Hi Matt,
Thanks for the details. We are working on the upgrade part to the latest
version. Can you share if any workaround is there to overcome with older
versions?
Thanks,
Kannan Narayanasamy.
-Original Message-
From: openssl-dev [mailto:openssl-dev-boun...@openssl.org] On Behalf Of
Dear Sir/Madam,
Could you please let me know if there is any known issue as mentioned in
this bug.
BR,
Mahendar
On Mon, Jul 27, 2015 at 7:04 PM, The default queue via RT r...@openssl.org
wrote:
Greetings,
This message has been automatically generated in response to the
creation of a
On 04/08/15 05:08, Kannan Narayanasamy -X (kannanar - HCL TECHNOLOGIES
LIMITED at Cisco) wrote:
Hi Team,
Any updates plz.
Like I said, I am able to recreate the issue on Windows but as 0.9.8 is
only receiving security fixes it won't be fixed.
Please use a more up to date version of
No I don't. And since I haven't contributed to this project in the past
(rejected patch doesn't count), and don't have immediate code contribution
plans for the future - I personally couldn't care less. For my own use most
any open source license works fine.
Sent from my BlackBerry 10
How about getting a second opinion?
You want to hire us legal counsel who understands the issues? Great.
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Also, did the advice you got explicitly state 'the' CLA as opposed to other
possible licenses such as MIT, BSD, LGPL, etc.? Were any reasons provided
that you may be able to share?
(I've dealt with lawyers in the past, and this seems weird.)
Sent from my BlackBerry 10 smartphone on the
Also, did the advice you got explicitly state 'the' CLA as opposed to other
possible licenses such as MIT, BSD, LGPL, etc.? Were any reasons provided
that you may be able to share?
Nothing we wish to share at this point in time, no.
___
openssl-dev
On 04/08/15 00:37, Quanah Gibson-Mount wrote:
I also don't get why a CLA is required, overall.
It's not something I'm thrilled about either. However we have been
receiving legal advice. That advice tells us that we should be putting
in place a CLA.
Matt
How about getting a second opinion?
Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network.
Original Message
From: Matt Caswell
Sent: Tuesday, August 4, 2015 03:56
To: openssl-dev@openssl.org
Reply To: openssl-dev@openssl.org
Subject: Re: [openssl-dev] We're working on
Tryng to run Apache 2.2 using recent SSL
and got
[Wed Dec 31 16:26:58 1969] [error] Init: Unable to read server certificate from
file /var/www/SSLconf/conf/secure.nl2k.ab.ca.2015.crt
[Wed Dec 31 16:26:58 1969] [error] SSL Library Error: 218529960 error:0D0680A8:
lib(13):func(104):wrong tag
[Wed
Just compile openssl 1.0.2 daily 20150804 and got
making all in crypto/cmac...
if [ -n libcrypto.so.1.0.0 libssl.so.1.0.0 ]; then (cd ..; make
libcrypto.so.1.0.0); fi
[ -z ] || gcc -dPIC -fPIC -DOPENSSL_PIC -DZLIB_SHARED -DZLIB
-DOPENSSL_THREADS -pthread -D_THREAD_SAFE -D_REENTRANT
Trivial patch, see PR:
https://github.com/openssl/openssl/pull/361
___
openssl-bugs-mod mailing list
openssl-bugs-...@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod___
openssl-dev
--On Tuesday, August 04, 2015 2:14 PM -0400 Brian Smith
br...@briansmith.org wrote:
It is natural for a lawyer to tell you to require lots of things to
protect whatever entity is paying them. That's defense-in-depth type
advice from them. However, lawyers do cost-benefit analysis based on the
On Tue Aug 04 18:25:25 2015, m...@bogosian.net wrote:
Please let me know if you have any questions, and I'd be happy to
elaborate.
Can you attach examples of the two certificates (EE and CA) that exhibit this
problem?
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial
Hello OpenSSL Org:
We have an updated patch for RT 3869, which includes a deadlock fix when
flushing sessions.
Github link:
https://github.com/akamai/openssl/commit/6b8c80239d174e7ca55f052b86f942d70ffca29ehttps://github.com/akamai/openssl/commits/akamai-master-july2015
And attachment.
On 04/08/15 18:14, Brian Smith wrote:
Note that the proposed CLA is granting special privileges to a
particular **for-profit** US corporation. It isn't technically copyright
assignment, but is practically the same thing. If you read the agreement
carefully, it is asking every contributor to
Later versions[1] of OpenSSL will (mistakenly) complain that if subject text ==
issuer text, then the certificate is self-signed (even if it isn't).
[1] I haven't narrowed down exactly which; 0.9.8 and 1.0.0 generally don't
exhibit this problem, whereas 1.0.1 and 1.0.2 generally do.
A more
Hello OpenSSL Org:
We have an updated patch; there were issues with AES-GCM on some platforms, due
to multiply operations on immediate constant values.
Updated github patch:
https://github.com/openssl/openssl/commit/15ecb1a4dc4f75d6c33e8cd9089ca5cfc78d28dc
And attached.
True, but most people aren't contributing code. (Assuming this assumption is
correct.)
Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network.
Original Message
From: Salz, Rich
Sent: Tuesday, August 4, 2015 12:03
To: openssl-dev@openssl.org
Reply To:
On Tue, Aug 4, 2015 at 10:53 AM, Salz, Rich rs...@akamai.com wrote:
How about getting a second opinion?
You want to hire us legal counsel who understands the issues? Great.
Who is us?
It is natural for a lawyer to tell you to require lots of things to protect
whatever entity is paying
Who is us?
The openssl dev team.
It is natural for a lawyer to tell you to require lots of things to protect
whatever entity is paying them.
Well, yeah, sure. But I would hope that the bono-fides of the SFLC and Eben
Moglen aren't being called into question.
For an example of this, see
Please refer to linked PR:
https://github.com/openssl/openssl/pull/359
Without this fix an OCSP responder started as openssl ocsp -port xxx will
cause openssl s_server -status calls to hang on FreeBSD.
I'm not 100% sure this is the right overall fix... my knowledge here is
weak, but it is
Basically, I'm asking for more considerations to be added to the threat model:
Intereseting, thanks.
The OpenSSL website says[1] the OpenSSL Software Foundation (OSF) is
incorporated in the United States as a regular for-profit corporation, and
the proposed CLA[2] is an agreement between the
On 08/04/2015 04:02 PM, Brian Smith wrote:
...
The OpenSSL website says[1] the OpenSSL Software Foundation (OSF) is
incorporated in the United States as a regular for-profit corporation,
and the proposed CLA[2] is an agreement between the contributor and that
for-profit corporation.
I'm
All contemporary references you see to the OpenSSL Software Foundation
are for the new non-profit Delaware entity. As Rich has noted we do need to
change mentions of the original entity, now confined to FIPS related
activities
only.
I fixed the one I could find :)
On Tue, Aug 4, 2015 at 2:47 PM, Salz, Rich rs...@akamai.com wrote:
It is natural for a lawyer to tell you to require lots of things to
protect whatever entity is paying them.
Well, yeah, sure. But I would hope that the bono-fides of the SFLC and
Eben Moglen aren't being called into
Sorry for the delayed response, I was away for a week and was able to test the
fix today.
The fix did resolve the session ticket issue that I was encountering. However,
now I get an error when I am not using the session tickets under the following
conditions. I am continuing to investigate.
For my own use most any open source license works fine.
We are hoping most people will feel that way.
Thanks for your interest!
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Hi Steve,
I've attached three certificate collections: two that fail (where subject ==
issuer) and one that works around the problem (where subject != issuer). In my
personal testing (on OS X), OpenSSL 0.9.8zd (installed by the OS) works on all
three collections, whereas OpenSSL 1.0.2d
--strict-warnings started showing warnings for this today...
My guess is that an error should be raised if these reads fail? I don't
believe any of these are optional.
PR: https://github.com/openssl/openssl/pull/360
___
openssl-bugs-mod mailing list
30 matches
Mail list logo