Hi,
This can be fixed using the patch attached in
https://rt.openssl.org/Ticket/Display.html?id=3464
See also
https://github.com/PeterMosmans/openssl/commit/68ab9b308e173072e5015063be7e194bec1f311f
Cheers,
Peter Mosmans
On 29-06-2016 01:21, Matt Caswell via RT wrote:
>
> On 28/06/16 16:18,
Hi,
This can be fixed using the patch attached in
https://rt.openssl.org/Ticket/Display.html?id=3464
See also
https://github.com/PeterMosmans/openssl/commit/68ab9b308e173072e5015063be7e194bec1f311f
Cheers,
Peter Mosmans
On 29-06-2016 01:21, Matt Caswell via RT wrote:
>
> On 28/06/16 16:18,
The attached adds Git repo information if its available.
In the "things work as expected" case, the repo information is
available. It will be submitted with bug reports when configuration
information is provided.
In the "its not a repo" case, then the call to system fails and
nothing is printed.
On 06/28/2016 11:18 PM, Kurt Roeckx via RT wrote:
> On Mon, Jun 27, 2016 at 08:50:43PM +, Thomas Waldmann via RT wrote:
>> I didn't ask where to get the missing code from, I asked whether you
>> maybe want to make life simpler for people by adding this to 1.0.x
>> rather than having a thousand
On Mon, Jun 27, 2016 at 08:50:43PM +, Thomas Waldmann via RT wrote:
> I didn't ask where to get the missing code from, I asked whether you
> maybe want to make life simpler for people by adding this to 1.0.x
> rather than having a thousand software developers copy and pasting it
> into their
:sigh: I forgot the attachment with my test vectors. Here it is.
On Tue, Jun 28, 2016 at 10:43 AM, Brian Smith wrote:
> When doing math on short Weierstrass curves like P-256, we have to
> special case points at infinity. In Jacobian coordinates (X, Y, Z),
> points at
When doing math on short Weierstrass curves like P-256, we have to
special case points at infinity. In Jacobian coordinates (X, Y, Z),
points at infinity have Z == 0. However, instead of checking for Z ==
0, p256-x86-64 instead checks for (X, Y) == (0, 0). In other words, it
does, in some sense,
> and you will not accept pull requests that do that?
So far, the team is not interested in doing that. Features are not added to
stable branches. But, for myself, I would like to see something like a GitHub
repo that built on top of 1.0.2 and made the 1.1 API's available. I think that
for
On Monday 27 June 2016 20:57:50 Salz, Rich via RT wrote:
> > But obviously I was expecting too much...
>
> Sorry you're not pleased. Not sure what to say -- you get what you pay for?
and you will not accept pull requests that do that?
> Maybe someone will come up with a "openssl-102-compat"
from RT#2777
On Monday 27 June 2016 20:43:07 Rich Salz via RT wrote:
> please open a new ticket if this is still an issue with current (at least
> 1.0.2, ideally master) sources.
Current 1.0.2 still doesn't handle ClientHello.client_version set to 0x00,0x00
correctly in a 0x03, 0x00 record
> Also, under the x86 no problem.Now how to solve this problem?
The same way you debug any C problem. Start by running it under the debugger?
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4587
Please log in as guest with password guest if prompted
--
openssl-dev
> Also, under the x86 no problem.Now how to solve this problem?
The same way you debug any C problem. Start by running it under the debugger?
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Matt,
>It would be interesting to try this on OpenSSL 1.1.0.
>I have a suspicion this issue is fixed there.
I hope so.
I cannot find a OpenSSL 1.1.0 compiled version anywhere to try.
I'm not that good to compile it myself.
I'll try to contact slproweb.com guys, hopefully they can help.
Thanks
Dear OpenSSL,
As you may be aware, NIST recently approved two Format Preserving
Encryption (FPE) methods - FF1 and FF3.
See:
http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38G.pdf
The field of tokenization and fixed format encryption (FFX) has taken off
due to PCI compliance.
>Will you be releasing 1.0.2i soon to address this issue?
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2177
Please see
https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/
Short answer: this is a LOW issue, and does not justify a release by itself.
--
On 28/06/16 16:18, Oleg Kukartsev via RT wrote:
> Guys,
> There is an issue with openssl s_client described here:
> http://stackoverflow.com/questions/25760596/how-to-terminate-openssl-s-client-after-connection
> Basically, it prevents openssl s_client automation on windows platform.
>
> And a
Guys,
There is an issue with openssl s_client described here:
http://stackoverflow.com/questions/25760596/how-to-terminate-openssl-s-client-after-connection
Basically, it prevents openssl s_client automation on windows platform.
And a similar question here:
Hello,
Will you be releasing 1.0.2i soon to address this issue?
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2177
openssl -- openssl
OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer
boundary checks, which might allow remote attackers to cause a denial of
In message <5772803f.3060...@openssl.org> on Tue, 28 Jun 2016 14:48:47 +0100,
Matt Caswell said:
matt>
matt>
matt> On 28/06/16 14:41, Richard Levitte wrote:
matt> > Practically speaking, it depends. Provided we're talking about shared
matt> > libraries, it's a definite "no"
On 28/06/16 14:41, Richard Levitte wrote:
> In message
>
> on Tue, 28 Jun 2016 12:38:20 +, Catalin Vasile
> said:
>
> cata.vasile> Hi,
> cata.vasile>
> cata.vasile> Is there a way to
On Tuesday 28 June 2016 14:35:52 Andy Polyakov wrote:
> >>> But when I've tested it on AArch64 with openssl-1.1.0-pre5 and
> >>> current master (./configure no-shared no-engine) I'm getting
> >>> 100524.03k vs 52172.12k/s in favour of the non-EVP version.
> >>>
> >>> Is that really expected?
> >>
In message
on Tue, 28 Jun 2016 12:38:20 +, Catalin Vasile said:
cata.vasile> Hi,
cata.vasile>
cata.vasile> Is there a way to use global non-API functions or variables in
user apps?
Hi,
Is there a way to use global non-API functions or variables in user apps?
For example: Is there a way to use OpenSSL_armcap_P in your user apps? I tried
declaring it as "extern" variable, but at linking the linker says it cannot
find the symbol.
Cata
--
openssl-dev mailing list
To
>>> But when I've tested it on AArch64 with openssl-1.1.0-pre5 and
>>> current master (./configure no-shared no-engine) I'm getting
>>> 100524.03k vs 52172.12k/s in favour of the non-EVP version.
>>>
>>> Is that really expected?
>>
>> Depends on your system. Not all AArch64 processors were born
On Monday 27 June 2016 17:20:39 Andy Polyakov wrote:
> >> Is there an option when making an app that uses OpenSSL to verify
> >> that is uses Crypto Extensions (like checking a flag or something
> >> like that) ?
> >
> > With x86_64, ciphers like aes-128-cbc are much faster with AES-NI,
> > so a
>> I want something more programmatic, more general. I want to deliver
>> a piece of software that will run on ARM architectures and will
>> issue a warning or something like that if the user does not have an
>> OpenSSL library set to work with ARM Crypto Extension.
>
> What does "set to work"
26 matches
Mail list logo