Re: [openssl-users] calloc vs kssl_calloc

2016-10-01 Thread Jeffrey Walton
On Sat, Oct 1, 2016 at 5:18 PM, Salz, Rich wrote: > >> However there are very many OpenSSL users (myself included) who rely on >> the legal status of OpenSSL/SSLeay as having no US origin parts. If this has >> changed, it needs a big red banner at the top of the

Re: [openssl-users] calloc vs kssl_calloc

2016-10-01 Thread Salz, Rich
> However there are very many OpenSSL users (myself included) who rely on > the legal status of OpenSSL/SSLeay as having no US origin parts. If this has > changed, it needs a big red banner at the top of the www.openssl.org, every > affected source file with the original EAY copyright

Re: [openssl-users] calloc vs kssl_calloc

2016-10-01 Thread Salz, Rich
> That didn't answer my question. I reported a bug, I'm not a developer / on > the developer list; will someone else take this, or is there some bug database > that I should enter an issue into? As it says in https://www.openssl.org/community/, email it to r...@openssl.org It also says this in

[openssl-users] OpenSSL and sourc'ing countries (was: calloc vs kssl_calloc)

2016-10-01 Thread Jeffrey Walton
>>> Is there something more I should do on this issue? I recall the OpenSSL >>> terms of use strongly discouraged people from the US from helping, due to US >>> export restrictions. >> >> That's kinda outdated. > > However there are very many OpenSSL users (myself included) > who rely on the

Re: [openssl-users] calloc vs kssl_calloc

2016-10-01 Thread Jeffrey Walton
On Sat, Oct 1, 2016 at 4:32 PM, Geoffrey Coram wrote: > I reported a bug, I'm not a developer > / on the developer list; will someone else take this, or is there some > bug database that I should enter an issue into? If its an OpenSSL bug, then I believe you send an email

Re: [openssl-users] calloc vs kssl_calloc

2016-10-01 Thread Geoffrey Coram
On 09/30/2016 09:29, "Salz, Rich" wrote: > > > Is there something more I should do on this issue?  I recall the > OpenSSL terms of use strongly discouraged people from the US from > helping, due to US export restrictions. > > That's kinda outdated. That didn't answer my

Re: [openssl-users] Possible to control session reuse from the client?

2016-10-01 Thread Viktor Dukhovni
On Sat, Oct 01, 2016 at 04:05:32PM +, Daniel Janzon wrote: > Hm... Thanks, but I think I miss some piece of the puzzle. How does client > and server side session differ and how do they interact? I thought the TLS > session was always cached on the server side and all the client would have >

Re: [openssl-users] Possible to control session reuse from the client?

2016-10-01 Thread Salz, Rich
Sessions are the server holds the state and the client sends a session-id. Tickets are the client holds the state and sends it to the server. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Possible to control session reuse from the client?

2016-10-01 Thread Daniel Janzon
Hm... Thanks, but I think I miss some piece of the puzzle. How does client and server side session differ and how do they interact? I thought the TLS session was always cached on the server side and all the client would have to do was to send its session ID. On Fri, Sep 30, 2016 at 12:00 AM