Hello users,
Is there any fixes available from openSSL community for the SLOTH attack -
http://www.mitls.org/pages/attacks/SLOTH
or what are the possible mitigation points?
Thanks
Sandeep
___
openssl-users mailing list
To unsubscribe: https://mta.
The proposed change:
--
static inline unsigned int constant_time_msb(unsigned int a)
{
-return 0 - (a >> (sizeof(a) * 8 - 1));
+ return (((unsigned)((int)(a) >> (sizeof(int) * 8 - 1;
}
-
produces an implementation-defined value in C99. See the final sentence of ISO
9899-1999 6.
On 07/01/2016 15:52, Michael Wojcik wrote:
The proposed change:
--
static inline unsigned int constant_time_msb(unsigned int a)
{
-return 0 - (a >> (sizeof(a) * 8 - 1));
+ return (((unsigned)((int)(a) >> (sizeof(int) * 8 - 1;
}
-
produces an implementation-defined value in C99
A few zombie messages today:
Received: from mta.openssl.org (localhost [127.0.0.1])
by mta.openssl.org (Postfix) with ESMTP id 14CB4201BB;
Thu, 7 Jan 2016 12:13:22 + (UTC)
X-Original-To: openssl-us...@mta.openssl.org
Delivered-To: openssl-us...@mta.openssl.org
Received: by mt
> A few zombie messages today:
There were some that had been held up on the queue because of things like size
limits.
___
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
I'm moving samba service between a couple of FreeBSD systems (9.3 to
10.2), and I'm stuck on getting samba on the new machine to connect to
our openldap server over ssl - frustrating since I've been running
samba+ldap for 15 years or so; feel sure I'm missing something basic!
The smbd-to-ldap
Meta-comment: The documentation is very thin on when objects should or
should not be freed. The application developer is forced to chose
between [don't free, leak memory] and [free, access freed memory].
~~
1 - The documentation here says this API is available, but I don't see
it in either
> On Jan 7, 2016, at 1:39 PM, Ken Goldman wrote:
>
> 3 - I use this sequence:
>
> x509 = PEM_read_bio_X509
> EVP_PKEY = X509_get_pubkey
> RSA = EVP_PKEY_get1_RSA
>
> What should be freed? All three structures or just a subset?
All three.
--
Viktor.
__
Sorry - I thought this topic had come up again (or that this was a new
continuation of the older discussion). Now I see it was an old message that had
been delayed. Apologies for the noise.
--
Michael Wojcik
Technology Specialist, Micro Focus
___
op
Michael Wojcik writes:
>
> As described on that web page, use OpenSSL 1.0.1f or later. That prevents
the currently-practical SLOTH
> attack against RSA-MD5 client authentication.
>
> If you're using an OpenSSL release earlier than 1.0.1f, SLOTH is probably
not your biggest problem.
>
> The au
On 07/01/2016 16:46, Michael Wojcik wrote:
As described on that web page, use OpenSSL 1.0.1f or later. That prevents the
currently-practical SLOTH attack against RSA-MD5 client authentication.
If you're using an OpenSSL release earlier than 1.0.1f, SLOTH is probably not
your biggest problem.
Does this mean that running 1.01e in FIPS mode is protected regarding this
SLOTH attack ?
--
View this message in context:
http://openssl.6102.n7.nabble.com/openSSL-and-SLOTH-attack-tp62055p62074.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
___
On 07/01/2016 23:06, jonetsu wrote:
Does this mean that running 1.01e in FIPS mode is protected regarding this
SLOTH attack ?
Does FIPS mode prevent use of MD5: Yes.
Does FIPS mode prevent insecure uses of SHA-1 (a FIPS
algorithm): No.
Does FIPS mode prevent the SSL/TLS handshake from using
96
13 matches
Mail list logo
