Openssl Version 1.1.0 (master as of 22-DEC-15)
Mac OS X 10.11.2
Connection to my SMTP server, which has a 4096-bit RSA key, fails with:
Traceback (most recent call last):
File "tls/_openssl.py", line 359, in handshake
error: [Errno 5] 1: TLS handshake with server peer failed: error:14160098:SSL
Hello OpenSSL org:
I found the following issue via code inspection. In
tls_process_client_key_exchange(), when EC is disabled, and an error occurs in
ssl_generate_master_secret() or RAND_bytes(), the error path does not free
rsa_decrypt.
Note that rsa_decrypt is not conditionally defined by OP
In message
on Tue,
22 Dec 2015 14:41:16 +, "Salz, Rich" said:
rsalz> Consistency is more important than support for old platforms :)
Side note: I'd like it if we skipped the age slurs, especially since
we're commonly working on operating systems that come from a decade
more history than V
In message <20151222153437.192023un5jh69...@www.polarhome.com> on Tue, 22 Dec
2015 15:34:37 +0100, Zoltan Arpadffy said:
zoli> Hi,
zoli>
zoli> > zoli> May I ask you, if the new build will cover the long names issue
zoli> > (
zoli> > zoli> symhacks.h ) too?
zoli> >
zoli> > It's been pointed out
> It is not impossible to maintain a code base that uses up to 32 char long
> function names - without losing the readability of the code.
> I agree that it requires some extra focus from the developers side - but
> coding a security software needs that (and even more) focus anyway.
Yes, but symbo
Hi,
zoli> May I ask you, if the new build will cover the long names issue (
zoli> symhacks.h ) too?
It's been pointed out to me by the vms-ports folks that it should be
possible to solve using the compiler's "#pragma names shortened"
rather than maintaining symhacks... Then, it's just a matter
In message <20151222134741.72034a0b79m0z...@www.polarhome.com> on Tue, 22 Dec
2015 13:47:41 +0100, Zoltan Arpadffy said:
zoli> Hi,
zoli>
zoli> > zoli> > (unfortunately, "cpan install Text::Template" doesn't work
zoli> > because
zoli> > zoli> > there's a lack of action lines in the test: target
I don't know that I would call it a regression, but rather a difference. :)
I'll fix the summary but not the old uncommon behavior.
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
This seems like an odd result considering the BeagleBone Black
processor is closer to a NEON. This particular BBB is running a Debian
8.2 based image.
I also believe CFLAGS should include hard-floats (i.e.,
-mfloat-abi=hard). Without it, entropy estimates for some of the RAND_
functions could prod
> External cryptographic modules may store addition information to key.
> What about to define CRYPTO_EX_DATA for ec keys?
That is the plan -- we will remove EX_EX_DATA and the internal API and just use
the standard crypto_ex_data stuff. Want to make a more complete patch as a
github pull requ
Hi,
zoli> > (unfortunately, "cpan install Text::Template" doesn't work because
zoli> > there's a lack of action lines in the test: target it its Makefile,
zoli> > and mms isn't too happy about that...)
That's tough, unfortunately... I've only access to a V8.4 cluster
(Alpha and IA64), so I d
In message <20151222122349.916552ojkzhe5...@www.polarhome.com> on Tue, 22 Dec
2015 12:23:49 +0100, Zoltan Arpadffy said:
zoli> Hi,
zoli>
zoli> > zoli> I am aware that having perl installed on a modern operating
zoli> > system is
zoli> > zoli> not a very tough requirement - but experience shows
Hi,
zoli> I am aware that having perl installed on a modern operating system is
zoli> not a very tough requirement - but experience shows that external
zoli> dependencies often cause problems on OpenVMS.
For perl, it's not that hard:
http://sourceforge.net/projects/vmsperlkit/files/
(unfor
Fixed.
Kurt
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
In message <20151222111022.44086nc6688vq...@www.polarhome.com> on Tue, 22 Dec
2015 11:10:22 +0100, Zoltan Arpadffy said:
zoli> Richard,
zoli>
zoli> > My plan for "new and shiny" is based on perl, running Configure and
zoli> > have it generate a top level descrip.mms. Requirements will be a per
Richard,
My plan for "new and shiny" is based on perl, running Configure and
have it generate a top level descrip.mms. Requirements will be a perl
installation (minimum version 5.12) plus Text::Template.
Thank you for the information.
I am aware that having perl installed on a modern operati
In message <20151222101434.116043c95betf...@www.polarhome.com> on Tue, 22 Dec
2015 10:14:34 +0100, Zoltan Arpadffy said:
zoli> Thank you Richard.
zoli>
zoli> What "slowly" means? Will you be able to commit the OpenVMS build
zoli> scripts before the 1.1.0's release?
Yes. At the latest, it shou
Thank you Richard.
What "slowly" means? Will you be able to commit the OpenVMS build
scripts before the 1.1.0's release?
Do you need some help with coding, testing?
Should I try to repair the old build scripts?
Thanks,
Z
Quoting Richard Levitte :
The building scripts are not at all updat
Hello,
After remove of some global variables in export file left double
information for non existent functions.
For instance before:
X509_CERT_PAIR_it 3534
EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
X509_CERT_PAIR_it 3534
EXIST:EXPORT_VAR_AS_FUNCTION:FU
Hello,
Compilation of an application with current master branch and c89
compiler produce a lot of warnings.
Proposed patch
"0001-__STDC_VERSION__-is-not-defined-for-c89-compilers.patch" fix them.
Regards,
Roumen
>From 7d430516d69e6161eee447833518914e6b473dbd Mon Sep 17 00:00:00 2001
From: Ro
Hello,
After merge of ECDH and ECDSA and associating method to EC_KEY I would
like to request some additional functionality.
External cryptographic modules may store addition information to key.
What about to define CRYPTO_EX_DATA for ec keys?
Proposed patch "0008-extra-data-for-EC_KEY.patch"
21 matches
Mail list logo
