Re: [openssl-users] openssl 1.1.1 and FreeBSD 11.2
On Tue, Sep 11, 2018 at 04:09:48PM -0500, Benjamin Kaduk wrote: > On Tue, Sep 11, 2018 at 03:04:06PM -0600, The Doctor wrote: > > On Tue, Sep 11, 2018 at 02:57:09PM -0500, Benjamin Kaduk via openssl-users > > wrote: > > > On Tue, Sep 11, 2018 at 10:48:40AM -0600, The Doctor wrote: > > > > On Tue, Sep 11, 2018 at 09:33:36AM -0600, The Doctor wrote: > > > > > Looks likes I found a first bug > > > > > > > > > > ../test/recipes/70-test_comp.t . > > > > > Proxy started on port [::1]:10789 > > > > > Server command: ../../util/shlib_wrap.sh ../../apps/openssl s_server > > > > > -max_protocol TLSv1.3 -no_comp -rev -engine ossltest -ext_cache > > > > > -accept [::1]:0 -cert ../../apps/server.pem -cert2 > > > > > ../../apps/server.pem -naccept 1 -cipher AES128-SHA -ciphersuites > > > > > TLS_AES_128_GCM_SHA256 > > > > > engine "ossltest" set. > > > > > Using default temp DH parameters > > > > > ACCEPT [::1]:39577 > > > > > Server responds on [::1]:39577 > > > > > panic: XSUB Socket6::getaddrinfo (Socket6.c) failed to extend arg > > > > > stack: base=805d16098, sp=805d160e8, hwm=805d160d0 > > > > > > > > > > > > > Using perl 5.28.1 > > > > > > The test suite needs some modules not included in the core perl > > > port/package. > > > You should probably list out what p5-* you have installed. > > > > > > p5-Archive-Zip-1.63Create, manipulate, read, and write Zip > > archive files > > p5-Authen-NTLM-1.09_1 Perl5 NTLM authentication module > > p5-Authen-PAM-0.16_2 Perl interface to the PAM library > > p5-Authen-SASL-2.16_1 Perl5 module for SASL authentication > > p5-Business-ISBN-3.004 Work with International Standard Book Numbers > > p5-Business-ISBN-Data-20140910.003 Data pack for Business::ISBN > > p5-CGI-4.40Handle Common Gateway Interface requests and > > responses > > p5-Class-Inspector-1.32Provides information about classes > > p5-Convert-ASN1-0.27_2 Perl5 module to encode and decode ASN.1 data > > structures > > p5-Convert-BinHex-1.125Perl module to extract data from Macintosh > > BinHex files > > p5-Convert-TNEF-0.18_1 Perl module to read TNEF files > > p5-Crypt-OpenSSL-Bignum-0.09 OpenSSL's multiprecision integer arithmetic > > p5-Crypt-OpenSSL-Guess-0.11Guess OpenSSL include path > > p5-Crypt-OpenSSL-RSA-0.30_1Perl5 module to RSA encode and decode > > strings using OpenSSL > > p5-Crypt-OpenSSL-Random-0.15 Perl5 interface to the OpenSSL pseudo-random > > number generator > > p5-Crypt-SSLeay-0.72_3 Perl5 interface to allow p5-libwww LWP to > > make https connections > > p5-DBD-SQLite-1.58 Provides access to SQLite3 databases through > > the DBI > > p5-DBD-mysql-4.046 MySQL driver for the Perl5 Database > > Interface (DBI) > > p5-DBI-1.641 Perl5 Database Interface, required for > > DBD::* modules > > p5-Data-Dump-1.23_1Pretty printing of data structures > > p5-Date-EzDate-1.16Date and time manipulation made easy > > p5-Devel-CheckLib-1.13 Check that a library is available > > p5-Digest-BubbleBabble-0.02_1 Perl5 interface to a fingerprint in "bubble > > babble" format > > p5-Digest-HMAC-1.03_1 Perl5 interface to HMAC Message-Digest > > Algorithms > > p5-Digest-SHA1-2.13_1 Perl interface to the SHA-1 Algorithm > > p5-Encode-Detect-1.01_1Encode::Encoding subclass that detects the > > encoding of data > > p5-Encode-Locale-1.05 Determine the locale encoding > > p5-Error-0.17026 Error/exception handling in object-oriented > > programming style > > p5-ExtUtils-Depends-0.405 Easily build XS extensions that depend on XS > > extensions > > p5-ExtUtils-PkgConfig-1.16 Simplistic interface to pkg-config > > p5-File-Listing-6.04_1 Parse directory listings > > p5-File-ShareDir-1.116 Locate per-dist and per-module shared files > > p5-File-ShareDir-Install-0.13 Install read-only data files from a > > distribution > > p5-Filesys-Df-0.92_1 Perl extension for filesystem space > > p5-Filter-1.59 Number of source filters for perl5 programs > > p5-GD-2.68 Perl5 interface to Gd Graphics Library > > version2 > > p5-GD-Barcode-1.15_6 GD::Barcode - Create barcode image with GD > > p5-GSSAPI-0.28_1 Perl extension providing access to the > > GSSAPIv2 library > > p5-Geo-IP-1.51 Gets country name by IP or hostname > > p5-Geography-Countries-2009041301_1 Handle ISO-3166 country codes > > p5-Glib2-1.327 This module provides access to Glib and > > GObject libraries > > p5-HTML-Parser-3.72Perl5 module for parsing HTML documents > > p5-HTML-Tagset-3.20_1 Some useful data table in parsing HTML > > p5-HTTP-Cookies-6.04 HTTP Cookie jars > > p5-HTTP-Daemon-6.01_1 Simple HTTP server class > >
Re: [openssl-users] openssl 1.1.1 and FreeBSD 11.2
On Tue, Sep 11, 2018 at 03:04:06PM -0600, The Doctor wrote: > On Tue, Sep 11, 2018 at 02:57:09PM -0500, Benjamin Kaduk via openssl-users > wrote: > > On Tue, Sep 11, 2018 at 10:48:40AM -0600, The Doctor wrote: > > > On Tue, Sep 11, 2018 at 09:33:36AM -0600, The Doctor wrote: > > > > Looks likes I found a first bug > > > > > > > > ../test/recipes/70-test_comp.t . > > > > Proxy started on port [::1]:10789 > > > > Server command: ../../util/shlib_wrap.sh ../../apps/openssl s_server > > > > -max_protocol TLSv1.3 -no_comp -rev -engine ossltest -ext_cache -accept > > > > [::1]:0 -cert ../../apps/server.pem -cert2 ../../apps/server.pem > > > > -naccept 1 -cipher AES128-SHA -ciphersuites TLS_AES_128_GCM_SHA256 > > > > engine "ossltest" set. > > > > Using default temp DH parameters > > > > ACCEPT [::1]:39577 > > > > Server responds on [::1]:39577 > > > > panic: XSUB Socket6::getaddrinfo (Socket6.c) failed to extend arg > > > > stack: base=805d16098, sp=805d160e8, hwm=805d160d0 > > > > > > > > > > Using perl 5.28.1 > > > > The test suite needs some modules not included in the core perl > > port/package. > > You should probably list out what p5-* you have installed. > > > p5-Archive-Zip-1.63Create, manipulate, read, and write Zip > archive files > p5-Authen-NTLM-1.09_1 Perl5 NTLM authentication module > p5-Authen-PAM-0.16_2 Perl interface to the PAM library > p5-Authen-SASL-2.16_1 Perl5 module for SASL authentication > p5-Business-ISBN-3.004 Work with International Standard Book Numbers > p5-Business-ISBN-Data-20140910.003 Data pack for Business::ISBN > p5-CGI-4.40Handle Common Gateway Interface requests and > responses > p5-Class-Inspector-1.32Provides information about classes > p5-Convert-ASN1-0.27_2 Perl5 module to encode and decode ASN.1 data > structures > p5-Convert-BinHex-1.125Perl module to extract data from Macintosh > BinHex files > p5-Convert-TNEF-0.18_1 Perl module to read TNEF files > p5-Crypt-OpenSSL-Bignum-0.09 OpenSSL's multiprecision integer arithmetic > p5-Crypt-OpenSSL-Guess-0.11Guess OpenSSL include path > p5-Crypt-OpenSSL-RSA-0.30_1Perl5 module to RSA encode and decode strings > using OpenSSL > p5-Crypt-OpenSSL-Random-0.15 Perl5 interface to the OpenSSL pseudo-random > number generator > p5-Crypt-SSLeay-0.72_3 Perl5 interface to allow p5-libwww LWP to make > https connections > p5-DBD-SQLite-1.58 Provides access to SQLite3 databases through > the DBI > p5-DBD-mysql-4.046 MySQL driver for the Perl5 Database Interface > (DBI) > p5-DBI-1.641 Perl5 Database Interface, required for DBD::* > modules > p5-Data-Dump-1.23_1Pretty printing of data structures > p5-Date-EzDate-1.16Date and time manipulation made easy > p5-Devel-CheckLib-1.13 Check that a library is available > p5-Digest-BubbleBabble-0.02_1 Perl5 interface to a fingerprint in "bubble > babble" format > p5-Digest-HMAC-1.03_1 Perl5 interface to HMAC Message-Digest > Algorithms > p5-Digest-SHA1-2.13_1 Perl interface to the SHA-1 Algorithm > p5-Encode-Detect-1.01_1Encode::Encoding subclass that detects the > encoding of data > p5-Encode-Locale-1.05 Determine the locale encoding > p5-Error-0.17026 Error/exception handling in object-oriented > programming style > p5-ExtUtils-Depends-0.405 Easily build XS extensions that depend on XS > extensions > p5-ExtUtils-PkgConfig-1.16 Simplistic interface to pkg-config > p5-File-Listing-6.04_1 Parse directory listings > p5-File-ShareDir-1.116 Locate per-dist and per-module shared files > p5-File-ShareDir-Install-0.13 Install read-only data files from a > distribution > p5-Filesys-Df-0.92_1 Perl extension for filesystem space > p5-Filter-1.59 Number of source filters for perl5 programs > p5-GD-2.68 Perl5 interface to Gd Graphics Library version2 > p5-GD-Barcode-1.15_6 GD::Barcode - Create barcode image with GD > p5-GSSAPI-0.28_1 Perl extension providing access to the > GSSAPIv2 library > p5-Geo-IP-1.51 Gets country name by IP or hostname > p5-Geography-Countries-2009041301_1 Handle ISO-3166 country codes > p5-Glib2-1.327 This module provides access to Glib and > GObject libraries > p5-HTML-Parser-3.72Perl5 module for parsing HTML documents > p5-HTML-Tagset-3.20_1 Some useful data table in parsing HTML > p5-HTTP-Cookies-6.04 HTTP Cookie jars > p5-HTTP-Daemon-6.01_1 Simple HTTP server class > p5-HTTP-Date-6.02_1Conversion routines for the HTTP protocol date > formats > p5-HTTP-Message-6.18 Representation of HTTP style messages > p5-HTTP-Negotiate-6.01_1 Implementation of the HTTP content negotiation > algorithm >
Re: [openssl-users] openssl 1.1.1 and FreeBSD 11.2
On Tue, Sep 11, 2018 at 02:57:09PM -0500, Benjamin Kaduk via openssl-users wrote: > On Tue, Sep 11, 2018 at 10:48:40AM -0600, The Doctor wrote: > > On Tue, Sep 11, 2018 at 09:33:36AM -0600, The Doctor wrote: > > > Looks likes I found a first bug > > > > > > ../test/recipes/70-test_comp.t . > > > Proxy started on port [::1]:10789 > > > Server command: ../../util/shlib_wrap.sh ../../apps/openssl s_server > > > -max_protocol TLSv1.3 -no_comp -rev -engine ossltest -ext_cache -accept > > > [::1]:0 -cert ../../apps/server.pem -cert2 ../../apps/server.pem -naccept > > > 1 -cipher AES128-SHA -ciphersuites TLS_AES_128_GCM_SHA256 > > > engine "ossltest" set. > > > Using default temp DH parameters > > > ACCEPT [::1]:39577 > > > Server responds on [::1]:39577 > > > panic: XSUB Socket6::getaddrinfo (Socket6.c) failed to extend arg stack: > > > base=805d16098, sp=805d160e8, hwm=805d160d0 > > > > > > > Using perl 5.28.1 > > The test suite needs some modules not included in the core perl port/package. > You should probably list out what p5-* you have installed. p5-Archive-Zip-1.63Create, manipulate, read, and write Zip archive files p5-Authen-NTLM-1.09_1 Perl5 NTLM authentication module p5-Authen-PAM-0.16_2 Perl interface to the PAM library p5-Authen-SASL-2.16_1 Perl5 module for SASL authentication p5-Business-ISBN-3.004 Work with International Standard Book Numbers p5-Business-ISBN-Data-20140910.003 Data pack for Business::ISBN p5-CGI-4.40Handle Common Gateway Interface requests and responses p5-Class-Inspector-1.32Provides information about classes p5-Convert-ASN1-0.27_2 Perl5 module to encode and decode ASN.1 data structures p5-Convert-BinHex-1.125Perl module to extract data from Macintosh BinHex files p5-Convert-TNEF-0.18_1 Perl module to read TNEF files p5-Crypt-OpenSSL-Bignum-0.09 OpenSSL's multiprecision integer arithmetic p5-Crypt-OpenSSL-Guess-0.11Guess OpenSSL include path p5-Crypt-OpenSSL-RSA-0.30_1Perl5 module to RSA encode and decode strings using OpenSSL p5-Crypt-OpenSSL-Random-0.15 Perl5 interface to the OpenSSL pseudo-random number generator p5-Crypt-SSLeay-0.72_3 Perl5 interface to allow p5-libwww LWP to make https connections p5-DBD-SQLite-1.58 Provides access to SQLite3 databases through the DBI p5-DBD-mysql-4.046 MySQL driver for the Perl5 Database Interface (DBI) p5-DBI-1.641 Perl5 Database Interface, required for DBD::* modules p5-Data-Dump-1.23_1Pretty printing of data structures p5-Date-EzDate-1.16Date and time manipulation made easy p5-Devel-CheckLib-1.13 Check that a library is available p5-Digest-BubbleBabble-0.02_1 Perl5 interface to a fingerprint in "bubble babble" format p5-Digest-HMAC-1.03_1 Perl5 interface to HMAC Message-Digest Algorithms p5-Digest-SHA1-2.13_1 Perl interface to the SHA-1 Algorithm p5-Encode-Detect-1.01_1Encode::Encoding subclass that detects the encoding of data p5-Encode-Locale-1.05 Determine the locale encoding p5-Error-0.17026 Error/exception handling in object-oriented programming style p5-ExtUtils-Depends-0.405 Easily build XS extensions that depend on XS extensions p5-ExtUtils-PkgConfig-1.16 Simplistic interface to pkg-config p5-File-Listing-6.04_1 Parse directory listings p5-File-ShareDir-1.116 Locate per-dist and per-module shared files p5-File-ShareDir-Install-0.13 Install read-only data files from a distribution p5-Filesys-Df-0.92_1 Perl extension for filesystem space p5-Filter-1.59 Number of source filters for perl5 programs p5-GD-2.68 Perl5 interface to Gd Graphics Library version2 p5-GD-Barcode-1.15_6 GD::Barcode - Create barcode image with GD p5-GSSAPI-0.28_1 Perl extension providing access to the GSSAPIv2 library p5-Geo-IP-1.51 Gets country name by IP or hostname p5-Geography-Countries-2009041301_1 Handle ISO-3166 country codes p5-Glib2-1.327 This module provides access to Glib and GObject libraries p5-HTML-Parser-3.72Perl5 module for parsing HTML documents p5-HTML-Tagset-3.20_1 Some useful data table in parsing HTML p5-HTTP-Cookies-6.04 HTTP Cookie jars p5-HTTP-Daemon-6.01_1 Simple HTTP server class p5-HTTP-Date-6.02_1Conversion routines for the HTTP protocol date formats p5-HTTP-Message-6.18 Representation of HTTP style messages p5-HTTP-Negotiate-6.01_1 Implementation of the HTTP content negotiation algorithm p5-IO-HTML-1.001_1 Open an HTML file with automatic charset detection p5-IO-Socket-INET6-2.72_1 Perl module with object interface to AF_INET6 domain sockets p5-IO-Socket-SSL-2.059 Perl5 interface to SSL sockets p5-IO-String-1.08_1
Re: [openssl-users] openssl 1.1.1 and FreeBSD 11.2
> On Sep 11, 2018, at 3:57 PM, Benjamin Kaduk via openssl-users > wrote: > >>> panic: XSUB Socket6::getaddrinfo (Socket6.c) failed to extend arg stack: >>> base=805d16098, sp=805d160e8, hwm=805d160d0 >>> >> >> Using perl 5.28.1 Thanks for the hint, I was looking too close at the panic... This is a Perl issue, with an XSUB routine pushing more arguments onto the stack than the stack can hold. Sure does not look like an OpenSSL issue... Perhaps similar to: http://code.activestate.com/lists/perl5-porters/240289/ https://rt.perl.org/Public/Bug/Display.html?id=133327 I have Perl 5.26 and all is well... -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] openssl 1.1.1 and FreeBSD 11.2
On Tue, Sep 11, 2018 at 10:48:40AM -0600, The Doctor wrote: > On Tue, Sep 11, 2018 at 09:33:36AM -0600, The Doctor wrote: > > Looks likes I found a first bug > > > > ../test/recipes/70-test_comp.t . > > Proxy started on port [::1]:10789 > > Server command: ../../util/shlib_wrap.sh ../../apps/openssl s_server > > -max_protocol TLSv1.3 -no_comp -rev -engine ossltest -ext_cache -accept > > [::1]:0 -cert ../../apps/server.pem -cert2 ../../apps/server.pem -naccept 1 > > -cipher AES128-SHA -ciphersuites TLS_AES_128_GCM_SHA256 > > engine "ossltest" set. > > Using default temp DH parameters > > ACCEPT [::1]:39577 > > Server responds on [::1]:39577 > > panic: XSUB Socket6::getaddrinfo (Socket6.c) failed to extend arg stack: > > base=805d16098, sp=805d160e8, hwm=805d160d0 > > > > Using perl 5.28.1 The test suite needs some modules not included in the core perl port/package. You should probably list out what p5-* you have installed. Also, do you have any IPv6 addresses configured? -Ben -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] openssl 1.1.1 and FreeBSD 11.2
On 09/11/2018 01:30 PM, The Doctor wrote: On Tue, Sep 11, 2018 at 12:48:53PM -0400, Dennis Clarke wrote: On 09/11/2018 12:23 PM, Viktor Dukhovni wrote: On Sep 11, 2018, at 11:33 AM, The Doctor wrote: Looks likes I found a first bug Let's just slow down here a sec. LEt's get this tweaked accordingly for current BSD standards. Well I have been building and testing all the beta releases on a mixture of platforms for a while. All year? A while now and have not seen any show stoppers anywhere other than a bit of config tweaks and Makefile edits. I have been running a TLS v1.3 website for months and it never skips a beat. So this is most likely just a FreeBSD "feature" and a non-issue. The maintainer(s) in the FreeBSD project are the folks to speak with here and not the OpenSSL folks. Regardless I will give the release a whirl on OpenBSD 11.2 and 12.0 and possibly on PPC64 also. If there is anything to report you will see it in the FreeBSD bugzilla. Dennis Clarke ye ol greybeard UNIX silverback -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] openssl 1.1.1 and FreeBSD 11.2
On Tue, Sep 11, 2018 at 12:48:53PM -0400, Dennis Clarke wrote: > On 09/11/2018 12:23 PM, Viktor Dukhovni wrote: > > > > > >> On Sep 11, 2018, at 11:33 AM, The Doctor wrote: > >> > >> Looks likes I found a first bug > >> > > > > This did not happen on my machine, the build succeeded, and all tests > > passed: > > > > $ uname -srp > > FreeBSD 11.1-RELEASE-p10 amd64 > > > > You have 11.1 there whereas the initial report is in regards to 11.2. > I think 12.0 is right around the corner. I'll have a look at both. > > >> My configuration is > >> > >> #!/usr/local/bin/bash > >> CC=/usr/local/bin/clang60 ./Configure --prefix=/usr/local BSD-x86_64 > >> enable-crypto-mdebug enable-crypto-mdebug-backtrace enable-rfc3779 > >> enable-shared zlib-dynamic enable-sctp enable-rc4 > >> disable-weak-ssl-ciphers no-idea enable-ssl-trace enable-unit-test; make > >> depend > > > > You don't need to, and should not run "make depend" for OpenSSL 1.1.x. > > I'd recommend building an empty sub-directory or "out of tree": > > > > mkdir build; cd build; $path_to_source/Configure ...; make; make test > > > > Why are you building with "enable-crypto-mdebug" and > > "enable-crypto-mdebug-backtrace"? > > These are developer-team options, not expected to used by others, or > > necessarily work > > reliably on all systems... They also incur a substantial performance > > penalty. > > > > Hrmmm ... I'll give it a whirl out of the box but generally I find that > the Configurations/10-main.conf needs to be edited as well as the > resultant Makefile but after that everything goes smoothly. > > Dennis > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users LEt's get this tweaked accordingly for current BSD standards. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism NB 24 Sept vote Liberal! Quebec votez contre le PQ et le QS des 1 October 2018! -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] openssl 1.1.1 and FreeBSD 11.2
On Tue, Sep 11, 2018 at 12:23:08PM -0400, Viktor Dukhovni wrote:
>
>
> > On Sep 11, 2018, at 11:33 AM, The Doctor wrote:
> >
> > Looks likes I found a first bug
> >
> > ../test/recipes/70-test_comp.t .
> > Proxy started on port [::1]:10789
> > Server command: ../../util/shlib_wrap.sh ../../apps/openssl s_server
> > -max_protocol TLSv1.3 -no_comp -rev -engine ossltest -ext_cache -accept
> > [::1]:0 -cert ../../apps/server.pem -cert2 ../../apps/server.pem -naccept 1
> > -cipher AES128-SHA -ciphersuites TLS_AES_128_GCM_SHA256
> > engine "ossltest" set.
> > Using default temp DH parameters
> > ACCEPT [::1]:39577
> > Server responds on [::1]:39577
> > panic: XSUB Socket6::getaddrinfo (Socket6.c) failed to extend arg stack:
> > base=805d16098, sp=805d160e8, hwm=805d160d0
>
> This did not happen on my machine, the build succeeded, and all tests
> passed:
>
>$ uname -srp
>FreeBSD 11.1-RELEASE-p10 amd64
>
Using 11.2 myself. 11.1 is now unsupported.
> ##
> ## Makefile for OpenSSL
> ##
> ## WARNING: do not edit!
> ## Generated by Configure from ../Configurations/unix-Makefile.tmpl,
> ../Configurations/common.tmpl
>
> PLATFORM=BSD-x86_64
> OPTIONS=enable-shared no-asan no-crypto-mdebug no-crypto-mdebug-backtrace
> no-ec_nistp_64_gcc_128 no-egd no-fuzz-afl no-fuzz-libfuzzer no-heartbeats
> no-md2 no-msan no-rc5 no-sctp no-ssl-trace no-ssl3 no-ssl3-method no-ubsan
> no-unit-test no-weak-ssl-ciphers no-zlib no-zlib-dynamic
> CONFIGURE_ARGS=("BSD-x86_64", "shared")
>
> Ditto with a configuration similar to yours, but built with "CC=clang50":
>
> ##
> ## Makefile for OpenSSL
> ##
> ## WARNING: do not edit!
> ## Generated by Configure from ../Configurations/unix-Makefile.tmpl,
> ../Configurations/common.tmpl
>
> PLATFORM=BSD-x86_64
> OPTIONS=--prefix=/usr/local enable-crypto-mdebug
> enable-crypto-mdebug-backtrace enable-rfc3779 enable-shared
> enable-zlib-dynamic enable-sctp enable-rc4 enable-ssl-trace enable-unit-test
> no-asan no-ec_nistp_64_gcc_128 no-egd no-fuzz-afl no-fuzz-libfuzzer
> no-heartbeats no-idea no-md2 no-msan no-rc5 no-ssl3 no-ssl3-method no-ubsan
> no-weak-ssl-ciphers
> CONFIGURE_ARGS=("--prefix=/usr/local", "BSD-x86_64", "enable-crypto-mdebug",
> "enable-crypto-mdebug-backtrace", "enable-rfc3779", "enable-shared",
> "zlib-dynamic", "enable-sctp", "enable-rc4", "disable-weak-ssl-ciphers",
> "no-idea", "enable-ssl-trace", "enable-unit-test")
>
> > My configuration is
> >
> > #!/usr/local/bin/bash
> > CC=/usr/local/bin/clang60 ./Configure --prefix=/usr/local BSD-x86_64
> > enable-crypto-mdebug enable-crypto-mdebug-backtrace enable-rfc3779
> > enable-shared zlib-dynamic enable-sctp enable-rc4
> > disable-weak-ssl-ciphers no-idea enable-ssl-trace enable-unit-test; make
> > depend
>
> You don't need to, and should not run "make depend" for OpenSSL 1.1.x.
> I'd recommend building an empty sub-directory or "out of tree":
>
> mkdir build; cd build; $path_to_source/Configure ...; make; make test
>
> Why are you building with "enable-crypto-mdebug" and
> "enable-crypto-mdebug-backtrace"?
> These are developer-team options, not expected to used by others, or
> necessarily work
> reliably on all systems... They also incur a substantial performance penalty.
>
clang 6.0 is the default and there is clang 6.0.1 and clang 7.0 FYI
Let me try without mdebug
> --
> Viktor.
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
--
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising!
https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism
NB 24 Sept vote Liberal! Quebec votez contre le PQ et le QS des 1 October 2018!
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] openssl 1.1.1 and FreeBSD 11.2
On 09/11/2018 12:23 PM, Viktor Dukhovni wrote: On Sep 11, 2018, at 11:33 AM, The Doctor wrote: Looks likes I found a first bug This did not happen on my machine, the build succeeded, and all tests passed: $ uname -srp FreeBSD 11.1-RELEASE-p10 amd64 You have 11.1 there whereas the initial report is in regards to 11.2. I think 12.0 is right around the corner. I'll have a look at both. My configuration is #!/usr/local/bin/bash CC=/usr/local/bin/clang60 ./Configure --prefix=/usr/local BSD-x86_64 enable-crypto-mdebug enable-crypto-mdebug-backtrace enable-rfc3779 enable-shared zlib-dynamic enable-sctp enable-rc4 disable-weak-ssl-ciphers no-idea enable-ssl-trace enable-unit-test; make depend You don't need to, and should not run "make depend" for OpenSSL 1.1.x. I'd recommend building an empty sub-directory or "out of tree": mkdir build; cd build; $path_to_source/Configure ...; make; make test Why are you building with "enable-crypto-mdebug" and "enable-crypto-mdebug-backtrace"? These are developer-team options, not expected to used by others, or necessarily work reliably on all systems... They also incur a substantial performance penalty. Hrmmm ... I'll give it a whirl out of the box but generally I find that the Configurations/10-main.conf needs to be edited as well as the resultant Makefile but after that everything goes smoothly. Dennis -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] openssl 1.1.1 and FreeBSD 11.2
On Tue, Sep 11, 2018 at 09:33:36AM -0600, The Doctor wrote: > Looks likes I found a first bug > > ../test/recipes/70-test_comp.t . > Proxy started on port [::1]:10789 > Server command: ../../util/shlib_wrap.sh ../../apps/openssl s_server > -max_protocol TLSv1.3 -no_comp -rev -engine ossltest -ext_cache -accept > [::1]:0 -cert ../../apps/server.pem -cert2 ../../apps/server.pem -naccept 1 > -cipher AES128-SHA -ciphersuites TLS_AES_128_GCM_SHA256 > engine "ossltest" set. > Using default temp DH parameters > ACCEPT [::1]:39577 > Server responds on [::1]:39577 > panic: XSUB Socket6::getaddrinfo (Socket6.c) failed to extend arg stack: > base=805d16098, sp=805d160e8, hwm=805d160d0 > > > My configuration is > > #!/usr/local/bin/bash > CC=/usr/local/bin/clang60 ./Configure --prefix=/usr/local BSD-x86_64 > enable-crypto-mdebug enable-crypto-mdebug-backtrace enable-rfc3779 > enable-shared zlib-dynamic enable-sctp enable-rc4 disable-weak-ssl-ciphers > no-idea enable-ssl-trace enable-unit-test; make depend > -- > Member - Liberal International This is doctor@@nl2k.ab.ca Ici > doctor@@nl2k.ab.ca > Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist > rising! > https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism > NB 24 Sept vote Liberal! Quebec votez contre le PQ et le QS des 1 October > 2018! > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users Using perl 5.28.1 -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism NB 24 Sept vote Liberal! Quebec votez contre le PQ et le QS des 1 October 2018! -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] openssl 1.1.1 and FreeBSD 11.2
> On Sep 11, 2018, at 11:33 AM, The Doctor wrote:
>
> Looks likes I found a first bug
>
> ../test/recipes/70-test_comp.t .
> Proxy started on port [::1]:10789
> Server command: ../../util/shlib_wrap.sh ../../apps/openssl s_server
> -max_protocol TLSv1.3 -no_comp -rev -engine ossltest -ext_cache -accept
> [::1]:0 -cert ../../apps/server.pem -cert2 ../../apps/server.pem -naccept 1
> -cipher AES128-SHA -ciphersuites TLS_AES_128_GCM_SHA256
> engine "ossltest" set.
> Using default temp DH parameters
> ACCEPT [::1]:39577
> Server responds on [::1]:39577
> panic: XSUB Socket6::getaddrinfo (Socket6.c) failed to extend arg stack:
> base=805d16098, sp=805d160e8, hwm=805d160d0
This did not happen on my machine, the build succeeded, and all tests
passed:
$ uname -srp
FreeBSD 11.1-RELEASE-p10 amd64
##
## Makefile for OpenSSL
##
## WARNING: do not edit!
## Generated by Configure from ../Configurations/unix-Makefile.tmpl,
../Configurations/common.tmpl
PLATFORM=BSD-x86_64
OPTIONS=enable-shared no-asan no-crypto-mdebug no-crypto-mdebug-backtrace
no-ec_nistp_64_gcc_128 no-egd no-fuzz-afl no-fuzz-libfuzzer no-heartbeats
no-md2 no-msan no-rc5 no-sctp no-ssl-trace no-ssl3 no-ssl3-method no-ubsan
no-unit-test no-weak-ssl-ciphers no-zlib no-zlib-dynamic
CONFIGURE_ARGS=("BSD-x86_64", "shared")
Ditto with a configuration similar to yours, but built with "CC=clang50":
##
## Makefile for OpenSSL
##
## WARNING: do not edit!
## Generated by Configure from ../Configurations/unix-Makefile.tmpl,
../Configurations/common.tmpl
PLATFORM=BSD-x86_64
OPTIONS=--prefix=/usr/local enable-crypto-mdebug enable-crypto-mdebug-backtrace
enable-rfc3779 enable-shared enable-zlib-dynamic enable-sctp enable-rc4
enable-ssl-trace enable-unit-test no-asan no-ec_nistp_64_gcc_128 no-egd
no-fuzz-afl no-fuzz-libfuzzer no-heartbeats no-idea no-md2 no-msan no-rc5
no-ssl3 no-ssl3-method no-ubsan no-weak-ssl-ciphers
CONFIGURE_ARGS=("--prefix=/usr/local", "BSD-x86_64", "enable-crypto-mdebug",
"enable-crypto-mdebug-backtrace", "enable-rfc3779", "enable-shared",
"zlib-dynamic", "enable-sctp", "enable-rc4", "disable-weak-ssl-ciphers",
"no-idea", "enable-ssl-trace", "enable-unit-test")
> My configuration is
>
> #!/usr/local/bin/bash
> CC=/usr/local/bin/clang60 ./Configure --prefix=/usr/local BSD-x86_64
> enable-crypto-mdebug enable-crypto-mdebug-backtrace enable-rfc3779
> enable-shared zlib-dynamic enable-sctp enable-rc4 disable-weak-ssl-ciphers
> no-idea enable-ssl-trace enable-unit-test; make depend
You don't need to, and should not run "make depend" for OpenSSL 1.1.x.
I'd recommend building an empty sub-directory or "out of tree":
mkdir build; cd build; $path_to_source/Configure ...; make; make test
Why are you building with "enable-crypto-mdebug" and
"enable-crypto-mdebug-backtrace"?
These are developer-team options, not expected to used by others, or
necessarily work
reliably on all systems... They also incur a substantial performance penalty.
--
Viktor.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] openssl 1.1.1 and FreeBSD 11.2
Looks likes I found a first bug ../test/recipes/70-test_comp.t . Proxy started on port [::1]:10789 Server command: ../../util/shlib_wrap.sh ../../apps/openssl s_server -max_protocol TLSv1.3 -no_comp -rev -engine ossltest -ext_cache -accept [::1]:0 -cert ../../apps/server.pem -cert2 ../../apps/server.pem -naccept 1 -cipher AES128-SHA -ciphersuites TLS_AES_128_GCM_SHA256 engine "ossltest" set. Using default temp DH parameters ACCEPT [::1]:39577 Server responds on [::1]:39577 panic: XSUB Socket6::getaddrinfo (Socket6.c) failed to extend arg stack: base=805d16098, sp=805d160e8, hwm=805d160d0 My configuration is #!/usr/local/bin/bash CC=/usr/local/bin/clang60 ./Configure --prefix=/usr/local BSD-x86_64 enable-crypto-mdebug enable-crypto-mdebug-backtrace enable-rfc3779 enable-shared zlib-dynamic enable-sctp enable-rc4 disable-weak-ssl-ciphers no-idea enable-ssl-trace enable-unit-test; make depend -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism NB 24 Sept vote Liberal! Quebec votez contre le PQ et le QS des 1 October 2018! -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
