Hello OpenSSL team,
The GOST ciphersuites currently defined are not DTLS-capable.
So it should be fixed in the ssl/s3_lib.c file.
Thank you!
--
SY, Dmitry Belyavsky
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4438
Please log in as guest with password guest if prompted
--
In message
on Sat, 19 Mar 2016 21:11:03 -0400, Jeffrey Walton said:
noloader> > Point is, if any of the the assertions are triggered into faulting,
noloader> > there's a but in the library and it shouldn't
> Point is, if any of the the assertions are triggered into faulting,
> there's a but in the library and it shouldn't get released. That's
> the whole point. The tests are supposed to catch those and basically
> raise a big red flag.
>
> Are you telling me that according to Apple's App Store
In message
on Sat, 19 Mar 2016 20:09:34 -0400, Jeffrey Walton said:
noloader> > noloader> Allowing a library to make policy decisions for the
application is a
noloader> > noloader> philosophical debate.
Fixed now. Closing ticket.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4436
Please log in as guest with password guest if prompted
--
openssl-dev
>> This is bad news... A 32-bit pointer's sign extension is
>> implementation defined, which means it may as well be undefined
>> behavior...
>>
>> GCC sign extends. I think you can get around it with an intermediate
>> cast to uintptr_t:
>>
>>cb->aio_buf = (uint64_t)(uintptr_t)buf;
>
> The
On Wed, Mar 16, 2016 at 08:09:15PM +0100, Richard Levitte wrote:
> In message <20160316182629.ga10...@doctor.nl2k.ab.ca> on Wed, 16 Mar 2016
> 12:26:29 -0600, The Doctor said:
>
> doctor> On Tue, Mar 15, 2016 at 10:13:50PM +0100, Richard Levitte wrote:
> doctor> > In
> noloader> Allowing a library to make policy decisions for the application is a
> noloader> philosophical debate.
>
> The few places we're using something that drastic is when the internal
> structures can only be seen as corrupt by our own fault. That's a
> point where you can expect things to
In message
on Sat, 19 Mar 2016 19:41:28 -0400, Jeffrey Walton said:
noloader> On Sat, Mar 19, 2016 at 7:31 PM, Richard Levitte
wrote:
noloader> > In message
On Sat, Mar 19, 2016 at 7:31 PM, Richard Levitte wrote:
> In message on Sat, 19
> Mar 2016 23:08:17 +, "noloa...@gmail.com via RT" said:
>
> rt> On Sat, Mar 19, 2016 at 6:44 AM, Richard Levitte via
In message on Sat, 19 Mar
2016 23:08:17 +, "noloa...@gmail.com via RT" said:
rt> On Sat, Mar 19, 2016 at 6:44 AM, Richard Levitte via RT
wrote:
rt> > I think that's a discussion that deserves its own
% ./config --prefix=/opt/openssl
Operating system: i86pc-whatever-solaris2
Configuring for solaris64-x86_64-gcc
Configuring OpenSSL version 1.1.0-pre4 (0x0x1014L)
no-crypto-mdebug [default] OPENSSL_NO_CRYPTO_MDEBUG (skip dir)
no-crypto-mdebug-backtrace [forced]
On Sat, Mar 19, 2016 at 6:44 AM, Richard Levitte via RT
wrote:
> I think that's a discussion that deserves its own new thread on openssl-dev.
>
> A RT ticket is *not* the right place for a philosophical discussion. Closing
> this. Please don't respond on this message, create a
On Sat, Mar 19, 2016 at 6:44 AM, Richard Levitte via RT
wrote:
> I think that's a discussion that deserves its own new thread on openssl-dev.
>
> A RT ticket is *not* the right place for a philosophical discussion. Closing
> this. Please don't respond on this message, create a
Hello,
> Already done.
>
>> It seems to be better to change '-xarch=generic64' to
> '-m64' in line
>> 196 & 201 of the same file, too.
>
> Hmm, not in line 191?
Sorry, not 196 but 191.
Regards,
--- Kiyoshi
--
Ticket here:
Vid Sat, 19 Mar 2016 kl. 10.56.00, skrev yoi_no_myou...@yahoo.co.jp:
> Patch for this:
> diff ../openssl-1.1.0-pre4.orig/Configurations/10-main.conf
> Configurations/10-main.conf
> 196c196
> < lflags => add(threads("-mt")),
> ---
> > lflags => add(threads("-mt -m64")),
Already done.
> It seems
If you have the possibility, please try a fresh checkout of the master branch
and see if this is fixed.
Cheers,
Richard
Vid Sat, 19 Mar 2016 kl. 10.55.59, skrev yoi_no_myou...@yahoo.co.jp:
> With patch for #,
>
> % mkdir build_solaris-x86-cc
> % cd build_solaris-x86-cc
> % ../Configure
Working from Master on a Gentoo 13 machine, x86_64. The test was run
as root which explains one of the failures (I don't have users or SSH
set up yet).
Kernel is 4.1.15, GCC is 4.9.3.
$ make test
...
( cd test; \
SRCTOP=../. \
BLDTOP=../. \
EXE_EXT= \
/usr/bin/perl
Hi Richard,
I believe I am just doing what I read in the 'NOTES.WIN' file :
PERL Configure ... VC-WIN32 --classic --prefix=...
CALL ms\do_nasm
nmake -f ms\ntdll.mak
nmake -f ms\ntdll.mak install
And each time I got a new nt[dll].mak file.
I first missed the '--classic'
Commit 674d5858df6cd3dc5cafa25875861f4742d64608, merged to master. Closing
ticket.
Cheers,
Richard
Vid Sat, 19 Mar 2016 kl. 13.38.57, skrev rainer.j...@kippdata.de:
> Hi Richard,
>
> Am 19.03.2016 um 12:49 schrieb Richard Levitte via RT:
> > So I'm wondering, what happens if you apply the
Vid Fre, 18 Mar 2016 kl. 19.10.42, skrev rainer.j...@kippdata.de:
> Your suggested fix would mean on platforms without "-nt" we would
> always
> rebuild and that's in fact what I observed (make test rebuilds a lot
> of
> object files) whereas the "find" variant should work on all platforms
> and
> I think the [mostly] portable way to turn a pointer into an integral
> is a uintptr_t or size_t. I'm not sure about uintptr_t availability
> because of std=c89/90. size_t will work for most platforms; but the
> one I am aware it will fail is older hardware like i386/i486 with
> 16-bit segments
On 17/03/16 10:49, Daniel Stenberg via RT wrote:
> Hey,
>
> In curl we call ENGINE_cleanup() as part of our OpenSSL specific cleanup
> function. When I do this with OpenSSL from git master as of right now
> (OpenSSL_1_1_0-pre4-7-ga717738) valgrind catches an illegal free:
Auto deinit
On Thu, Mar 17, 2016 at 5:22 PM David Benjamin via RT
wrote:
> I'm probably going to write something to generate random inputs and stress
> all your other poly1305 codepaths against a reference implementation. I
> recommend doing the same in your own test harness, to make sure
On Fri, Mar 18, 2016 at 9:18 AM, Matt Caswell via RT wrote:
>
>
> On 18/03/16 12:52, noloa...@gmail.com via RT wrote:
>> I've configured with:
>>
>> ./config enable-afalgeng
>>
>> When I run the self tests, I see:
>>
>> ../test/recipes/30-test_afalg.t ... skipped:
Hi,
As per my previous post, this is still the case with OpenSSL version 1.1.0
pre release 4.
The configure script generate the ntdll.mak file containing CFLAG* with
conflicting CRT switches.
De : openssl-dev [mailto:openssl-dev-boun...@openssl.org] De la part de
Michel
Envoyé : mardi 15
Perfect. Thanks for confirming. Closing this ticket now.
Cheers,
Richard
Vid Sat, 19 Mar 2016 kl. 13.39.02, skrev rainer.j...@kippdata.de:
> Works here. No more "-nt" error, no warnings or other STDERR output.
> Tested on Solaris 10 Sparc using GCC doing a 32 bit build and another
> 64
> bit
I had the same problem. /bin/sh on Solaris does not understand the "-nt"
operator used in the definition of the "depend" target in the top-level
Makefile, e.g. in line
if [ Makefile -nt Makefile ] ...
and elsewhere.
From "man test" on Solaris:
...
file1 -nt file2 True if file1
What happens if you run the afalgtest directly?
$ cd test
$ ./afalgtest
Matt
On 16/03/16 13:52, noloa...@gmail.com via RT wrote:
> Working from Master on a Gentoo 13 machine, x86_64. The test was run
> as root which explains one of the failures (I don't have users or SSH
> set up yet).
>
>
Hi Folks,
Need help.
I’m not able to encrypt a key using passphrase, below is the error message.
**"error:0D07209B:asn1 encoding routines:ASN1_get_object:too long"**
Have already googled for error but couldn't got much info
Snippet of my code:
unsigned char pass[] = "123456";
On Thu, Mar 17, 2016 at 8:43 PM, Viktor Dukhovni
wrote:
>
>> On Mar 17, 2016, at 8:25 PM, noloa...@gmail.com via RT
>> wrote:
>>
>> Yeah, this looks fishy... According to the libc manual, 13.10 Perform
>> I/O Operations in Parallel
>>
We can't overload functions -- this is C not C++ :) So cast your pointer. Other
accessors in OpenSSL have the same issue. We're not solving it right now.
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4436
Please log in as guest with password guest if prompted
--
openssl-dev
Hello ! I build a release package with the suggested fix in github but php
wont load curl anyway. Any other suggestions ? I used MS VC2013 with NASM
when using 1.0.2 branch.
PHP Warning: PHP Startup: Unable to load dynamic library
'\php5\php_curl.dll' - Das Betriebssystem kann php[1912] nicht
The Configure script generates 'makefile', not 'ntdll.mak'. Are you
sure you haven't confused things? Could you please show us the exact
commands you used from configuration to making?
Cheers,
Richard
In message <001b01d17fcd$109d9100$31d8b300$@sa...@free.fr> on Wed, 16 Mar 2016
22:44:48
On 18/03/16 12:52, noloa...@gmail.com via RT wrote:
> I've configured with:
>
> ./config enable-afalgeng
>
> When I run the self tests, I see:
>
> ../test/recipes/30-test_afalg.t ... skipped: test_afalg not
> supported for this build
You should not need to use enable-afalgeng
I had the same problem. /bin/sh on Solaris does not understand the "-nt"
operator used in the definition of the "depend" target in the top-level
Makefile, e.g. in line
if [ Makefile -nt Makefile ] ...
and elsewhere.
From "man test" on Solaris:
...
file1 -nt file2 True if file1
Well, I am not lucky !
For once that documentation exists and was recently updated, it is not
accurate :-(
I saw that '--classic' was temporary, but I did not realize that an
alternative build scheme was already there for Windows.
You cannot imagine how many times I have manually modified the
Hi Felix,
I have seen the same warning during the compilation and I agree with you that
it would be nice to have an API that takes const variable.
Regards,
Andrea
-Original Message-
From: openssl-dev [mailto:openssl-dev-boun...@openssl.org] On Behalf Of
Schüller Felix via RT
Sent:
Works here. No more "-nt" error, no warnings or other STDERR output.
Tested on Solaris 10 Sparc using GCC doing a 32 bit build and another 64
bit build. Builds succeed, tests pass.
Am 19.03.2016 um 12:34 schrieb Richard Levitte via RT:
> Fixed in commit 243a98d4a03a411dfe6db727dbf90adbfa2e7474.
Hi Richard,
Am 19.03.2016 um 12:49 schrieb Richard Levitte via RT:
> So I'm wondering, what happens if you apply the attached patch?
Works like a charm, tested on Solaris 10 Sparc doing a 32bit build and a
64bit build. The intermediate ".s" (lower case) file no longer gets
generated and
Hi Richard,
Am 19.03.2016 um 12:49 schrieb Richard Levitte via RT:
So I'm wondering, what happens if you apply the attached patch?
Works like a charm, tested on Solaris 10 Sparc doing a 32bit build and a
64bit build. The intermediate ".s" (lower case) file no longer gets
generated and
Your fix has now been applied to the master branch. Thanks for the report.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4446
Please log in as guest
Am 18.03.2016 um 19:33 schrieb Richard Levitte via RT:
> Vid Fre, 18 Mar 2016 kl. 18.07.31, skrev rainer.j...@kippdata.de:
>> Am 18.03.2016 um 17:49 schrieb Richard Levitte via RT:
>>> Vid Fre, 18 Mar 2016 kl. 16.34.05, skrev rainer.j...@kippdata.de:
I had the same problem. /bin/sh on Solaris
Yes, it is. We should clarify that.
"Hanno Böck" skrev: (19 mars 2016 13:41:01 CET)
>Hi,
>
>The latest news on the openssl start page is
>16-Mar-2016Beta 1 of OpenSSL 1.1.0 is now available: please download
>and test it
>
>However the latest download on /source is
>
Hi,
The latest news on the openssl start page is
16-Mar-2016Beta 1 of OpenSSL 1.1.0 is now available: please download
and test it
However the latest download on /source is
2016-Mar-16 17:43:30openssl-1.1.0-pre4.tar.gz
Is pre4 supposed to be the same as beta1?
--
Hanno Böck
So I'm wondering, what happens if you apply the attached patch?
Vid Sat, 19 Mar 2016 kl. 11.02.09, skrev levitte:
> Hmmm...
>
> Actually, I'm thinkg that src2obj() should check if the original file
> exists as
> given before changing .S to .s... That should work, since we're always
> generating
Fixed in commit 243a98d4a03a411dfe6db727dbf90adbfa2e7474. Can we close this
ticket for good now?
Vid Sat, 19 Mar 2016 kl. 10.14.25, skrev levitte:
> Right. A little 'exit 0' in the right spot should fix that.
>
> It's true that the dependencies that are generated depend quite a lot
> on what
>
On 17/03/2016 06:32, Ranjith Kumar A. wrote:
> Need help.
This is a question about using the OpenSSL libraries, further discussion
should be on openssl-users; I've set 'reply-to' appropriately, but I
don't know what the mailing list will do with it.
I’m not able to encrypt a key using
Applied in commit 5287761bfc34d32572b1acfd6e64fd8c0fb2f799. Closing ticket.
Vid Sat, 19 Mar 2016 kl. 10.23.09, skrev levitte:
> Right. Thanks! Will apply.
>
> Cheers,
> Richard
>
> Vid Fre, 18 Mar 2016 kl. 22.03.22, skrev rainer.j...@kippdata.de:
> > The following line in
Fixed in commit c1e350577fe14e3e124cc258f742cb77a14b6ce8. Closing ticket.
Vid Sat, 19 Mar 2016 kl. 10.41.01, skrev levitte:
> Thank you. Those are caused by some improperly written L<> links. Fix coming
> up.
>
> Cheers,
> Richard
>
> Vid Sat, 19 Mar 2016 kl. 00.28.21, skrev
Hi folks,
You know the drill. See the attached poly1305_test2.c.
$ OPENSSL_ia32cap=0 ./poly1305_test2
PASS
$ ./poly1305_test2
Poly1305 test failed.
got: 2637408fe03086ea73f971e3425e2820
expected: 2637408fe13086ea73f971e3425e2820
I believe this affects both the SSE2 and AVX2 code. It does
I just would like to add that, for me,
'CALL ms\do_nasm'
is part of the 'configure scripts'.
Please excuse my poor english,
Michel
-Message d'origine-
De : openssl-dev [mailto:openssl-dev-boun...@openssl.org] De la part de
Richard Levitte
Envoyé : mercredi 16 mars 2016 23:37
À :
>> Yeah, this looks fishy... According to the libc manual, 13.10 Perform
>> I/O Operations in Parallel
>> (https://www.gnu.org/software/libc/manual/html_node/Asynchronous-I_002fO.html):
>>
>>volatile void *aio_buf
>>
>>This is a pointer to the buffer with the data to
>>be
>> Is it possible that real target is so called x32, i.e. x86_64 with
>> 32-bit address space limitation? In such case linux-x32 would be the
>> right target...
>
> I don't believe this is x32 since {x86_64|amd64} and __ILP32__ are not
> defined; see preprocessor output below.
Got it. But just
With patch for #,
% mkdir build_solaris-x86-cc
% cd build_solaris-x86-cc
% ../Configure solaris-x86-cc
% make
:
Undefined first referenced
symbol in file
padlock_xstore ./libcrypto.a(e_padlock.o)
padlock_capability
Hmmm...
Actually, I'm thinkg that src2obj() should check if the original file exists as
given before changing .S to .s... That should work, since we're always
generating 'foo.s' from 'asm/foo.S' (or 'asm/foo.pl', but that's not applicable
here)... The directory difference should make it safe.
Hi Matt,
Thank you very much for keeping me informed !
Regards,
Michel.
-Message d'origine-
De : openssl-dev [mailto:openssl-dev-boun...@openssl.org] De la part de Matt
Caswell
Envoyé : jeudi 17 mars 2016 10:37
À : openssl-dev@openssl.org
Objet : Re: [openssl-dev] libcryto 1.1 leaks
Hello,
Tested with patch for #, and removing gcc from path.
% ./config
Operating system: i86pc-whatever-solaris2
Configuring for solaris64-x86_64-cc
Configuring OpenSSL version 1.1.0-pre4 (0x0x1014L)
no-crypto-mdebug [default] OPENSSL_NO_CRYPTO_MDEBUG (skip dir)
On Thu, Mar 17, 2016 at 12:37:41AM +0200, Jouni Malinen wrote:
> Was the SSL_get_version() behavior changed on purpose in the Beta 1
> release? This function used to return "TLSv1" when TLS v1.0 was used
> while it is now in Beta 1 returning "TLSv1.0" for that case.
I missed this change in the
$ git diff engines/afalg/e_afalg.c > e_afalg.patch
$ cat e_afalg.patch
diff --git a/engines/afalg/e_afalg.c b/engines/afalg/e_afalg.c
index 90d7602..4674bcf 100644
--- a/engines/afalg/e_afalg.c
+++ b/engines/afalg/e_afalg.c
@@ -127,7 +127,7 @@ static int afalg_chk_platform(void);
/* Engine Id
I think that's a discussion that deserves its own new thread on openssl-dev.
A RT ticket is *not* the right place for a philosophical discussion. Closing
this. Please don't respond on this message, create a new thread instead.
Vid Sat, 19 Mar 2016 kl. 01.49.13, skrev noloa...@gmail.com:
> On
Thank you. Those are caused by some improperly written L<> links. Fix coming
up.
Cheers,
Richard
Vid Sat, 19 Mar 2016 kl. 00.28.21, skrev rainer.j...@kippdata.de:
> Errors during make install:
>
> Cannot find "EXAMPLES" in podpath: cannot find suitable replacement
> path, cannot resolve link
>
Right. Thanks! Will apply.
Cheers,
Richard
Vid Fre, 18 Mar 2016 kl. 22.03.22, skrev rainer.j...@kippdata.de:
> The following line in Configurations/unix-Makefile.tmpl is non
> standards-conforming and breaks using Solaris sed:
>
> ...
> sed -e ':a;{N;s/\n/ /;ba}' | \
> ...
>
> The man page tells
Right. A little 'exit 0' in the right spot should fix that.
It's true that the dependencies that are generated depend quite a lot on what
you've built so far, I hope that's not an enormous bother.
Cheers,
Richard
Vid Sat, 19 Mar 2016 kl. 01.31.53, skrev e...@efca.com:
> still not working right.
On 18/03/16 22:59, Kurt Roeckx via RT wrote:
> On Fri, Mar 18, 2016 at 01:18:04PM +, Matt Caswell wrote:
>>
>>
>> On 18/03/16 12:52, noloa...@gmail.com via RT wrote:
>>> I've configured with:
>>>
>>> ./config enable-afalgeng
>>>
>>> When I run the self tests, I see:
>>>
>>>
On 18/03/16 22:59, Kurt Roeckx via RT wrote:
> On Fri, Mar 18, 2016 at 01:18:04PM +, Matt Caswell wrote:
>>
>>
>> On 18/03/16 12:52, noloa...@gmail.com via RT wrote:
>>> I've configured with:
>>>
>>> ./config enable-afalgeng
>>>
>>> When I run the self tests, I see:
>>>
>>>
> Jeff - please can you try the attached alternative patch?
>
It tested OK under both 'KERNEL_BITS=32' and 'KERNEL_BITS=64':
...
../test/recipes/25-test_verify.t .. ok
../test/recipes/25-test_x509.t ok
../test/recipes/30-test_afalg.t ... skipped: test_afalg not
> On Mar 17, 2016, at 8:25 PM, noloa...@gmail.com via RT
> wrote:
>
> Yeah, this looks fishy... According to the libc manual, 13.10 Perform
> I/O Operations in Parallel
> (https://www.gnu.org/software/libc/manual/html_node/Asynchronous-I_002fO.html):
>
>volatile void
> On Mar 18, 2016, at 4:40 PM, Richard Moore wrote:
>
> I think it is reasonable to preserve the backwards compatible "TLSv1"
> > for the string protocol version, but do we also need to preserve the
> > "TLSv1.0" in ciphers(1) output? If so, the code needs an exception
> Looks like some of these options are broken on Windows.
Ouf,
In some ways, that's good to hear.
:-)
I tried the patch and I was able to build the shared, debug and release
version of OpenSSL 1.1.
I was able to fully appreciate the new build system.
Thanks Matt, merci bien Richard,
Michel.
Am 18.03.2016 um 17:49 schrieb Richard Levitte via RT:
> Vid Fre, 18 Mar 2016 kl. 16.34.05, skrev rainer.j...@kippdata.de:
>> I had the same problem. /bin/sh on Solaris does not understand the "-
>> nt"
>> operator used in the definition of the "depend" target in the top-
>> level
>> Makefile,
> On Mar 16, 2016, at 6:44 PM, Viktor Dukhovni
> wrote:
>
>> Was the SSL_get_version() behavior changed on purpose in the Beta 1
>> release? This function used to return "TLSv1" when TLS v1.0 was used
>> while it is now in Beta 1 returning "TLSv1.0" for that case.
>
On 17/03/16 09:56, Michel wrote:
> Hello again Richard,
>
> And thanks for your help and answers.
> but as I said, I am not lucky at all :-(
>
> Hope I am not again missing something, I would not be particularly proud to
> win the trophy of the dumbest user on this list ;-)
>
> Doing :
>
Hi,
I think I found a regression in 1.1.0-pre4's ALPN code.
I'm currently porting Python's ssl module to OpenSSL 1.1.0-pre4. One of
Python's unit tests for ALPN is failing. In the test case both client
and server advertise ALPN but have no overlapping protocols. In OpenSSL
1.1.0-pre3 and all
Perhaps with said attachment this time...
Vid Fre, 18 Mar 2016 kl. 16.49.13, skrev levitte:
> Vid Fre, 18 Mar 2016 kl. 16.34.05, skrev rainer.j...@kippdata.de:
> > I had the same problem. /bin/sh on Solaris does not understand the "-
> > nt"
> > operator used in the definition of the "depend"
The change was actually introduced earlier (see:
https://github.com/openssl/openssl/commit/0621786).
GH891
(https://github.com/openssl/openssl/commit/817cd0d52f0462039d1fe60462150be7f59d2002)
moved the ALPN processing later so that the SSL_CTX determined from SNI can be
used, rather than the
Hi Felix,
I have seen the same warning during the compilation and I agree with you that
it would be nice to have an API that takes const variable.
Regards,
Andrea
-Original Message-
From: openssl-dev [mailto:openssl-dev-boun...@openssl.org] On Behalf Of
Schüller Felix via RT
Sent:
On 18/03/16 12:52, noloa...@gmail.com via RT wrote:
> I've configured with:
>
> ./config enable-afalgeng
>
> When I run the self tests, I see:
>
> ../test/recipes/30-test_afalg.t ... skipped: test_afalg not
> supported for this build
You should not need to use enable-afalgeng
Patch for anyone interested in trying.
--
Richard Levitte
levi...@openssl.org
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=
Please log in as guest with password guest if prompted
diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl
index
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL version 1.1.0 pre release 4 (beta)
===
OpenSSL - The Open Source toolkit for SSL/TLS
http://www.openssl.org/
OpenSSL 1.1.0 is currently in beta. OpenSSL 1.1.0 pre release 4 has now
Hello
Do you have any progress or suggestion about this ticket?
If more information is needed ,tell me please.
Ths!
-邮件原件-
发件人: Hejian (E)
发送时间: 2016年3月7日 11:24
收件人: 'noloa...@gmail.com'
抄送: openssl-dev@openssl.org; Liubo (Liubo, OSS); 'r...@openssl.org'
主题: 答复: [openssl-dev] 答复: 答复:
Fixup show in last message has now been merged with master, commit
a6adf099cbd7c3bc5c7051ad3d334636ef5e7f90
--
Richard Levitte
levi...@openssl.org
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=
Please log in as guest with password guest if prompted
--
openssl-dev mailing
Hi Richard,
Looks like my answer, with the files attached, is waiting for approval.
Regards.
-Message d'origine-
De : Michel [mailto:michel.sa...@free.fr]
Envoyé : jeudi 17 mars 2016 01:03
À : 'openssl-dev@openssl.org'
Objet : RE: [openssl-dev] configure results in conflicting CRT
Hallo,
since the struct ECDSA_SIG ( -> ECDSA_SIG_st) is now opaque, one has to use
ECDSA_SIG_get0() to access the values 'r' and 's'.
This works fine for non-const variables. But if one has a 'const ECDSA_SIG *'
(e.g. in verify_sig() of an ec_key-engine),
this produces an error during
I can't reproduce what you're getting, but tell you what, if you send
me these two files, I can try to figure out what's going on:
configdata.pm
ms\ntdll.mak
In message <005501d17fdb$58d73800$0a85a800$@sa...@free.fr> on Thu, 17 Mar 2016
00:27:03 +0100, "Michel"
Check Microsoft's work here: https://github.com/Microsoft/openssl/
I used the scripts here to build OpenSSL for Universal Apps (ARM, x86 and
x64). I had to make small changes due to my build environment but it works.
Regards,
David
--
openssl-dev mailing list
To unsubscribe:
FYI, I have a fix for this but it is currently stalled in review due to
another related issue. Interim patch attached.
Matt
On 16/03/16 22:11, Michel wrote:
> Hi,
>
>
>
> As in my previous post, libcrypto still leaks with OpenSSL version 1.1.0
> pre release 4.
>
> Here is an example with
Vid Fre, 18 Mar 2016 kl. 16.34.05, skrev rainer.j...@kippdata.de:
> I had the same problem. /bin/sh on Solaris does not understand the "-
> nt"
> operator used in the definition of the "depend" target in the top-
> level
> Makefile, e.g. in line
>
> if [ Makefile -nt Makefile ] ...
That can't be
>> Is it possible that real target is so called x32, i.e. x86_64 with
>> 32-bit address space limitation? In such case linux-x32 would be the
>> right target...
>
> I don't believe this is x32 since {x86_64|amd64} and __ILP32__ are not
> defined; see preprocessor output below.
Got it. But just
Hey,
In curl we call ENGINE_cleanup() as part of our OpenSSL specific cleanup
function. When I do this with OpenSSL from git master as of right now
(OpenSSL_1_1_0-pre4-7-ga717738) valgrind catches an illegal free:
==20314== Invalid free() / delete / delete[] / realloc()
==20314==at
On Wed, Mar 16, 2016 at 6:11 PM, Jeffrey Walton wrote:
> On Wed, Mar 16, 2016 at 10:02 AM, Matt Caswell wrote:
>> What happens if you run the afalgtest directly?
>>
>> $ cd test
>> $ ./afalgtest
>>
>
> ./afalgtest
> ALG_PERR: afalg_create_sk: Failed to open
Using the guide posted here:
https://wiki.openssl.org/index.php/EVP_Symmetric_Encryption_and_Decryption
I was getting a fairly large amount of bytes "still reachable", so I
decided to throw in all of the options to free up whatever was left over.
Originally, all that was suggested in the wiki
We are planning on removing the following systems from OpenSSL 1.1:
Netware
OS/2
There are a few reasons for this. In no particular order they include: these
platforms are no longer supported by the vendor; the configurations and builds
have not been testable by the team for years and
On Wed, Mar 16, 2016 at 10:02 AM, Matt Caswell wrote:
> What happens if you run the afalgtest directly?
>
> $ cd test
> $ ./afalgtest
>
./afalgtest
ALG_PERR: afalg_create_sk: Failed to open socket : Address family not
supported by protocol
test_afalg_aes_128_cbc() failed
What happens if you run the afalgtest directly?
$ cd test
$ ./afalgtest
Matt
On 16/03/16 13:52, noloa...@gmail.com via RT wrote:
> Working from Master on a Gentoo 13 machine, x86_64. The test was run
> as root which explains one of the failures (I don't have users or SSH
> set up yet).
>
>
On Fri, Mar 18, 2016 at 9:18 AM, Matt Caswell via RT wrote:
>
>
> On 18/03/16 12:52, noloa...@gmail.com via RT wrote:
>> I've configured with:
>>
>> ./config enable-afalgeng
>>
>> When I run the self tests, I see:
>>
>> ../test/recipes/30-test_afalg.t ... skipped:
Hi,
What is the best method to compile OpenSSL library 1.0.2.x to Windows
Universal Platform 32, 64 and ARM ?
Does OpenSSL should be running on Windows Universal Platform ?
Best Regards,
Moti Saroka.
--
openssl-dev mailing list
To unsubscribe:
I was looking at the code for afalg_fin_cipher_aio in engines/afalg/e_afalg.c:
int afalg_fin_cipher_aio(afalg_aio *aio, int sfd, unsigned char *buf,
size_t len)
{
int r;
int retry = 0;
unsigned int done = 0;
struct iocb *cb;
struct timespec timeout;
https://github.com/openssl/openssl/pull/876
Add note about when EVP_CIPHER_CTX_set_padding should be called.
Conrado
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4435
Please log in as guest with password guest if prompted
--
openssl-dev mailing list
To unsubscribe:
99 matches
Mail list logo