Re: [openssl.org #82] `NID_uniqueIdentifier' undeclared (first use in this function)

, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus __ OpenSSL Project

[openssl.org #95] SSL_CTX_set_client_cert_cb error ?

The manual page about SSL_CTX_set_client_cert_cb was simply wrong. What in hell did I smoke when writing it? Or was it simply too late at night?? Anyway, I have just checked in a new version: If a certificate was already set, the client_cert_cb will never be called. Once it is called and

[openssl.org #82] `NID_uniqueIdentifier' undeclared (first use in this function)

As already pointed out in additional emails in openssl-dev: * the change will stay in place, thus NID_x500UniqueIdentifier will be the macro to use starting with OpenSSL 0.9.7 * I have not activated the original meaning of uniqueIdentifier and it will not be done before 0.9.8 in order to

[openssl.org #92] Prototypes SSL_write() SSL_read() problem in openssl/ssl.h for 64-bit applications

[[EMAIL PROTECTED] - Tue Jun 11 09:11:38 2002]: I believe that this last parameter needs to be of type size_t. The problem is not solved by changing the calls to SSL_read() and SSL_write(). These functions call internal functions which again call other internal functions and so on. All of

[openssl.org #73] make failing under MAC OS X (darwin)

[[EMAIL PROTECTED] - Tue Jun 4 19:09:40 2002]: cc -o openssl -DMONOLITH -I../include -fPIC -DTHREADS -D_REENTRANT -O3 -D_DARWIN -DB_ENDIAN openssl.o verify.o asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o errstr.o ca.o pkcs7.o crl2p7.o crl.o rsa.o rsautl.o dsa.o dsaparam.o

[openssl.org #88] Encrypted alert 25.

Sorry, my explanation went into the wrong bucket :-( Here again: I have tried to access the host (and the specific URL) mentioned with the openssl s_client command line tool. I could not see anything strange. After the data (how useful is it?) is transferred, the client sends a close notify

[ftm@uk2.net: Updating OpenSSL on RedHat 7.3]

the new one over the current one? Ome more thing... Will the openSSL.tar.gz file install its components in the same place that RedHat 7.3 installed by default? Thanks for your time... Best, FTM - End forwarded message - -- Lutz Jaenicke [EMAIL PROTECTED

Re: Various patches for 0.9.6d and 0.9.7-beta1

10.20, so I am not familiar with the latest 64bit issues). It however seems, that nowhere any 64bit command line option is used. Doesn't this mean, that 32bit code is generated? For hpux64-parisc-cc the +DD64 flag is required. Best regards, Lutz -- Lutz Jaenicke

Re: Various patches for 0.9.6d and 0.9.7-beta1

out itself? Please have a look into config and search for GCC_ARCH to see what I mean. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044

Re: Various patches for 0.9.6d and 0.9.7-beta1

of days. In GCC 3.1 gcc --version doesn't work the same way so I will looking at gcc -v | egrep ^gcc version to do the same job. Please load down a current snapshot. GCC-3.1 support for --version should be added. Best regards, Lutz -- Lutz Jaenicke [EMAIL

Re: [openssl.org #80] [Lutz.Jaenicke@aet.TU-Cottbus.DE: Re: Naina announce (was: [ANNOUNCE] OpenSSL 0.9.1 beta 1 released)]

. * I am afraid to break things beyond NID_uniqueIdentifier in 0.9.7. (Due to the alias for CCITT nothing should happen, though). Opinions? Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine

Re: Various patches for 0.9.6d and 0.9.7-beta1

-- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus __ OpenSSL Project

[openssl.org #90] Empty fragments sent to prevent CBC known IV attack breaks compatibility

The change introduced in OpenSSL 0.9.6d to prevent attacks on CBC ciphers with known IVs seems to break compatibility. Several discussions on the list and discussions I had in private email indicate, that compatibility problems arise from this change. It should be discussed, whether there is

Re: openssl-0.9.7-beta1 Win32 build error

this time. Also, ran ms\test.bat and it passed all the tests. Is this the right fix though ? Yes, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus

[openssl.org #83] Pseudonym

Thanks, the new OID has been added for 0.9.7 and later. Best regards, Lutz __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED]

[openssl.org #82] `NID_uniqueIdentifier' undeclared (first use in this function)

[[EMAIL PROTECTED] - Thu Jun 6 08:55:05 2002]: On Wed, Jun 05, 2002 at 03:10:58PM +0200, Lutz Jaenicke via RT wrote: [[EMAIL PROTECTED] - Wed Jun 5 14:48:52 2002]: ck_ssl.c: In function k_tn_tls_negotiate': ck_ssl.c:3232: ID_uniqueIdentifier' undeclared (first use

Re: [openssl.org #82] `NID_uniqueIdentifier' undeclared (first use in this function)

On Thu, Jun 06, 2002 at 11:27:11AM +0300, Mike Pechkin wrote: On Thu, Jun 06, 2002 at 09:46:28AM +0200, Lutz Jaenicke via RT wrote: For instance, mod_ssl 2.8.8-1.3.24 use workaround: #ifndef NID_uniqueIdentifier #define NID_uniqueIdentifier 102 #endif I don't like

Re: cvs commit: openssl/test Makefile.ssl

On Wed, Jun 05, 2002 at 03:15:18PM +0200, Lutz Jaenicke wrote: On Wed, Jun 05, 2002 at 02:47:24PM +0200, Bodo Moeller wrote: On Wed, Jun 05, 2002 at 09:01:53AM +0200, [EMAIL PROTECTED] wrote: Log: The correct PERL interpreter is passed via commandline. RCS file: /e/openssl

Re: [openssl.org #82] `NID_uniqueIdentifier' undeclared (first use in this function)

On Thu, Jun 06, 2002 at 12:39:50PM +0300, Mike Pechkin wrote: On Thu, Jun 06, 2002 at 09:46:28AM +0200, Lutz Jaenicke via RT wrote: Also, markus@ created this temp patch: +@@ -102,6 +104,13 @@ + !ERROR This module requires OpenSSL 0.9.5a or higher + #endif

Re: cvs commit: openssl/test Makefile.ssl

On Thu, Jun 06, 2002 at 11:29:13AM +0200, Richard Levitte - VMS Whacker wrote: In message [EMAIL PROTECTED] on Thu, 6 Jun 2002 11:17:18 +0200, Lutz Jaenicke [EMAIL PROTECTED] said: Lutz.Jaenicke The correct solution would therefore be, to pass all Lutz.Jaenicke options back from withing

Re: cpp0 cannot allocate ...

to gcc-2.95.x. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus

[ANNOUNCE] OpenSSL 0.9.7 beta 1 released

On Sun, Jun 02, 2002, Lutz Jaenicke wrote: The first beta release of OpenSSL 0.9.7 is now available from the OpenSSL FTP site URL: ftp://ftp.openssl.org/source/. Quite a lot of code changed between the 0.9.6 release and the 0.9.7 release, so a series of 3 or 4 beta releases is planned before

Re: [openssl.org #69] Incorrect use of strsep in crypto/evp/evp_test.c

also be correct, thus sstrsep() should be used. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus

[ANNOUNCE] OpenSSL 0.9.1 beta 1 released

/TLS: add draft AES ciphersuites (disabled unless explicitly requested). -- Lutz Jaenicke [EMAIL PROTECTED] OpenSSL Project http://www.openssl.org/~jaenicke/ __ OpenSSL Project http

Re: Prime number returns NULL ( BN_generate_prime)

into it, all key-generation routines require random numbers. Did you seed the PRNG? -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus

Re: cvs commit: openssl/util pod2man.pl

pod2man.pl in case the system does not have however seems to be reasonable for me. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus

Re: openssl-0.9.6c - doc/apps/smime.pod typo

On Mon, May 27, 2002 at 09:41:49PM +, [EMAIL PROTECTED] wrote: The documentation file doc/apps/smime.pod contains the '-in file' option twice in the SYNOPSIS section. ... Thanks, fixed. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http

[openssl.org #54] Compilation error m68k-next-openstep4

Obviously in enginetest.c the strdup() - BUF_strdup() migration was forgotten. I'll assign this to Richard, who takes care of the 0.9.6-engine branch. Best regards, Lutz __ OpenSSL Project

[openssl.org #53] RE: Certificate

You may want to look into the details of the certificate and make sure, that the required trust settings are activated. It is not enough to simply have the certificate, but you also have to trust it. If this doesn't help, please ask this question on the openssl-users list. Best regards,

Re: your mail

with respect to our license :-) Hope this helps, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus

Re: Security evaluation

for this question. I don't know a better forum than that. I am not aware of a formal security evaluation that has been proformed in the past. At least I have not seen any results of one. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU

[openssl.org #45] make test failed

Thanks, ticket closed, Lutz __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager

[openssl.org #40] util/cygwin.sh has wrong permissions

Thanks, I have fixed it in the repository. Best regards, Lutz __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List

Semi-Official Announcement: RT2 for OpenSSL

comfortable with computer and internet resources. As the system is not yet fully operational, I consider it good enough to send a semi-offical announcement for now. The system will have its test during the upcoming 0.9.7 beta phase :-) Best regards, Lutz -- Lutz Jaenicke

[openssl.org #38] doc bug in doc/apps/x509.pod

Thanks, I have fixed the problem. I have found the missing =over 4 directly before the =back. Best regards, Lutz __ OpenSSL Project http://www.openssl.org Development Mailing List

Re: [openssl.org #36] ...

Correspondence so that new entries are no longer forwarded to the list. Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus

[openssl.org #37] Server-Client (SSL nonSSL)

[[EMAIL PROTECTED] - Wed May 15 13:25:14 2002]: Hi! i use Your project in my Client-Server project. For example, my Server calls BIO functions to use opened socket for handshaking , after that init_ssl_connection and everything works fine. But what will happen if i'll try to use client

Re: [openssl.org #32] [ ]

On Tue, May 14, 2002 at 12:42:33PM +0200, [EMAIL PROTECTED] via RT wrote: [SPAM deleted] Additional Anit-SPAM measures have been applied. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus

Re: Announce: Time Stamp Protocol (RFC 3161) patch

the patch for openssl-engine-0.9.6d, installation instructions and manual at this URL: http://glozik-zoltan.int.eu.org/tsa/ Added to the list of applications. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU

Re: For 0.9.6d a is missing from the shlib/svr5-shared-gcc.sh FLAGS line

, that the -DFILIO_H should be removed from the sco5-gcc-shared entry in Configure. In this shared library build script, you however do leave it in. Shouldn't it also be removed here? Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU

[openssl.org #26] 64 bit Suse Linux on PowerPC

Thanks. I have added a corresponding entry into config. Please check out a new snapshot for correct behaviour. Best regards, Lutz __ OpenSSL Project http://www.openssl.org Development

Re: SSL_shutdown.3 makewhatis failure under IRIX

that come with OpenSSL are in POD format. Only during installation, they are converted to manual pages using the util/pod2man.pl script. Did you install OpenSSL from source? (In which case we would have to check pod2man for problems...) Best regards, Lutz -- Lutz Jaenicke

[openssl.org #29] -Wl,-Bsymbolic in 0.9.6d broke shared builds

[[EMAIL PROTECTED] - Sun May 12 22:48:56 2002]: JFYI, when updating our package from 0.9.6c to 0.9.6d I've noticed that the new shared libcrypto library doesn't work anymore. The openssl(1) binary wouldn't recognize any of the block ciphers. I tracked this down to the addition of

[openssl.org #26] 64 bit Suse Linux on PowerPC

[[EMAIL PROTECTED] - Thu May 9 22:13:32 2002]: I am trying to compile on a 64 bit Suse sles7 powerpc system. the error message indicates -m486 is an invalid compiler parameter. Anyone know the parameters I need to give ./config to get it to work for 64 bit Suse on a powerpc

[openssl.org #18] missing semicolon in Makefile.org

I have added the missing ; for 0.9.7-dev and -dev. We had no reports for 0.9.6d-beta1, even though the problem seems to be in it, too. I however don't want to break that version just minutes before it is released. Best regards, Lutz

Re: cvs commit: openssl Makefile.org

regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus __ OpenSSL Project

Re: Cannot compile open openssl-0.9.6d-beta1

On Sat, May 04, 2002 at 12:37:33AM +0200, Axel H. Siebenwirth wrote: On Fri, 03 May 2002, Lutz Jaenicke wrote: This definitely is a problem with your build tools. You seem to be using gnu-ld (from binutils!?) and it is failing. GNU ld 2.11.90.0.29 Copyright 2001 Free Software Foundation

Re: OpenVPN and OpenSSL 0.9.7 was: Re: Integration of AES algorith to OpenSSL Crypto library

a statement. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus

Re: Cannot compile open openssl-0.9.6d-beta1

gnu-ld (from binutils!?) and it is failing. If it?s really gcc 3.1 that?s causing the problem, can someone tell me if it might work with 3.0.x? We did not have reports about failures using gcc-3.0.x. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http

[openssl.org #16] openssl-engine-0.9.6d-beta1 crypto/Makefile.ssl patch

[[EMAIL PROTECTED] - Wed May 1 12:20:35 2002]: ! echo #define DATE \`date`\; \ ! echo #define DATE \`LC_TIME=C date`\; \ Is anybody aware of a platform on which this would cause trouble? Best regards, Lutz

Re: Integration of AES algorith to OpenSSL Crypto library

0.9.7 version of OpenSSL. AES is integrated into it. Just do it the same way we did it. Hmm, or even just stop wasting your time, because it is already in there :-) Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU

Re: Integration of AES algorith to OpenSSL Crypto library

might be missing when integrating a new cipher. -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus

Re: Adding cipher code

, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus __ OpenSSL Project

Re: strangeness in `x509 -noout -text` output

[3] == '=')) - ))) || + ))*/) || (*s == '\0')) #else if (((*s == '/') Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE

Re: strangeness in `x509 -noout -text` output

. This is far more difficult for applications externally calling OpenSSL's command line tools... Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044

Re: 64 bit support

-- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus __ OpenSSL Project

Re: 64 bit support

are aware that there are problems with BIGNUM on 64bit. What do we need: detailed information on platform, compiler, etc. What do we need more: somebody having this platform being willing to spend time in tracking the problem down!!! Best regards, Lutz -- Lutz Jaenicke

Re: test fails on SGI Irix 6.5 with openssl-0.9.6d-beta1

-mips3-cc :-) Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus

Re: PKCS #12

it to be compatible with an OpenSSL generated PKCS#12 file. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus

Re: PKCS #12

is used for the Friendly Name. It is the name that is e.g. used in Netscape when it comes to list certificates. -name Lutz Jaenicke (My CA) Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine

Re: Missing define in err.h

, as the macro is not used anywhere in OpenSSL. As it is part of the public interface, I will fix the macro and not just simply remove it :-) Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine

Re: SSL_CTX_set_cipher_list

ssl_digest_methods() via load_ciphers(). ssl_create_cipher_list() is called from SSL_CTX_new() (in 0.9.7 and I would suspect in older versions, too), so that I don't see why it should make a difference with respect to dll setup... Best regards, Lutz -- Lutz Jaenicke [EMAIL

Re: PRNG support on Solaris for openssl-0.9.6d

(at least from the development point of view), we won't make any modification to 0.9.6d any longer, except for vital bugfixes as long as beta is open. All of our efforts will now go into getting 0.9.7 out of the door. Best regards, Lutz -- Lutz Jaenicke [EMAIL

Re: New cipher suite

a look into the EVP layer and how to add your new cipher to the lists (follow OpenSSL_add_all_algorithms()). Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik

Re: [RFA] New script util/cygwin.sh

. It's definitely not a must have but I thought it would be helpful for others to reproduce a Cygwin release version... Thanks, added to 0.9.6d, 0.9.7, and -dev. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke

Re: Revised DOS patch for openssl-0.9.7

updated in a while. Thanks for the reminder. I am now at 1.3.10. Does it work now without your patches? Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044

[bs@bsws.zid.tuwien.ac.at: openssl-0.9.6d-beta1 on AIX 3.2.5 und ULTRIX V4.5]

message - Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus

Re: problem with openssl-0.9.5 on AIX3.2

at least version 0.9.6 of openssl, please give the new versions a try. We have just released 0.9.6d beta1. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik

Re: EVP incompatibility from 0.9.6 to 0.9.7

to revert to the old behavior. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus

Re: Small patch to 0.9.6c crypto/objects/obj_dat.c

but better send it as attachement. In your mail the TAB was transfored to SPACEs, so that the patch utility could not apply it. -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D

Re: openssl 0.9.7 and debug

support for this kind of platform is needed. Thanks, fixed. The debug-linux-pentium was missing (-pentiumpro and -k6 where there). Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine

Re: Stratus OpenSSL diffs and test results.

my advice. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus

Announcement of OpenSSL 0.9.6d and 0.9.7 Release Plan and Schedule

Announcement of OpenSSL 0.9.6d and 0.9.7 Release Plan and Schedule == The OpenSSL developers team is pleased to announce the upcoming release of OpenSSL 0.9.7. OpenSSL 0.9.7 contains several changes and enhancements in many fields;

Re: Virus/Faked email addresses

regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus __ OpenSSL Project

Re: Wrong DNs

this means :-) Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus

Re: OpenSSL/Java JSSE Handshake problem...

provides better mechanisms for moving to newer versions. The option to support the SSLv2 client hello is part of the SSLv23_method(). The TLSv1_method() is pure TLSv1, no SSLv2 client hello. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU

Virus/Faked email addresses

by virii :-) Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus

Re: Virus/Faked email addresses

a statement about the situation. I am not really easy to affect either, since I use a crappy graphical mail client under Linux; nonetheless, I understand quite a few people on this list may use OE or similar. I am afraid that this statement is quite correct :-( Lutz -- Lutz Jaenicke

Re: Problem with mail and RFC 1700

IDENTIFIER ::= { mime-mhs-headings 2 } mime-mhs-bodies OBJECT IDENTIFIER ::= { mime-mhs 2 } END I come to the conclusion that I prefer to leave mail for use in the internet 7 class. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http

Re: Problem with mail and RFC 1700

On Mon, Apr 15, 2002 at 02:26:06PM +0200, Michael Bell wrote: Lutz Jaenicke schrieb: I come to the conclusion that I prefer to leave mail for use in the internet 7 class. I have no problem with this but what do you want to with the short name for an RFC822mailbox? Do you want to ignore

Re: Problem with mail and RFC 1700

On Mon, Apr 15, 2002 at 02:51:49PM +0200, Michael Bell wrote: Lutz Jaenicke schrieb: Please ignore my ignorance, but I just had a second look into RFC1274 and I could not find any reference about mail being a short name for rfc822Mailbox. See: RFC 2798 -- 9.1.3 -- 4th attribute Ok

Re: Futher debug of possible race condition in 0.9.6b/c

the old connection is not yet considered closed... Anyway we would need the output and error messages from the LDAP server. The ssldump output indicates that a new connection is attempted all the time, so that there should be no problem with session resumption. Best regards, Lutz -- Lutz

Re: Fwd: [BUG suggested PATCH] EVP_DecodeUpdate 0.9.6b 0.9.6c

on openssl-users but got no response at all - either confirming on denying... Your posting is still in my incoming queue. Obviously my team mates normally dealing with EVP issues are currently too busy to take care of it. But it won't be forgotten :-) Lutz -- Lutz Jaenicke

Re: bug in ssl code

not point out in which version the problem occurs. Does it still occur with recent snapshots? Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044

Re: Session cache / non-block membuf impl.

. To avoid this problem, we now set s-new_session to 2 instead of using a local variable. [Lutz Jaenicke, Bodo Moeller] Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine

Re: X509_vfy.c function int check_issued() BUG..

at least one of these properties different. To be fair: I don't have the time to look around for it, but I would expect that in some RFC this would also be listed as a requirement :-) Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU

Re: wrong defines SN_xyz

On Wed, Apr 10, 2002 at 12:36:33PM +0200, Michael Bell wrote: Lutz Jaenicke schrieb: On Tue, Apr 02, 2002 at 10:07:27PM +0200, Lutz Jaenicke wrote: On Tue, Apr 02, 2002 at 09:25:00AM +0200, Michael Bell wrote: after I found the wrong definitions of SN_surname and SN_serialNumber I

Re: wrong defines SN_xyz

On Wed, Apr 10, 2002 at 01:13:05PM +0200, Michael Bell wrote: Lutz Jaenicke schrieb: Doen't sound bad. I would say internetMail would fit better into the usual naming scheme... I would prefer it too. Hmm. Just had another look into RFC1700... Even though it is not yet used

Re: VxWorks and OPEN SSL questions -

, but discussions you send should be covered by the right on free speech. If you are going to send patches to be included, it should however be copied through to your government. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen

Re: OpenSSL/Java JSSE Handshake problem...

: 26747:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:290: That would fit the underlined statement above. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus

Re: openssl-0.9.6c through openssl-0.9.5 fail if $PERL is defined not as the binary perl

environment variable in the way OpenSSL does it is a comletely normal technique. There exist ideas to move to autoconf one fine day and integrating a suitable check for perl might be part of the move, but I think we should leave things as they are right now. Best regards, Lutz -- Lutz

Re: OpenSSL/Java JSSE Handshake problem...

as mentioned. Late versions of OpenSSL provide the SSL_OP_TLS_ROLLBACK_BUG that allows the server to ignore this protocol violation. It is however not enabled by default. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen

Re: wrong defines SN_xyz

On Tue, Apr 02, 2002 at 10:07:27PM +0200, Lutz Jaenicke wrote: On Tue, Apr 02, 2002 at 09:25:00AM +0200, Michael Bell wrote: after I found the wrong definitions of SN_surname and SN_serialNumber I looked around and find the next problems in crypto/objects/ : SN_title

Re: [PATCH] Undefined identifiers in objects.txt

... I am not sure about these ones. Bodo Moeller overviewed these changes, based on changes submitted by Nils Larsch. I have copied them through on this email to receive their comments. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU

Re: OpenSSL/Java JSSE Handshake problem...

-- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus __ OpenSSL Project

Re: cvs commit: openssl/crypto/objects obj_dat.h obj_mac.hobjects.txt

this to be a bug) is small compared to the impact of the incompatibility. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus

Re: cvs commit: openssl/crypto/objects obj_dat.h obj_mac.h objects.txt

, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus __ OpenSSL Project

Re: serialNumber with openssl ca

. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus __ OpenSSL

Re: Bug in X509_check_private_key

want to say that we are aware that we cannot handle all thinkable cases of incorrect usage of the API. We can (and probably will) fix the issue you just pointed out, but I am sure that you will find much more of these cases, if you start searching :-) Best regards, Lutz -- Lutz Jaenicke

Re: buglet with string representation of DNs?

of OpenSSL and should give his statement. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus

<    1   2   3   4   5   6   7   8   >