On Thu, Oct 16, 2014 at 02:50:58PM +0200, Bodo Moeller wrote:
> This is not quite the same discussion as in the TLS Working Group, but
> I certainly think that the claim that "new SCSV does not help with
> [the SSL 3.0 protocol issue related to CBC padding] at all" is wrong,
> and that my statement
Resolved - please see #3567 for details.
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager
This is now fixed in development branches and will be addressed in the next
release. For 0.9.8, the commits are
af32df0a8e662914f78c93736466c746f83dfe84
and
9880f63038a5b9bb8bf5becc18360378cfe7806d
We received multiple reports for this issue - thank you all who reported!
Emilia
_
I've now pushed the missing commits to stable branches as well. For 0.9.8,
they are
af32df0a8e662914f78c93736466c746f83dfe84
and
9880f63038a5b9bb8bf5becc18360378cfe7806d
Emilia
On Fri, Oct 17, 2014 at 9:30 PM, Kyle Chapman wrote:
> You can either patch e_os.h or when configuring on aix do:
> [
You can either patch e_os.h or when configuring on aix do:
[ ./Configure | ./config ]-qkeyword=inline
So as a workaround, add the -qkeyword. -qlanglvl=extc99 works as well
I use: ./config shared threads -qkeyword=inline
Until I patched e_os.h
Refer to this for the changed to e_os.h
http:/
On Thu, 16 Oct 2014 16:33:28 +0200, Frank Schmirler wrote
> I get the following segfault when trying to send an SSLv3 request to
> the reverse proxy "pound", running on openssl-1.0.1j with SSLv2/3 disabled:
>
> Program received signal SIGSEGV, Segmentation fault.
> 0xb77498fa in ssl_ctrl (b=0xb70
On https://www.openssl.org/docs/apps/ciphers.html it lists "Pre shared keying
(PSK) cipheruites"
It should say "cipher suites."
__
OpenSSL Project http://www.openssl.org
Development Mailing List
Attached patch adds:
- a recursive "ssl" include since NetWare CodeWarrior compiler doesnt
properly lookup includes when in same directory as the C file which
includes it.
--- util/pl/netware.pl.orig Tue Jul 22 21:41:23 2014
+++ util/pl/netware.pl Fri Aug 08 13:52:43 2014
@@ -212,7 +212,7 @
Hi there
when I compile openssl-1.0.1j on AIX 7.1 I the the following error:
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include
-DOPENSSL_THREADS -qthreaded -D_THREAD_SAFE -DDSO_DLFCN -DHAVE_DLFCN_H -q64 -O
-DB_ENDIAN -qmaxmem=16384 -qro -qroconst -DOPENSSL_BN_ASM_MONT -DSHA1_A
Openssl version: 0.9.8zc
Platforms/os: hpux parisc 11iv1, 11iv2 and hpux ia64 11iv3 and aix 6.1, 7.1
Aix compiler versions: aix 6.1 -- xlc 9, aix 7.1 -- xlc 11.1
Hpux compiler versions: parisc 11iv1 -- B.11.11.20, parisc 11iv2 -- C.11.23.09,
ia64 11iv3 -- C.11.31.04.2
./config shared threads
Res
Hello,
I want to disable SSLv3 for a tomcat / tcnative deployment on Windows.
Tomcat lacks the ability to disable SSLv3 while retaining TLSv1.1 and
TLSv1.2, so I'm attempting to disable SSLv3 at build time with no-ssl3.
This was successful on Linux, but not on Windows. I was able to build
Hi,
I am using below code to get domain name/server name from IP address on Mac
OS X. But SSL_get_peer_certificateis returning empty certificate for
twitter and some of the https sites.
This problem I am facing from Yesterday. After Yosemite release.
Log:
Applied to all branches, thanks!
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager maj
On 17 October 2014 04:44, Alex Weber wrote:
> Not much else to say about this. :)
Hi Alex
Please can you submit patches to "r...@openssl.org"? They automatically
get copied to this list too. That way we can track them properly.
Patches sent directly to this list will have a tendency to be
lost/f
On 17/10/14 06:15, wr...@rowe-clan.net wrote:
> How did C 'inline' become a mandatory feature, particularly as a
> security release?
It isn't - there is no change in policy here, just a known issue with
the release. "inline" is (supposed to be) used only if the compiler
supports it. See:
http://ma
15 matches
Mail list logo