Don't know if I'm missing something or if this is a bug.
It don't seem to be possible to set the PSK identity-hint per session.
If I set the identity-hint in a newly created SSL connection object it
is rejected because
there is no session associated connection yet (but the
SSL_use_psk_identity_h
I'm trying to figure out if my openssl based applications are vulnerable
to CVE 2009-3245
From: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3245
> OpenSSL before 0.9.8m does not check for a NULL return value from
> bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2)
> crypto/bn/b
e there some utility for use aes128 into another code more easy??
PD: Sorry for my English...i know that is not good
--
Leif Thuresson Email: [EMAIL PROTECTED]
Fox TechnologiesPhone: +46 18 160046
Kungsangsv. 19 Cell:
atal error.
+ rm -f lib4758cca.exp
chmod: can't access lib4758cca.sl
*** Error exit code 1
Stop.
*** Error exit code 1
Stop.
*** Error exit code 1
===
Leif, could you please throw some more light on the changes made from 0.9.7
to 0.9.8 and what changes you think cause this pr
Hi,
I have also had problems building shared version of openssl-0.9.8b
on hpux-11.00 parisc using the hp ansi-c compiler.
It looks like the openssl shared-library building part is completely
re-implemented in 0.9.8 (compared to 0.9.7 which worked out of the box)
In 0.9.7 shared libraries where lin
performed on a RedHat Enterprise Linux 3.0 x86 32-bit system
Code compiled with gcc version 3.2.3
Test results attached.
/Leif Thuresson
rh3:~/src/openssl-0.9.8a/test:45> ./evp_test evptests.txt
Purify or PureCoverage slave: Warning: Can't open display "", using tty
hin a process.
So I'm starting to wonder what is the SSL_dup() function supposed to do
?
Have anyone tryed something similar ?
/Leif
--
Leif Thuresson Email: [EMAIL PROTECTED]
RSA SecurityPhone: +46-18-160046
Kungsangsv. 19
S-753 23 Upps
