[openssl-users] Searching for a memory leak in my OpenSSL usage

Hello, I got an application that establishes an TLS connection for communication. While the communication works, I run into a memory leak that originates from CRYPTO_malloc. I tried to search for proper OpenSSL shutdown and related issues, but my tries did not affect the leak. Here is the ASAN

[openssl-users] Trusting certificates with the same subject name and overlapping validity periods

Q:  Does OpenSSL's trust-list verification support trusting multiple certificates with the same subject name and overlapping validity periods? In more detail: We have customers who issue replacement certificates with the same subject name and different validity periods.  We'd like to be able to s

Re: [openssl-users] Trusting certificates with the same subject name and overlapping validity periods

On 20.09.2017 18:33, Jordan Brown wrote: Q: Does OpenSSL's trust-list verification support trusting multiple certificates with the same subject name and overlapping validity periods? do these replacement certificates have the same serial number and the same private key? smime.p7s Descri

Re: [openssl-users] Trusting certificates with the same subject name and overlapping validity periods

On 9/20/2017 10:28 AM, Walter H. via openssl-users wrote: > On 20.09.2017 18:33, Jordan Brown wrote: >> >> Q:  Does OpenSSL's trust-list verification support trusting multiple >> certificates with the same subject name and overlapping validity periods? >> > do these replacement certificates have th

Re: [openssl-users] Trusting certificates with the same subject name and overlapping validity periods

> On Sep 20, 2017, at 12:33 PM, Jordan Brown > wrote: > > Q: Does OpenSSL's trust-list verification support trusting multiple > certificates with the same subject name and overlapping validity periods? > > In more detail: > > We have customers who issue replacement certificates with the sam

Re: [openssl-users] Trusting certificates with the same subject name and overlapping validity periods

On 9/20/2017 2:25 PM, Viktor Dukhovni wrote: >> On Sep 20, 2017, at 12:33 PM, Jordan Brown >> wrote: >> >> Q: Does OpenSSL's trust-list verification support trusting multiple >> certificates with the same subject name and overlapping validity periods? >> >> In more detail: >> >> We have custome

Re: [openssl-users] Trusting certificates with the same subject name and overlapping validity periods

On Wed, Sep 20, 2017 at 5:48 PM, Jordan Brown wrote: > ... > The above also works with "authorityCertSerialNumber", see > >https://tools.ietf.org/html/rfc5280#section-4.2.1.1 > > If, however, the newer certificate has a different key, and the same > subject DN, but does not place matching dist

[openssl-users] [ANN] M2Crypto 0.26.2

Hi, everybody, after a way too long time I have another version of M2Crypto. Despite the deceptively minor version number (0.26.2; it is mistake, it has all right to be called 0.27.0, but the release is already on PyPI, sorry) this was a lot of work. The biggest achievement here is compatibility