Bob Beck
Bob Beck
Yeah, sorry folks, the legacy validation API is pretty squirrelly, and some of the legacy errors actually *don't make any sense* when you actually chase down all possible chains. Nevertheless...
Of note -> "fail hard" is still fail. We still fail validation in this case, it's simply how you choose to interpret the error code (and yes I understand the...
This seems to have been fixed by the release of OpenSSL 3. New testing is probably in order.
Do we even need timegm() anymore? I thought I got rid of all that? > On Nov 3, 2023, at 3:53 PM, Theo Buehler ***@***.***> wrote: > > > Thanks...
Yeah, that’s silly, I can make that go away ;) > On Nov 3, 2023, at 4:10 PM, Theo Buehler ***@***.***> wrote: > > > @bob-beck there is one call...
Is it really only the arc4random that becomes a problem here now that some systems have it?
In what application? On Tue, Aug 30, 2016 at 03:08:50AM -0700, Cl??ment Peron wrote: > Yes instead of several call on a server i would like to receive one "big"...
So this is not a public application. Do you know if OpenSSL is taking that patch? On Tue, Aug 30, 2016 at 04:15:08AM -0700, Cl??ment Peron wrote: > IOT device...
OpenSSL also ships with many wonderful things we have either deleted, or are waiting to see if they are viable and worth the attack surface. Do you have an actual...
You didn't really indicate how you were reproducing this, so I'm not exactly set up to test. Does this fix your issue? ```diff diff --git a/lib/libssl/tls13_server.c b/lib/libssl/tls13_server.c index dfeb1e01663..fad1f3b5f51 100644...