to opensslconf.h we disabled the
extension and PEAP negotiation is successful.
There really should be an API to disable this extension so that it can be
enabled in use cases where it is needed and disabled in use cases where it
breaks negotiation.
Robert Dugal
by using ENGINE_set_default() with ENGINE_METHOD_CIPHERS|ENGINE_METHOD_DIGESTS.
Is what I am observing the correct behavior of OpenSSL?
FYI: I have been testing with OpenSSL 1.0.0d & 1.0.0e
--
Robert DugalTeam Lead SSL & PKI Group
Certicom Corp. A Subsidiary of Research I
If you append 64 '=' characters to the output of a base64 encoding then you get
a segfault when decoding the output.
i.e. The following will cause a segfault:
echo
ZW5jb2RlIG1lCg==
| openssl enc -d -base64
I tested this usi
e any comments on
the bug or my proposed fix.
FYI: I did not find this bug myself but I have been asked to provide a patch
for OpenSSL.
-Original Message-
From: Robert Dugal
Sent: Tuesday, September 13, 2011 2:27 PM
To: 'r...@openssl.org'
Subject: bug report: segfault from base64 d
llback both source and destination have the same
md_data pointer.
So I am going to have to assume that the destination md_data pointer is
actually garbage and ignore it.
It's going to take me some time to modify all my engine's digest
implementations and fully test this.
t;<<<<<<<<<<<<<<<<<md_data=OPENSSL_malloc(type->ctx_size);
if (ctx->md_data == NULL)
{
EVPerr(EVP_F_EVP_DIGESTINIT_EX,
goto err;
if (!EVP_DigestFinal_ex(&ctx->md_ctx,md,len))
goto err;
>>>>>>>>>>>>> THE INNER (ctx->i_ctx ) AND OUTER (ctx->o_ctx ) DIGEST CONTEXTS
>>>>>>>>>>>>> ARE NOT CLEANED UP OR FINALIZED HERE.