RE: [openssl.org #3534] When I build openssl-1.0.1i on Solaris 10, there are some error, please help to check what is the reason. Thanks.

The error makes no sense. The compiler is complaining about the include line? Do "wc -l md2test.c" -- Principal Security Engineer, Akamai Technologies IM: rs...@jabber.me Twitter: RichSalz __ OpenSSL Proj

RE: [openssl.org #3534] When I build openssl-1.0.1i on Solaris 10, there are some error, please help to check what is the reason. Thanks.

The error makes no sense. The compiler is complaining about the include line? Do "wc -l md2test.c" -- Principal Security Engineer, Akamai Technologies IM: rs...@jabber.me Twitter: RichSalz

[openssl.org #3544] Remove MWERKS support

All sorts of pre-OSx mac support has been removed. commit 92c78463720f71e47c251ffa58493e32cd793e13 Author: Rich Salz Date: Wed Sep 24 12:18:19 2014 -0400 RT3544: Remove MWERKS support The following #ifdef tests were all removed: __MWERKS__ MAC_OS_pre_X MAC_OS_GUSI_SOURCE MAC_OS_pre_X OPENSSL_SY

[openssl.org #3534] When I build openssl-1.0.1i on Solaris 10, there are some error, please help to check what is the reason. Thanks.

Somehow your md2test.c file is corrupted. Line 1 should be "#include " and the file has 48 lines. -- Rich Salz, OpenSSL dev team; rs...@openssl.org __ OpenSSL Project http://www.openssl.org Developm

Re: [openssl.org #3067] [PATCH] premaster_constant_time

On Wed, Sep 24, 2014 at 7:52 AM, Emilia Käsper via RT wrote: > If you'd like to verify that I didn't mess up the rewrite, that'd be great! LGTM. Thanks! I'll have to steal that for BoringSSL :) Cheers AGL __ OpenSSL Project

RE: [openssl.org #3539] x509 application supports additional fingerprint digests (sha2) not shown in help.

I understand your frustration. We've fixed bugs and added some features in 1.0.2; 'git log apps' will show many entries. Yes, not everything. We're also hoping to have more frequent releases so hopefully the wait won't be as long. And once we clean up some things, my branch will get merged int

AW: [openssl.org #3539] x509 application supports additional fingerprint digests (sha2) not shown in help.

Hi, > This is fixed post-1.0.2, where the message says "any supported digest" > See https://github.com/akamai/openssl/tree/rsalz-monolith for a preview. Sorry to say something you apparently don't want to hear (for completely understandable reasons), but as much as I appreciate getti

[openssl.org #3545] [PATCH] Fix a typo: distrubution

Hi, I found a typo in OpenSSL 1.0.1i: % grep -ri 'distru' openssl-1.0.1i openssl-1.0.1i/crypto/des/COPYRIGHT:copied and put under another distrubution license openssl-1.0.1i/crypto/bf/COPYRIGHT:copied and put under another distrubution license openssl-1.0.1i/crypto/objects/obj_dat.h:{"i

[openssl.org #3544] Remove MWERKS support

Not a supported platform, per our roadmap. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager

[openssl.org #3425] Potential padding oracle in evp_enc.c

Thanks for reporting! The leak would only be meaningful if the caller is doing mac-then-encrypt and is attempting to proceed with the mac-check in constant-time following a call to EVP_DecryptInit_ex. It also doesn't affect TLS mac-then-encrypt because TLS uses a different padding scheme, and a di

[openssl.org #3067] [PATCH] premaster_constant_time

And thanks once again! This has now been backported from master commit adb46dbc6dd7347750df2468c93e8c34bcb93a4b to all other branches. Note that I rewrote the constant-time ops in the follow-up commit 455b65dfab0de51c9f67b3c909311770f2b3f801 If you'd like to verify that I didn't mess up the re

[openssl.org #3066] [PATCH] constant_time_rsa_padding

Thanks! This is now in all branches in somewhat modified form (using the common constant-time header), see commit 294d1e36c2495ff00e697c9ff622856d3114f14f __ OpenSSL Project http://www.openssl.org

Re: need help to debug SIGSEGV in ssl3_get_message

On Wed, Sep 24, 2014 at 01:13:51PM +0200, Michael Menge wrote: > Quoting Matt Caswell : > > >On 24 September 2014 10:03, Michael Menge < > >michael.me...@zdv.uni-tuebingen.de> wrote: > > > >>Hi, > >> > >>Last week i asked on openssl-user Mailinglist about an SIGSEGV > >>in Cyrus-Imapd 2.4.17 which

Re: need help to debug SIGSEGV in ssl3_get_message

Quoting Andy Polyakov : What OS/platform is this, and what version of OpenSSL? Also, run 'disass ssl3_get_message' at debugger prompt, advance to vicinity of address provided in back-trace, 0x7fe5a839334f in provided example, and send that page. I mean it's lesser point to send whole disas

Re: need help to debug SIGSEGV in ssl3_get_message

>>> What OS/platform is this, and what version of OpenSSL? >> >> Also, run 'disass ssl3_get_message' at debugger prompt, advance to >> vicinity of address provided in back-trace, 0x7fe5a839334f in >> provided example, and send that page. I mean it's lesser point to send >> whole disass output,

Re: need help to debug SIGSEGV in ssl3_get_message

Quoting Andy Polyakov : Last week i asked on openssl-user Mailinglist about an SIGSEGV in Cyrus-Imapd 2.4.17 which seems to be received in ssl3_get_message or a function called by ssl3_get_message, but received no reply. I asked on the cyrus mailinglists as well, but the develop

Re: need help to debug SIGSEGV in ssl3_get_message

Quoting Matt Caswell : On 24 September 2014 10:03, Michael Menge < michael.me...@zdv.uni-tuebingen.de> wrote: Hi, Last week i asked on openssl-user Mailinglist about an SIGSEGV in Cyrus-Imapd 2.4.17 which seems to be received in ssl3_get_message or a function called by ssl3_get_message, but r

Re: need help to debug SIGSEGV in ssl3_get_message

> Last week i asked on openssl-user Mailinglist about an SIGSEGV > in Cyrus-Imapd 2.4.17 which seems to be received in ssl3_get_message > or a function called by ssl3_get_message, but received no reply. > > I asked on the cyrus mailinglists as well, but the developer have no >

Re: need help to debug SIGSEGV in ssl3_get_message

On 24 September 2014 10:03, Michael Menge < michael.me...@zdv.uni-tuebingen.de> wrote: > Hi, > > Last week i asked on openssl-user Mailinglist about an SIGSEGV > in Cyrus-Imapd 2.4.17 which seems to be received in ssl3_get_message > or a function called by ssl3_get_message, but received no reply.

need help to debug SIGSEGV in ssl3_get_message

Hi, Last week i asked on openssl-user Mailinglist about an SIGSEGV in Cyrus-Imapd 2.4.17 which seems to be received in ssl3_get_message or a function called by ssl3_get_message, but received no reply. I asked on the cyrus mailinglists as well, but the developer have no idea what could cause this