Re: openssl cms resign with RSA-PSS corrupts the CMS(?)

--On Saturday, February 13, 2021 11:23 PM +0200 Alon Bar-Lev wrote: I prepared a demo[1] to help people reproduce the issue, tested with openssl-1.1.1i. Maybe <https://github.com/openssl/openssl/issues/13931> ? --Quanah -- Quanah Gibson-Mount Product Architect Symas Corpo

Re: no suitable signature algorithm during handshake failure

--On Friday, January 8, 2021 4:44 PM -0500 Viktor Dukhovni wrote: Hi Viktor, On Fri, Jan 08, 2021 at 12:05:26PM -0800, Quanah Gibson-Mount wrote: > https://www.spinics.net/lists/openssl-users/msg05623.html Thanks Viktor. Mainly, I wasn't sure what specific information

Re: no suitable signature algorithm during handshake failure

:d6: 6b:cd:04:10:55:f2:81:71:a5:bb:6a:fc:b2:05:91:9a:33:2e: 74:85:e2:58:78:56:a8:76:89:d6:05:38:dc:58:25:70:e0:49: 44:b8:45:97:c5:42:c0:3c:ff:d8:a5:7d:60:b6:dd:fc:3d:69: d6:d1:31:82 Thanks! Regards, Quanah -- Quanah Gibson-Mount Product Architect Symas Corpor

no suitable signature algorithm during handshake failure

. Thanks, Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: <http://www.symas.com>

Re: Software that uses OpenSSL

e SSL libraries, so this can miss a lot of potential applications (OpenLDAP, for example). Hopefully with OpenSSL 3.0 and later, this won't be as much of an issue. --Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions

Re: empty directory in the 1.1.1 series release tags

the tarball. I ended up doing a git rm on the krb5 dir, and then the rest of the tags all went in fine (I was last on 1.1.1d). But I agree, overall I would expect the release tags to match the release tarballs. --Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packa

Re: empty directory in the 1.1.1 series release tags

ething that involves both tarballs and git? I use the git release tags, not the tarballs. --Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: <http://www.symas.com>

empty directory in the 1.1.1 series release tags

e. Version OpenSSL_1_1_1e of krb5 left in tree. Can this please be fixed? Thanks! --Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: <http://www.symas.com>

RE: building openssl 1.1.1 for Solaris 10

for Solaris 10? You mean beyond what's in INSTALL and NOTES.UNIX? What is your specific issue? They may have run into <https://github.com/openssl/openssl/issues/6333> which the OpenSSL project seems disinclined to fix. --Quanah -- Quanah Gibson-Mount Product Architect Symas

Re: CVE-1999-0428

ence to the CVE itself in the commit. Someone from the OpenSSL project would have to confirm if that is indeed the fix for the above CVE (and if so, then the CVE database needs updating). Regards, Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and

CVE-2019-1552 clarification

As someone who does build OpenSSL on windows, my gist is that if I use a non-default OPENSSLDIR I'm ok? Can someone confirm? Thanks! I.e., I use --openssldir=/opt/symas/ssl Regards, Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported

Re: Openssl IPv6 Support

y major linux distributions. It boggles the mind that to this day that patch has not been integrated in the 5 years since the bug was opened. See <http://rt.openssl.org/Ticket/Display.html?id=2051>, <https://bugs.debian.org/589520> --Quanah -- Quanah Gibson-Mount Plat