[openssl-dev] [openssl.org #4506] Add SSL_CTX_get_ciphers() [GitHub PR #957]

Resolving, this has been merged. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4506 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #4433] Memory leak in X509_REQ_to_X509

X509_REQ_to_X509 returns a newly allocated X509 structure. If you believe that it leaks somewhere else, then please reopen this ticket with fully self-contained code, and a trace (e.g., from valgrind) showing where the leak happens. Emilia -- Ticket here:

[openssl-dev] [openssl.org #4529] Output of -hash option incompatible 64-bit Linux vs 32-bit Linux

On Mon May 02 19:00:03 2016, john.with...@irs.gov wrote: > > I successfully built and deployed to a 64-bit RHEL 5.11 server (using > a local installation path) and was able to configure the issuer > certificate cache for my applications. I built a separate package for > 32-bit RHEL 5.11 (again,

[openssl-dev] [openssl.org #4529] Output of -hash option incompatible 64-bit Linux vs 32-bit Linux

To whom it may concern, I have built OpenSSL 1.0.1s for 64-bit and 32-bit version of RHEL5.11. The reasons for this are long and involve my employer, so I would detail them in this message. I successfully built and deployed to a 64-bit RHEL 5.11 server (using a local installation path) and

Re: [openssl-dev] [openssl-users] Storing session in file and reusing at client side

Thanks Viktor. > > Client-side sessions can be serialized via i2d_SSL_SESSION and the > resulting binary data can be stored in a file for reuse by a client > via d2i_SSL_SESSION() followed by SSL_set_session() (which copies > the session, so you can free the session obtained via d2i at that >

[openssl-dev] [openssl.org #4528] Bugfix for linux-armv4 build

commit fbaf30d087a2db2b4e22279e819d481fca21ac5c Author: Andy Polyakov Date: Mon May 2 15:20:41 2016 +0200 ssl/record/rec_layer_s3.c: fix typo from previous commit. Reviewed-by: Richard Levitte -- Ticket here:

Re: [openssl-dev] [openssl.org #4528] Bugfix for linux-armv4 build

On 05/02/2016 10:56 AM, Florent Gluck via RT wrote: > Hi, > > When compiling for linux-armv4 there is a bug in the master branch, > version d244dd559d0e6e594e4a0f911e49509e8a7b158b, there is a missing > backslash in ssl/record/rec_layer_s3.c. > Already fixed in commit

[openssl-dev] [openssl.org #4528] Bugfix for linux-armv4 build

Hi, When compiling for linux-armv4 there is a bug in the master branch, version d244dd559d0e6e594e4a0f911e49509e8a7b158b, there is a missing backslash in ssl/record/rec_layer_s3.c. Here is patch for the fix: --- ssl/record/rec_layer_s3.c.ori 2016-05-02 14:32:28.913137297 +0200 +++

Re: [openssl-dev] Storing session in file and reusing at client side

On Mon, May 02, 2016 at 12:23:25PM +0530, Shubham Chauhan wrote: > I wanted to store the freshly negotiated ssl/tls session in a file and > reuse it (via SSL_set_session()), in the next handshake. I was not able to > do that since the handshake got terminated giving a fatal error - illegal >

[openssl-dev] [openssl.org #4527] Bug in d2i_PrivateKey (openssl-1.1.0-pre5)

There is a bug in the implementation of d2i_PrivateKey in crypto/asn1/d2i_pr.c. If the function is called with *a != NULL and returns NULL, the value of *a is not changed, but the EVP_PKEY it refers to might have been freed or not depending on whether line 100 was reached or not. If the caller

Re: [openssl-dev] Are you using "TLS proxy certificates"?

Thank you, yes, I mean that. -- Senior Architect, Akamai Technologies IM: richs...@jabber.at Twitter: RichSalz -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #4526] bug: use of ExitProcess on Windows platforms, 1.0.2g

Hi, I'm working in the 1.0.2g version of OpenSSL, in a Windows desktop environment, specifically Win 7, 8.1, and 10 (and their equivalent server and R2 versions). Problem and Resolution: The following lines of code make use of the Microsoft API ExitProcess: Apps\Speed.c line 335:

[openssl-dev] [openssl.org #4525] [PATCH] SRP client key computation (PR #1017)

Hello openSSL devs, I have found an issue in the computation of the SRP session key on the client side. When computing *K = (B − kg^x**)^(a+ux) mod N*, the computations in the exponent should not be mod N. Meaning that *(a+ux)* should not go through *mod N* . It rarely happens that *(a+ux) > N

Re: [openssl-dev] Are you using "TLS proxy certificates"?

Hi Rich, On 27/04/16 18:45, Salz, Rich wrote: If so, please let us know. Replies to me will be summarized for the lists. what exactly do you mean by 'TLS proxy certificates' ? if you mean RFC3820 (5280) proxy certificates, then yes, we use them extensively within grid computing.

[openssl-dev] Storing session in file and reusing at client side

Hello, I wanted to store the freshly negotiated ssl/tls session in a file and reuse it (via SSL_set_session()), in the next handshake. I was not able to do that since the handshake got terminated giving a fatal error - illegal parameters (47). Although this works perfectly fine when I store the