On 09/09/2019 16:21, Viktor Dukhovni wrote:
> One of the "CHANGES" entries for 1.0.1d reads:
>
> *) Call OCSP Stapling callback after ciphersuite has been chosen, so
> the right response is stapled. Also change SSL_get_certificate()
> so it returns the
> On Sep 8, 2019, at 1:09 PM, Jeremy Harris wrote:
>
>> I have a note from 2017 in my code to the effect that
>> SSL_get_certificate() is broken in that it returns the last
>> cert loaded rather than the one passed out to the client
>> (on the server).
>
>
On 29/08/2019 23:31, Jeremy Harris wrote:
> I have a note from 2017 in my code to the effect that
> SSL_get_certificate() is broken in that it returns the last
> cert loaded rather than the one passed out to the client
> (on the server).
Note that one might have both an EC and an RSA
I have a note from 2017 in my code to the effect that
SSL_get_certificate() is broken in that it returns the last
cert loaded rather than the one passed out to the client
(on the server).
Is this still the case? I can't track down any obvious fix in the
OpenSSL git.
I'd like to use
> On Nov 4, 2017, at 8:12 PM, Jeremy Harris wrote:
>
>>> After SSL_accept(), call SSL_get_certificate() to see what
>>> cert was presented.
>>
>> The negotiated certificate is only populated in the server SSL
>> handle when you
().
>
> After SSL_accept(), call SSL_get_certificate() to see what
> cert was presented.
The negotiated certificate is only populated in the server SSL
handle when you've registered a TLS status callback. See
SSL_CTX_set_tlsext_status_cb(3)
> What should I be doing differe
1.0.2k fips.
Server, having loaded two certs (one rsa, one ecdsa) using
SSL_CTX_use_certificate_chain_file().
After SSL_accept(), call SSL_get_certificate() to see what
cert was presented.
The actual on-the-wire does what I'm expecting - the presented
server cert varies according to the s
My product got hit by this bug too. ( it uses 0.9.8y branch). I understand
the fix is in main branch, but I am curious - will 0.9.8 be patched
eventually?
--
View this message in context:
http://openssl.6102.n7.nabble.com/NULL-ptr-deref-when-calling-SSL-get-certificate-with-1-0-0k-tp43636p45271
On Tue, Mar 05, 2013, Vimol Kshetrimayum wrote:
> Hi Steve,
>
> I am also facing the same issue.
> If I want to to fix this bug, should the code for SSL_get_certificate() be
> restored to previous state? Is there any other place to be fixed?
>
Effectively yes. The
Hi Steve,
I am also facing the same issue.
If I want to to fix this bug, should the code for SSL_get_certificate() be
restored to previous state? Is there any other place to be fixed?
Thanks,
-Vimol
On Mon, Feb 11, 2013 at 10:21 PM, Dr. Stephen Henson wrote:
> On Mon, Feb 11, 2013, Bog
On Mon, Feb 11, 2013, Bogdan Harjoc wrote:
> I updated to openssl 1.0.1k from 1.0.0d and I get a NULL pointer
> dereference when I call SSL_get_certificate on a valid SSL object.
>
> Backtrace:
>
> ssl_set_cert_masks:1845
> ssl_get_server_send_pkey:2117
> ssl_g
I updated to openssl 1.0.1k from 1.0.0d and I get a NULL pointer
dereference when I call SSL_get_certificate on a valid SSL object.
Backtrace:
ssl_set_cert_masks:1845
ssl_get_server_send_pkey:2117
ssl_get_server_send_cert:2175
SSL_get_certificate:2605
ssl_get_server_send_pkey calls
12 matches
Mail list logo
