Dear RFC-ISE and others,
We submitted the specification of "The BLAKE2 Cryptographic Hash and
MAC" as an informational RFC on February 1, 2015. The document is
currently in its third revision after various contributors have read
it and pointed out minor typographic errors in the original text.
The
#3760: [BUG] Segmentation fault from s3_svr.c ssl3_choose_cipher()
https://rt.openssl.org/Ticket/Display.html?id=3760
Is no longer exhibiting the reported behaviour.
___
openssl-bugs-mod mailing list
openssl-bugs-...@openssl.org
https://mta.openssl.org
Hey,
Nice to see this continues build. Have you guys thought about creating
one build for static code analysis (f.e. integrating cppcheck)?
Kris
On 06/13/2015 12:32 AM, Matt Caswell wrote:
On 12/06/15 18:53, Valerie Fenwick wrote:
Hi Folks -
I was wondering if there is a document anywhere
On 12/06/15 18:53, Valerie Fenwick wrote:
> Hi Folks -
>
> I was wondering if there is a document anywhere describing what type of
> testing you do before releasing a new version of OpenSSL? I'm guessing
> you don't test on every potential hardware platform, on every potential
> operating system
I have compiled and installed OpenSSL v1.0.2b, and find that the 'host'
command segfaults when looking up amazon.ca. This is with host compiled
from bind-9.9.6-P1. There is no segfault when running OpenSSL v1.0.2a with
the same 'host' binary.
This is a Linux 64-bit machine, executables and libra
On Fri, Jun 12, 2015, Bill Cox wrote:
> Here's some code in master starting at line 594 in s3_srvr.c:
>
> if (!s->s3->handshake_buffer) {
> SSLerr(SSL_F_SSL3_ACCEPT, ERR_R_INTERNAL_ERROR);
> return -1;
> }
> /
Hi Folks -
I was wondering if there is a document anywhere describing what type of testing
you do before releasing a new version of OpenSSL? I'm guessing you don't test on
every potential hardware platform, on every potential operating system that
OpenSSL is used on, but rather a subset. Is t
This ticket only applies to master
What is the intended behavior when b or blen is NULL?
all I see is that ret is set to 1 and the function continues.
These issues are both related to the above question.
First issue
When !neg and b == NULL the following operation is preformed likely
resulting i
Clarification on the forthcoming OpenSSL releases
=
To clarify, the mentioned HMAC ABI incompatibility occurred in
recently released versions 1.0.2b and 1.0.1n which are security fixes
but which may cause other problems due to the ABI issue. Therefo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL version 1.0.2c released
===
OpenSSL - The Open Source toolkit for SSL/TLS
http://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 1.0.2c of our open source
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL version 1.0.1o released
===
OpenSSL - The Open Source toolkit for SSL/TLS
http://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 1.0.1o of our open source
Forthcoming OpenSSL releases
The OpenSSL project team would like to announce the forthcoming release
of OpenSSL versions 1.0.2c, 1.0.1o.
These releases will be made available on Friday 12th June. They will
fix two specific issues: 1) an HMAC ABI incompatibility with p
On 12/06/15 12:26, Matt Caswell wrote:
>
>
> On 12/06/15 11:16, Timo Teras wrote:
> Why is separate key_init needid? Could we not use md!=NULL or
> key_length!=0 checks to see if the context is initialized?
Seems it'd be along with the line to just use key_length instead.
On 12/06/15 11:16, Timo Teras wrote:
Why is separate key_init needid? Could we not use md!=NULL or
key_length!=0 checks to see if the context is initialized?
>>>
>>> Seems it'd be along with the line to just use key_length instead.
>>>
>>> Something along the lines of:
>>
>> Your patch
On Fri, 12 Jun 2015 10:38:02 +0100
Matt Caswell wrote:
>
>
> On 12/06/15 09:49, Timo Teras wrote:
> > On Fri, 12 Jun 2015 11:27:42 +0300
> > Timo Teras wrote:
> >
> >> On Thu, 11 Jun 2015 21:09:59 -0400
> >> Dan McDonald wrote:
> >>
> >>>
> On Jun 11, 2015, at 9:07 PM, Dan McDonald
> >
On 12/06/15 09:49, Timo Teras wrote:
> On Fri, 12 Jun 2015 11:27:42 +0300
> Timo Teras wrote:
>
>> On Thu, 11 Jun 2015 21:09:59 -0400
>> Dan McDonald wrote:
>>
>>>
On Jun 11, 2015, at 9:07 PM, Dan McDonald
wrote:
typedef struct hmac_ctx_st {
const EVP_MD *md;
On 12/06/15 09:52, Tomas Mraz wrote:
> On Pá, 2015-06-12 at 11:49 +0300, Timo Teras wrote:
>> On Fri, 12 Jun 2015 11:27:42 +0300
>> Timo Teras wrote:
>>
>>> On Thu, 11 Jun 2015 21:09:59 -0400
>>> Dan McDonald wrote:
>>>
> On Jun 11, 2015, at 9:07 PM, Dan McDonald
> wrote:
>
>>
On Pá, 2015-06-12 at 11:49 +0300, Timo Teras wrote:
> On Fri, 12 Jun 2015 11:27:42 +0300
> Timo Teras wrote:
>
> > On Thu, 11 Jun 2015 21:09:59 -0400
> > Dan McDonald wrote:
> >
> > >
> > > > On Jun 11, 2015, at 9:07 PM, Dan McDonald
> > > > wrote:
> > > >
> > > > typedef struct hmac_ctx_st
On Fri, 12 Jun 2015 11:27:42 +0300
Timo Teras wrote:
> On Thu, 11 Jun 2015 21:09:59 -0400
> Dan McDonald wrote:
>
> >
> > > On Jun 11, 2015, at 9:07 PM, Dan McDonald
> > > wrote:
> > >
> > > typedef struct hmac_ctx_st {
> > > const EVP_MD *md;
> > > EVP_MD_CTX md_ctx;
> > > EVP_MD_CTX
On Thu, 11 Jun 2015 21:09:59 -0400
Dan McDonald wrote:
>
> > On Jun 11, 2015, at 9:07 PM, Dan McDonald wrote:
> >
> > typedef struct hmac_ctx_st {
> > const EVP_MD *md;
> > EVP_MD_CTX md_ctx;
> > EVP_MD_CTX i_ctx;
> > EVP_MD_CTX o_ctx;
> > unsigned int key_length;
> > unsigned char
20 matches
Mail list logo
