Yes, the various no-options don't work well. Not a high priority for 1.0.2
unless patches are provided.
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Hi,
I'm trying to compile with as few options as I can since I only need AEAD and
thought I would use SHA256 or SHA512 and AES.
However, when I try to disable certain cryptos and hashes I get errors:
./config no-ssl no-md5 no-rsa
make depends
gives:
...
eth.c cm_pmeth.c
make[2]: Leaving dir
Fixed, thanks for the report.
Matt
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Fixed.
Thanks
Matt
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Fixed.
Thanks
Matt
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
On 12/10/15 20:40, Kurt Roeckx via RT wrote:
> On Mon, Oct 12, 2015 at 06:54:46PM +, Matt Caswell via RT wrote:
>>
>>
>> On 12/10/15 19:11, Kurt Roeckx via RT wrote:
>>> On Mon, Oct 12, 2015 at 04:19:43PM +, Matt Caswell via RT wrote:
Having done some more digging it seems the p
On Mon, Oct 12, 2015 at 06:54:46PM +, Matt Caswell via RT wrote:
>
>
> On 12/10/15 19:11, Kurt Roeckx via RT wrote:
> > On Mon, Oct 12, 2015 at 04:19:43PM +, Matt Caswell via RT wrote:
> >>
> >> Having done some more digging it seems the problem only occurs if you
> >> get the initial han
On 12/10/15 19:11, Kurt Roeckx via RT wrote:
> On Mon, Oct 12, 2015 at 04:19:43PM +, Matt Caswell via RT wrote:
>>
>> Having done some more digging it seems the problem only occurs if you
>> get the initial handshake, following by a second reneg handshake *and*
>> interleaved app data all wit
Thanks for the report. This has now been addressed in 1.0.1+, see commit
bfc19297cddd5bc2192c02c7f8896d804b0456cb.
Cheers,
Emilia
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
On Mon, Oct 12, 2015 at 04:19:43PM +, Matt Caswell via RT wrote:
>
> Having done some more digging it seems the problem only occurs if you
> get the initial handshake, following by a second reneg handshake *and*
> interleaved app data all within the scope of a *single* SSL_read call.
> AFAICT
On 12 October 2015 at 12:08, Matt Caswell via RT wrote:
> Are you using your new GOST
> engine or the one currently in master?
>
Sorry to come in in the middle, but where to get that new GOST engine, that
is not on master now?
Is it on some other branch?
___
On 12 October 2015 at 12:08, Matt Caswell via RT wrote:
> Are you using your new GOST
> engine or the one currently in master?
>
Sorry to come in in the middle, but where to get that new GOST engine, that
is not on master now?
Is it on some other branch?
Hello!
Thank you, I can't reproduce it either. Please close the ticket.
Sorry for disturbing.
On Mon, Oct 12, 2015 at 12:39 PM, Dmitry Belyavsky via RT
wrote:
> Hello Matt,
>
> On Mon, Oct 12, 2015 at 12:08 PM, Matt Caswell via RT
> wrote:
>
> > On Tue Oct 06 20:08:12 2015, beld...@gmail.com w
Hello!
Thank you, I can't reproduce it either. Please close the ticket.
Sorry for disturbing.
On Mon, Oct 12, 2015 at 12:39 PM, Dmitry Belyavsky via RT
wrote:
> Hello Matt,
>
> On Mon, Oct 12, 2015 at 12:08 PM, Matt Caswell via RT
> wrote:
>
> > On Tue Oct 06 20:08:12 2015, beld...@gmail.com w
On Tue, Oct 06, 2015 at 07:41:13pm +, Salz, Rich wrote:
> > I've opened the following PR to add support for GCC v5 and address sanitizer
> > (not sure if we want valgrind as well...):
> > https://github.com/openssl/openssl/pull/429
>
> I've started the internal review. Asan is awesome.
Ping?
> AFAICT if SSL_read returns between the first handshake and the second, you
> don't get the problem.
I think it should not matter when or what SSL_read returns. That should only
be returning application-level data to the caller. All state manipulations,
etc., should be done underneath and com
> AFAICT if SSL_read returns between the first handshake and the second, you
> don't get the problem.
I think it should not matter when or what SSL_read returns. That should only
be returning application-level data to the caller. All state manipulations,
etc., should be done underneath and com
On 12/10/15 16:39, Matt Caswell via RT wrote:
>
>
> On 12/10/15 16:03, Alessandro Ghedini via RT wrote:
>> On Mon, Oct 12, 2015 at 01:45:20PM +, Hubert Kario via RT wrote:
>>> On Friday 09 October 2015 18:05:19 Matt Caswell via RT wrote:
On 09/10/15 19:02, Hubert Kario via RT wrote:
>>
On 12/10/15 16:03, Alessandro Ghedini via RT wrote:
> On Mon, Oct 12, 2015 at 01:45:20PM +, Hubert Kario via RT wrote:
>> On Friday 09 October 2015 18:05:19 Matt Caswell via RT wrote:
>>> On 09/10/15 19:02, Hubert Kario via RT wrote:
And for good measure, I also created a test script tha
On Mon, 2015-09-28 at 11:35 +, Albe Laurenz via RT wrote:
> The RFC writes:
>
>Note: If a rehandshake occurs while data is flowing on a
> connection,
>the communicating parties may continue to send data using the old
>CipherSpec. However, once the ChangeCipherSpec has been sent,
On Mon, 2015-09-28 at 11:35 +, Albe Laurenz via RT wrote:
> The RFC writes:
>
>Note: If a rehandshake occurs while data is flowing on a
> connection,
>the communicating parties may continue to send data using the old
>CipherSpec. However, once the ChangeCipherSpec has been sent,
On Mon, Oct 12, 2015 at 01:45:20PM +, Hubert Kario via RT wrote:
> On Friday 09 October 2015 18:05:19 Matt Caswell via RT wrote:
> > On 09/10/15 19:02, Hubert Kario via RT wrote:
> > > And for good measure, I also created a test script that
> > > combines fragmentation with interleaving.
> >
>
On Friday 09 October 2015 18:05:19 Matt Caswell via RT wrote:
> On 09/10/15 19:02, Hubert Kario via RT wrote:
> > And for good measure, I also created a test script that
> > combines fragmentation with interleaving.
>
> Did you try my patch with it? And if so what happened?
I'm using interleave-d
Hello,
I've prepared a few patches to fix several minor-ish issues (I though it didn't
make much sense to submit them one by one). See GitHub pull request at:
https://github.com/openssl/openssl/pull/436
The patches are:
- Do not treat 0 return value from BIO_get_fd() as error (fixes RT#4068)
- R
Closing ticket.
Matt
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
On Tue Oct 06 19:53:30 2015, beld...@gmail.com wrote:
> Hello!
>
> I've found a difference in behaviour between openssl cmdline 1.0.2 and
> 1.1.0 versions.
> The -macopt cmdline option is not recognized, openssl dgst expects -macop
> instead.
>
Fixed. Thanks.
Matt
___
Hi Peter,
You are completely right! Windows carriage return is the real problem.
I should have done better testing before posting a ticket.
I'll use your patch until it get commited to the 1.0.2 branch.
Thank you
Christian
> Subject: Re: [openssl-dev] [openssl.org #4083] possible fix to m
Does anybody know why ovsdb-server only use the openssl api
SSL_CTX_add_client_CA to add certificate, but have no delete api to delete
certificate.
I found that if I update ca_crt.pem many times(SSL_CTX_add_client_CA add 649
certificates), the error of ovsdb-client connecting ovsdb-server will
Hello Matt,
On Mon, Oct 12, 2015 at 12:08 PM, Matt Caswell via RT
wrote:
> On Tue Oct 06 20:08:12 2015, beld...@gmail.com wrote:
> > Hello!
> >
> > I get a segfault when executing the command
> >
> > openssl dgst -engine gost -md_gost94 -mac hmac -macop
> > key:123456901234567890123456789012
> >
Hello Matt,
On Mon, Oct 12, 2015 at 12:08 PM, Matt Caswell via RT
wrote:
> On Tue Oct 06 20:08:12 2015, beld...@gmail.com wrote:
> > Hello!
> >
> > I get a segfault when executing the command
> >
> > openssl dgst -engine gost -md_gost94 -mac hmac -macop
> > key:123456901234567890123456789012
> >
On Tue Oct 06 20:08:12 2015, beld...@gmail.com wrote:
> Hello!
>
> I get a segfault when executing the command
>
> openssl dgst -engine gost -md_gost94 -mac hmac -macop
> key:123456901234567890123456789012
>
I assume this is on master? I can't reproduce this. Are you using your new GOST
engine or
31 matches
Mail list logo