Re: Still one outstanding issue sine 20140909 releases

On Thu, Sep 11, 2014 at 12:20:47PM -0600, The Doctor wrote: > ../util/shlib_wrap.sh ../apps/openssl verify -CApath ../certs/demo > ../certs/demo/*.pem > ls: error initializing month strings > ../certs/demo/ca-cert.pem: C = AU, ST = Queensland, O = CryptSoft Pty Ltd, CN > = Test CA (1024 bit) > er

Re: Still one outstanding issue sine 20140909 releases

tered during my build system work. Mike On Thu, Sep 11, 2014 at 2:20 PM, The Doctor wrote: > > Script started on Thu Sep 11 11:27:05 2014 > doctor.nl2k.ab.ca//usr/source/openssl-1.0.2-stable-SNAP-20140911$ make test > testing... > (cd ..; make DIRS=crypto all) > making all

Still one outstanding issue sine 20140909 releases

Script started on Thu Sep 11 11:27:05 2014 doctor.nl2k.ab.ca//usr/source/openssl-1.0.2-stable-SNAP-20140911$ make test testing... (cd ..; make DIRS=crypto all) making all in crypto... ar r ../libcrypto.a cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o cpt_err.o ebcdic.o uid.o o_time.o o_str.o

Adding GET support to ocsp app

The attached diff adds GET support to ocsp. I'd appreciate any feedback. -- Principal Security Engineer, Akamai Technologies IM: rs...@jabber.me Twitter: RichSalz ocsp-get.patch Description: ocsp-get.patch

Re: [openssl.org #3525] CRL tool doesn't show leading 0's in output

On Thu, Sep 11, 2014 at 09:32:26AM -0400, Salz, Rich wrote: > I think the bug is that we need to ouput a leading zero to avoid confusing > the number as negative. It's my understanding that for the encoding of the number without the leading 00 we need to go and add the 00 in front of it because w

Re: Building recent versions on Windows with VS 2013 and MASM

Lots of things got in the way since March, but I've had a chance to re-look at this issue. I had gotten as far as creating some patches but had not fully vetted them -- just this week I tried again and found that for the 9/10 snapshot generates with VS 2013 Express Edition MASM 64 bit without any

[openssl.org #2690] Use of uninitialized value $output in asm/md5-x86_64.pl line 115.

Fixed in 1.0.1: 74687f59793c34bc6b4aa5a8fcb369a144211999 Fixed in 1.0.2: 30b7d5e1d83a2f5cb862361c180f7ba1f31a20a5 Fixed in master: 4d86e8df6be69ed13abb73fd564f1f894eea0a98 Author: Andy Polyakov Date: Sat Aug 30 19:17:09 2014 +0200 md5-x86_64.pl: work around warning. Reviewed-by: Rich Salz

[openssl.org #3524] Enhancement request: OpenSSL 1.0.1.i-1 (Arch Linux) by default generates SHA-1 CSRs

Thanks for the kind words :) This is a duplicate of RT2626, which changed the default keysize to 2K and the default hash to sha-256. We fixed this in 1.0.2 and master. -- Rich Salz, OpenSSL dev team; rs...@openssl.org __ OpenSSL P

RE: [openssl.org #3525] CRL tool doesn't show leading 0's in output

I think the bug is that we need to ouput a leading zero to avoid confusing the number as negative. :��I"Ϯ��r�m (Z+�7�zZ)���1���x��hW^��^��%����&jם.+-1�ځ��j:+v���h�

[openssl.org #3528] [PATCH] ssl: SSL_MODE_ASYNC_KEY_EX

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello devs! Here is a patch that implements asynchronous RSA key operation mode for a TLS/SSL implementation in OpenSSL. Here is some technical info about it: Support async RSA exchange by providing new SSL_want_rsa_sign(), SSL_want_rsa_decrypt() AP

[openssl.org #3527] [PATCH] OpenSSL doesn't build as a DLL on Windows

Hi, We've noticed that the current master branch cannot generate a Windows DLL and fails when linking the bntest binary. I've generated a patch to address the issue. The introduction of the new coprime numbers introduced a function in a private header that doesn't get exported for dynamic

[openssl.org #3526] [Patch] Removed the dependency on the obsolete TERMIO.h for linux 32 and 64bits.

Operating System : Linux 32 and 64bits. Version of OpenSSL : 1.0.1i TERMIO is an obsolete header file that is not even in vanilla glibc anymore. The TERMIOS header file is fully backward compatible with the TERMIO struct so it is safe to use that instead. This prevents systems that dropped altog

[openssl.org #3525] CRL tool doesn't show leading 0's in output

Hi, I was looking at the following CRL: http://www.rsasecurity.com/products/keon/repository/certificate_status/RSA_Security_2048_v3.CRL Using openssl crl -in RSA_Security_2048_v3.CRL -inform der -noout -text I see things like: Serial Number: E6C1BA5399D31F8ADD15D36418DB066C Revocatio

[openssl.org #3524] Enhancement request: OpenSSL 1.0.1.i-1 (Arch Linux) by default generates SHA-1 CSRs

Hello, first and foremost, many thanks for the time and effort you guys (and girls!) put in to 'keep the internet running' - and thank you for encrypting my credit card data mostly every day (and other data every single day)! I am wondering why my version OpenSSL 1.0.1.i-1 (Arch Linux) is by defa

evp_test.c leaking sessions ?

I noticed while running evp_test I noticed in test1 that both that in EVP_EncryptInit_ex() and EVP_DecryptInit_ex() are allocating a new session. EVP_CIPHER_CTX_cleanup only frees the session used by EVP_DecryptInit_ex(). All the sessions are freed on exit. I am running with Engines so the

[PATCH] ssl: SSL_MODE_ASYNC_KEY_EX

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello devs! Here is a patch that implements asynchronous RSA key operation mode for a TLS/SSL implementation in OpenSSL. Here is some technical info about it: Support async RSA exchange by providing new SSL_want_rsa_sign(), SSL_want_rsa_decrypt() AP

RE: [openssl.org #2560] Resolved: missing NULL pointer check in ocsp_req_find_signer

My original ticket is from times 0.9.8r and 1.0.0c. Yep, situation is more better after: OpenSSL_1_0_1-stable bea9a17 RT2560: missing NULL check in ocsp_req_find_signer OpenSSL_1_0_2-stable a9d928a RT2560: missing NULL check in ocsp_req_find_signer but I think, in some sick situation the first call