for NULL since we did when we assigned to it. Reviewed-by: Emilia Kasper -- R

[openssl.org #2723] [Patch] Fix NULL pointer dereference in EVP_DigestInit_ex with NULL type

You're not supposed to pass in NULL for type. -- Rich Salz, OpenSSL dev team; rs...@openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@o

[openssl.org #3062] [PATCH] asm_volatile

This was already fixed in master and 1.0.2 by commit 7753a3a68431aa81b82beea4c3f5374b41454679. This commit has now also been backported to all other branches. __ OpenSSL Project http://www.openssl.o

[openssl.org #1798] patch requested for safestack

safestack.h now has and uses CHECKED_STACK() not just CHECKED_PTR so the casts are not necessary. -- Rich Salz, OpenSSL dev team; rs...@openssl.org __ OpenSSL Project http://www.openssl.org Developm

[openssl.org #2513] [PATCH] fix spelling error s/paramter/parameter/

Fixed in HEAD for next release after 1.0.2; thanks. commit 1afd7fa97c5445b18ce8afe6f81b932b2c217a5f Author: Martin Olsson Date: Tue Aug 19 10:42:52 2014 -0400 RT2513: Fix typo's paramter-->parameter I also found a couple of others (padlock and signinit) and fixed them. Reviewed-by: Emilia Kasp

[openssl.org #2575] [PATCH] remove redundant check in tls code

Already fixed, at least in HEAD. Thanks. -- Rich Salz, OpenSSL dev team; rs...@openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openss

[openssl.org #2243] [patch] s_client.c: segmentation fault

-- Fixed in rsalz-monolith branch of akamai/openssl fork on github. To be part of release after 1.0.2; thanks. commit 9e4deeb2417c2832f023f4ef9ba6565dbe188b19 Author: OpenBSD via Matthew Haub Date: Tue Aug 19 10:32:26 2014 -0400 RT2243: Could run off end of buffer in s_client The openssl comman

[openssl.org #2401] PATCH: Spelling corrections in FAQ

Fixed in HEAD for next release after 1.0.2; thanks commit 76b10e13c22681d09567192583c81b296aed279e Author: Jeffrey Walton Date: Mon Aug 18 14:16:24 2014 -0400 PR2401: Typos in FAQ Also rewrite section on compiler bugs; Matt pointed out that it has some grammatical issues. Reviewed-by: Emilia K

[openssl.org #2724] [Patch] Openssl 1.0.1 beta2 - srtp.h defines SSL_get_selected_srtp_profile() twice

Fixed on HEAD for release after 1.0.2 commit 3609b02305c3678525930ff9bacb566c0122ea2a Author: John Fitzgibbon Date: Mon Aug 18 17:55:19 2014 -0400 RT2724: Remove extra declaration Extra SSL_get_selected_srtp_profile() declaration in ssl/srtp.h causes -Werror builds to fail. Reviewed-by: Tim Hu