[[EMAIL PROTECTED] - Thu Apr 25 16:16:02 2002]:
Is this the expected behaviour ? Either way one must be fixed :)
Btw EVP_OpenFinal does exactly what EVP_SealFinal does and adds to
this the return value...
Hmm, I think Steve should answer this one. Personally, I think this
shows a certain
The problem is fixed. As Lutz pointed out, we missed enginetest.c
when converting all strdup() to BUF_strdup()...
--
Richard Levitte
[EMAIL PROTECTED]
__
OpenSSL Project http://www.openssl.org
I understand the concern here, but I very strongly disagree with the
solution. Casting everything from size_t to int is going in the wrong
direction.
I'll work on moving int to size_t where needed. If someone can tell
me how to simulate have a 64-bit size_t on Linux, it would make it
[levitte - Thu May 30 09:06:04 2002]:
You're quite right, .dylib isn't added.
The reason was two-fold:
1) darwin-ppc-cc, as well as a few other targets, had the
shared_extensions field misaligned, which in effet disabled having
any extension at all for shared libraries.
2) support for
[[EMAIL PROTECTED] - Fri May 17 19:50:59 2002]:
Installed openssl-0.9.6d source and built it locally. Built a PEM
certificate for testing U of W IMAP with SSL. SSL didn't work,
wouldn't accept the certificate.
Discovered that code still has a double free bug that was reported
back in
[[EMAIL PROTECTED] - Sun May 26 11:34:49 2002]:
The main loop from AES_ctr128_encrypt seems superficially
incorrect. If
any non-zero initial value is provided for *num, the first
16-*num
bytes are not necessarily encrypted.
You do know that AES_ctr128_encrypt() must be called with
[[EMAIL PROTECTED] - Thu May 30 16:22:22 2002]:
Hi again,
Sorry Richard, but your suggestion just don't work:
OPENSSL_SYS_MSDOS is
used all over the source and in principle these #ifdefs are
correct.
The only thing that must be fixed is that #define MS_STATIC
static
(set in e_os.h)
The patch is now applied and committed. Thanks!
[[EMAIL PROTECTED] - Tue May 28 20:00:46 2002]:
Well, here it is... Works great for me, passed all tests.
Creates a 64bit OpenSSL package for Solaris using the newly
released GCC 3.1
--
Richard Levitte
[EMAIL PROTECTED]
[[EMAIL PROTECTED] - Thu May 30 19:28:13 2002]:
Hi,
Just wanted you to know that I'm still having problems with DER
format
certificates. A more thorough inspection turned up additional double
free errors in the same directory :(
Hmm, would you mind telling me which file it is, since
This was much easier to fix than I thought. Committed and present
in the next snapshot.
[[EMAIL PROTECTED] - Thu May 23 16:27:27 2002]:
Hi there,
it seems that in line 84 in crypto/cversion.c there is a bug:
eg. if you run Configure with -DDEVRANDOM=\/dev/random\ and
therefore the
Probably because of atoi(), a last-second change was made, changing
ustrsep to strsep on that line. Try replacing strsep with
ustrsep, that should work better (I know it worked for me).
I'll look into this when I have more time.
[[EMAIL PROTECTED] - Mon Jun 3 13:02:51 2002]:
Hi,
I
Please resend a patch that is generated using one of the options -u
(unified context diff, which is prefered) or -c (context diff).
[[EMAIL PROTECTED] - Mon Jun 3 11:42:22 2002]:
Hi,
I used -nameopt with openssl req and the options will be ignored
if req
is used with -text. I checked
I just commited that change.
[[EMAIL PROTECTED] - Mon Jun 3 13:02:51 2002]:
Hi,
I checked the code in crypto/evp/evp_test.c and it looks like
sstrsep do
the same like strsep on Linux. So perhaps it was a typo and the
code was
only tested under Linux.
I used sstrsep insteed of
Change commited.
--
Richard Levitte
[EMAIL PROTECTED]
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager
Sorry, I fail to see the problem here. As far as I understand the
code, *pval points at the ASN.1 blob that is the result of parsing the
attribute string you're citing. Surely you don't want that to be freed
before you even got to use it, do you?
Or do I misunderstand something here?
The fix is to add an extra NULL argument at the end of the argument
list in both places where this error occurs.
I've just commited a patch, so the above fix will be present in 0.9.6e.
[[EMAIL PROTECTED] - Fri May 31 09:32:25 2002]:
I've just installed openssl-0.9.6c on Linux, and I'm
BN_pseudo_rand_range() was given in the synopsis exactly as you
requested, since 0.9.6c (or at least, that's what I can make out by
checking with our repository). I must say that I have some difficulty
doing anything with this report because of that...
--
Richard Levitte
[EMAIL PROTECTED]
I'm sure you read pem2.h and therefore the reason it exists. If you
have a better idea on solving the circular dependency problem
described, we're all ears.
However, double declaration isn't an error, at least if the
declarations are exactly the same. Until someone comes up with a
better
Thanks for the report, that was an error in production.
If you grab the latest 0.9.7 snapshot, you'll probably see that
things have improved...
[[EMAIL PROTECTED] - Tue Jun 4 19:40:45 2002]:
Hi,
I have winnt 4.0 sp6a , vc++ 6 and NASM version 0.98
When I execute ms\do_nasm
I have
I just commited a fix. Thanks for the report. The next snapshot will
contain the fix.
[[EMAIL PROTECTED] - Tue Jun 4 22:13:18 2002]:
I downloaded beta1 to a OpenVMS V7.2-1 system
running DEC C V6.2-008. I ran into two build problems:
1. SSL-LIB.COM contains an ON ERROR
OK, there are several issues here.
First of all, your private key is broken, or rather the structure it
has been packed into. BEGIN PRIVATE KEY indicates that the key is
wrapped in a PKCS8 structure. That structure should start with an
integer indicating the version number of the structure
A little more analysis seems to indicate that X509_EXTENSION isn't
properly coded, since freeing it requires a dive into the
OCTET_STRING (or whatever that translates to) and free whatever
that's pointing to.
The code in question is crypto/asn1/x_exten.c, and for comparison,
one might want
Thanks for the report, I've commited the suggested fix.
[[EMAIL PROTECTED] - Fri May 31 21:03:26 2002]:
I believe that I have found a bug in the above file and would like
for
someone
else to santiy check it.
At line 290 in a_utctm.c, a separate code block is being used if
the
I just commited a change that involves having a new script called
dirname.pl in util/.
Thanks for the report.
[[EMAIL PROTECTED] - Wed Jun 5 09:33:57 2002]:
I successfully built OpenSSL 0.9.7-beta1 on my m68k-next-openstep42
system. It did require adding an extra include somewhere I
Uhmm, BTW, what exactly do you think that'll solve, considering the
actual problem?
[[EMAIL PROTECTED] - Wed Jun 5 15:54:26 2002]:
However, double declaration isn't an error, at least if the
declarations are exactly the same. Until someone comes up with a
better solution to break the
[[EMAIL PROTECTED] - Tue Jun 4 19:47:39 2002]:
Building 0.9.7 (snapshot from June 1) with Cygwin led to several
warnings during compilation related to the assembly code now
included
by default. Despite the warnings, it passed the tests in make
test.
Does something need to get fixed?
[[EMAIL PROTECTED] - Thu Jun 6 08:52:53 2002]:
Great! Please clarify this for me, can I say F-secure is not
compatible
with standards or has the vendor possibility to choose the key
format?
F-secure doesn't seem to be compatible with standards. There are a
number of structures that a
[[EMAIL PROTECTED] - Tue Jun 4 19:47:25 2002]:
OK, I've a few comments:
--- openssl-0.9.7/Configure.orig 2002-05-30
10:08:08.0 -0800
+++ openssl-0.9.7/Configure 2002-06-02 15:23:38.0 -0800
@@ -513,6 +513,9 @@
Cygwin-pre1.3, gcc:-DTERMIOS -DL_ENDIAN
I finally committed most of your changes. Please download the next
snapshot of 0.9.7 and check that it works as intended.
I'm keeping this ticket open until you have confirmed that it works
(perhaps after further changes).
--
Richard Levitte
[EMAIL PROTECTED]
I went for a different solution. Since the problem was the sed that
takes away all the crap before the version number, I changed it to
have the dash be part of the character set to remove instead of
having it as a mandatory character after said set. That should
resolve this ticket. Reopen
I've just added the changes you suggested, and made a tentative
addition in 0.9.7 as well, where I mimic the way Cygwin is configured.
Please download the next snapshot of both 0.9.6 and 0.9.7 and test
them.
--
Richard Levitte
[EMAIL PROTECTED]
I solved this, not by changing bn_mul.c, since BN_DEBUG doesn't
necessarely mean we don't want assembler. Instead, I changed the
debug target i Configure to add -DOPENSSL_NO_ASM to the C flags.
--
Richard Levitte
__
OpenSSL
[[EMAIL PROTECTED] - Tue Jun 18 16:48:39 2002]:
it complained that the rsaref directory did not exist. I changed
install.com
from this line:
$ SDIRS := CRYPTO,SSL,RSAREF,APPS,VMS!,TEST,TOOLS
to:
$ SDIRS := CRYPTO,SSL,APPS,VMS!,RSAREF,TEST,TOOLS
Applied and committed.
you
It sounds like something is corrupted on your machine. I can't tell
you what it is, unfortunately.
Take a look at util/mk1mf.pl and search for CRYPTOOBJ. If it's
split in two in there (i.e. you have to search for CRYPTO to find
it), I'd say something went quite wrong when you unpacked the
How do you suggest we handle this? And BTW, speaking of hacking the
Makefiles, you really only need to hack the topmost one. The value
of AR will be propagated down.
[[EMAIL PROTECTED] - Fri Jun 21 09:37:30 2002]:
This applies to openssl 0.9.6d (and all earlier versions)
The build
Good catch! I've renamed the macro argument to 'bg', which is the
same as other macros further down use.
[[EMAIL PROTECTED] - Fri Jun 21 09:54:34 2002]:
#define M_PKCS12_cert_bag_type(bag)
OBJ_obj2nid(bag-value.bag-type)
if the variable passed in has the name bag, this works, but
This is not a bug, it's a misunderstanding on your part.
By default, request extensions aren't copied to the new certificate.
However, in the [ca] section, you can have the setting
'copy_extensions' with one of the following values:
none Doesn't copy anything (default)
copy
It would be nice if you told us which configuration target you used.
If you don't know, the following will give you the answer:
grep '^CONFIGURE_ARGS=' Makefile
[[EMAIL PROTECTED] - Sun Jun 23 16:44:16 2002]:
hi,
i try to compile openssl 0.9.6d and 0.9.7-beta2 under AIX 5.1 (ML
Change applied and commited. Thanks.
[[EMAIL PROTECTED] - Mon Jun 24 16:30:46 2002]:
OpenSSL won't build a 64-bit shared library correctly unless -m64
is
given to gcc when invoked as linker. For testing purposes I added
-m64 manually to SHARED_LDFLAGS. Compiling and 'make test' went
Change applied and committed. Thanks!
[[EMAIL PROTECTED] - Tue Jun 25 21:48:00 2002]:
Line 91 of apps/pkcs7.c contains
int ret=0;
Can this be changed to
int ret=1;
So that the pkcs7 command will return 1 on error and 0
if successful?
--
Richard Levitte
[[EMAIL PROTECTED] - Thu Jun 27 11:32:12 2002]:
A few comments...
rand.h : Various files in the tree (crypto/des/rand_key.c, for
example)
include rand.h without including anything that would drag in
windows.h
and
hence windef.h under Win32. This causes a problem with the
prototype
of
[[EMAIL PROTECTED] - Thu Jun 27 11:32:12 2002]:
x509.h : This is the change I'm genuinely unsure about. x509.h
includes
asn1.h, but both x509/x_all.c and x509v3/v3_bitst.c reference (via
macros)
struct ASN1_ITEM_st, which is defined not in asn1.h but in asn1t.h.
Since both files include
John, I didn't notice this before, but VC-64.pl is missing from your
patch. Could you please send it to us?
I've set up my laptop (running W2K, which I assume will be OK) with the
platform SDK you mentioned and will do a testrun as soon as I can.
--
Richard Levitte
All changes have now been applied, so I'm setting this ticket to
resolved. Please download the next snapshot (tomorrow) and try it
out.
--
Richard Levitte
__
OpenSSL Project
[[EMAIL PROTECTED] - Thu Jun 27 15:49:46 2002]:
Yes, I did notice that after sending, so it's not that big a deal
as I
first thought. I can see two solutions:
- Add another field to Configure
Yes, that could be a possibility. Another is to call make like this:
make AR=foo
Also,
for Win32.
now the installation work fine.
Thanks
Francois
- Original Message -
From: Richard Levitte via RT [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Thursday, June 27, 2002 11:41 AM
Subject: [openssl.org #107] pb installing OpenSSL 0.9.7 beta2
I'd like to know which platform this is on.
--
Richard Levitte
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager
[[EMAIL PROTECTED] - Mon Jun 17 09:54:04 2002]:
The snapshot doesn't work under DJGPP, but I think that this patch
will fix it. There were several problems. In Configure, you tried
to
use ENV{DJDIR}, but this puts in a DOS style path such as
That was a mistake, I only changed one of the
Oops, sorry. Applied, please try again.
Also, do you have the possibility to check if it works properly with
Builder 4?
[[EMAIL PROTECTED] - Thu Jun 27 18:44:26 2002]:
You've missed part of the patch to BC-32.pl - I've attached the
missing
patch. There's also still the issue with
I changed pem2.h so it would check if pem.h has already been included.
That should fix the problem, I believe.
--
Richard Levitte
__
OpenSSL Project http://www.openssl.org
Development Mailing
[[EMAIL PROTECTED] - Thu Jun 27 17:42:23 2002]:
It's RISC OS. The command is still 'ar', but it's in a different
path and is a wrapper to a different tool which generates RISC OS
library files - i.e, not Archive files. Having said that, my
argument
falls a bit flat, because you can in
[[EMAIL PROTECTED] - Thu Jun 27 17:30:55 2002]:
That's funny, it's in my image, and I just zipped the entire thing up.
And now I discovered that 64all.bat is missing as well. *sigh*
--
Richard Levitte
__
OpenSSL Project
In message [EMAIL PROTECTED] on Wed, 03 Jul 2002 11:22:46 +0930,
[EMAIL PROTECTED] said:
Mark.Daniel 1) These had E_OS.H in the [.SSL] directory as well as
Mark.Danielthe top-level package directory. 0.9.7 only has it in
Mark.Danielthe top-level.
E_OS.H never existed in the [.SSL] as
Quick question: does string.h in Unixware define strcasecmp()?
strings.h is non-standard while string.h is standard, as far as I
know. We should change that in any case, unless someone has a
different opinion.
[[EMAIL PROTECTED] - Mon Jul 15 09:33:16 2002]:
This patch seems to have been
What version of OpenSSL are you talking about? check_pem() appeared
in OpenSSL 0.9.5, and has been entirely unchanged since. It
currently contains the following lines:
/* Allow normal certs to be read as trusted certs */
if(!strcmp(nm,PEM_STRING_X509)
Sorry, you're right, I misread your proposal...
I think Steve can answer a little better about the difference in the
default read and write functions. However, in the mean time,
there's nothing stopping you from using PEM_read
[[EMAIL PROTECTED] - Tue Jul 16 10:05:13 2002]:
Im using
Sorry, you're right, I misread your proposal...
I think Steve can answer a little better about the difference in the
default read and write functions.
In the mean time, did you notice that you mention the implementation
of X509 for reading, but X509_AUX for writing. How about using
Please ignore this one. I pushed the wrong button at the wrong
moment...
[levitte - Tue Jul 16 10:21:19 2002]:
Sorry, you're right, I misread your proposal...
I think Steve can answer a little better about the difference in
the
default read and write functions. However, in the mean
Note that Apple delivers OpenSSL 0.9.6b, so it may be that the
differences are few enough not to trigger much problems, apparently
with RC4 being the great exception. Actually, even this shouldn't
be a problem, if it weren't for some binary incompatibilities
between (I think) 0.9.6c and
In the 0.9.6-stable branch, the Darwin entry has information on how to
build with threading enabled, and has a much simpler set of arguments
than the corresponding enty in 0.9.7-stable and HEAD.
It seems to me like the entry in HEAD comes from previous experiments
and should be simplified
Test complete, 0.9.6e-dev went through without any problems.
I'll see if I can find the delivered libraries again and try to
reinstall them and see what effect that has on it all.
[levitte - Tue Jul 16 12:31:37 2002]:
Note that Apple delivers OpenSSL 0.9.6b, so it may be that the
[levitte - Tue Jul 16 13:01:40 2002]:
Test complete, 0.9.6e-dev went through without any problems.
I'll see if I can find the delivered libraries again and try to
reinstall them and see what effect that has on it all.
Done. With 0.9.6e-dev, I get exactly the same failure in the RC4
test
[levitte - Wed Jul 17 09:25:24 2002]:
[...] As for 0.9.8-dev, forget it for the moment, there are too
damn many symbols missing in /usr/lib/libcrypto.dylib.
I just tried building with shared support, and it actually works
with a little extra work in the makefiles (MacOS X uses
Actually, my answer suggest user error. I will therefore resolve this
ticket.
[levitte - Tue Jul 16 10:28:14 2002]:
In the mean time, did you notice that you mention the implementation
of X509 for reading, but X509_AUX for writing. How about using
PEM_read_bio_X509_AUX() or
Actually, I found that strcasecmp() is often declared in strings.h,
so it still needs to be included in most places. Therefore, I
applied your original patch.
This ticket is now resolved.
[levitte - Tue Jul 16 09:03:42 2002]:
Quick question: does string.h in Unixware define strcasecmp()?
This most likely yet again the problem with the way ld works on
MacOS X. I'll attach the PROBLEMS file that has a section about
this particular problem and possible solutions.
I hereby consider this ticket resolved.
[jaenicke - Tue Jun 11 13:55:44 2002]:
[[EMAIL PROTECTED] - Tue Jun 4
Has this problem been dealt with yet?
[jaenicke - Tue Jun 18 12:30:24 2002]:
On Mon, Jun 17, 2002 at 07:43:18PM +0200, [EMAIL PROTECTED] via RT
wrote:
redhat linux never upgraded libraries are rpm's glibc-2.1.92-14
and
glibc-devel-2.1.92-14. it's redhat 7.0. I think sysconf is
I've seen no further communications on this subject. Has this issue
been dealt with? Is there a change that we should apply, or shall
we just kill this ticket?
[jaenicke - Tue Jun 25 22:25:56 2002]:
[[EMAIL PROTECTED] - Tue Jun 25 20:51:20 2002]:
Hello friend,
I am working for IBM
I've reversed the patch. Bodo is correct, it's not OpenSSL's
responsability to do the various conversions that may be done by the
C run-time library anyway. If there are problems passing the
resulting file to some library that expects the formating to CRLF
line ends in a text file, the
It's in the middle of the afternoon, so I'm resolving this ticket.
I've mailed [EMAIL PROTECTED] about the whole
issue. Whenever I get a good answer, I'll make appropriate changes.
Until then, MacOS X will simply need to be tweaked before one can
compile OpenSSL on it.
[levitte - Wed Jul
As far as I know, most programs deliver verbosity to stderr rather
than stdout. One could argue that OpenSSL should have optional
verbosity, and I would agree. I'm not sure if this belongs in the
important range of fixes, however.
If a -verbose flag is to be added, I don't know if I want
Hey Andrew,
Actually, OpenSSL hasn't really been possible to build in
non-monolith mode, as far as I know. Honestly, I don't think
we should go the non-monolith path eaither, if you consider commands
like passwd...
If you tell me why you want to go non-monolith, I might change my
mind. No
[levitte - Thu Jul 18 19:41:51 2002]:
Hey Andrew,
Actually, OpenSSL hasn't really been possible to build in
non-monolith mode, as far as I know.
I meant to write hasn't really been possible to build in non-monolith
mode *in a long time*...
--
Richard Levitte
[EMAIL PROTECTED]
Fixed by letting X509_NAME_oneline() allocate the string. This ticket
is now resolved.
--
Richard Levitte
[EMAIL PROTECTED]
__
OpenSSL Project http://www.openssl.org
Development Mailing List
Those two files are copies of the 0.9.6d [engine] variants. However,
most functionality has been restored back to the pre-engine days (or
rather, the ENGINE framework has become much more transparent).
I'm tempted to just revert those two files back to what they are in
0.9.6d, but I'd like
I just did a tentative addition of history. Please check it and
complete it if needed.
[levitte - Thu Jul 18 11:19:52 2002]:
Has this been dealt with?
[jaenicke - Wed May 29 21:45:30 2002]:
The manual pages about the EVP wrapper do not reflect the
complete
history. Example:
For now, I've added a note in the documentation of RSA_check_key()
that explains that it doesn't work properly for hard keys and why.
We will ponder a little more on this issue.
[[EMAIL PROTECTED] - Wed Jun 19 09:52:27 2002]:
It wouldn't take much to make this function
compatible, or the
I just realised that the configuration entries for AIX currently
assume a 32-bit environment. The question is how gcc view this, and
especially what size an int is, and also the size of a long. If
either of them is 64 bits, a different configuration entry may be
useful, perhaps called
Since this hasn't been reported by anyone else and we haven't heard
from the original requestor in a while, I'm stalling this ticket.
--
Richard Levitte
[EMAIL PROTECTED]
__
OpenSSL Project
[geoff - Fri Jul 19 19:00:55 2002]:
Attached is a diff to the RSA_set_method.pod for starters - before I
start doing essentially regexp'd versions of this to the other PODs
and
other assorted wholesale document-surgery, could you take a look?
Those changes look good to me. I'd say you
I just took care of the last part of your request (which is a bug):
Hmm ... what else ... Ah ... I'm not sure if this really is a bug:
* The newest snapshot claims to be 0.9.8, but it installs files as
0.9.7.
--
Richard Levitte
[EMAIL PROTECTED]
I've no fixed the following items:
* Creating the links to the libraries fails on at least Solaris
regardless of the force flag:
installing libssl.so.0.9.6
+ ln -f -s libcrypto.so.0.9.6 libcrypto.so.0
ln: cannot create libcrypto.so.0: File exists
*** Error code 2
make: Fatal error:
Since Jeffrey has made such a good job analysing this, what are the
comments from everyone else? I'd like to be rid of OpenSSLdie() if
possible... I see no problem with the void-int conversion...
[[EMAIL PROTECTED] - Tue Jul 30 17:35:58 2002]:
That is fine. So the patches are out and
[[EMAIL PROTECTED] - Thu Aug 1 09:20:27 2002]:
On Wed, 31 Jul 2002, Jon Peatfield wrote:
Looking through the rest of the 0.9.6e patch I can't see any
other
cases where realloc() is called like this but I might well have
missed
some. I'm hoping that someone who understands the code
AAAaaargh! I didn't read properly. Please ignore my rant.
I rather believe that the change should be done in
OPENSSL_realloc(), so future uses elsewhere do not get into the same
trouble.
[levitte - Thu Aug 1 11:23:34 2002]:
[[EMAIL PROTECTED] - Thu Aug 1 09:20:27 2002]:
On Wed, 31
[jaenicke - Wed Jul 31 09:46:10 2002]:
[[EMAIL PROTECTED] - Wed Jul 31 09:35:46 2002]:
When I type ./config under HP-UX 10.20 I get the message
./config[398]: test: Specify a parameter with this command.
The problem occurs with version 0.9.6e, not with earlier
versions.
This
[jaenicke - Tue Jul 30 22:25:20 2002]:
[[EMAIL PROTECTED] - Tue Jul 30 18:49:55 2002]:
Some of the files in the 0.9.6e tarball have restrictive
permissions
which prevent building and installing as different non-privileged
users.
-rw--- openssl/openssl 23853 Jul 30 11:06 2002
Hmm, there's a problem that haven't been addressed at all by the
IETF. SSLv3 contains the following as part of it's ciphersuite:
The final cipher suites are for the FORTEZZA token.
CipherSuite SSL_FORTEZZA_KEA_WITH_NULL_SHA = {
0X00,0X1C };
CipherSuite
Patch applied as given. Thanks. This ticket is now resolved.
[[EMAIL PROTECTED] - Thu Aug 1 15:15:55 2002]:
Hi,
The -rother option of the 'ocsp' command is not processed correctly
(probably nobody has used it before :-)). Here is a patch for
openssl-0.9.7-beta3, I tested and it
[[EMAIL PROTECTED] - Wed Jul 24 14:24:12 2002]:
1) cmdline openssl rsa cannot read keys from stdin, they have to be
specified using the -in argument.
I believe I've fixed this part. Please test the next snapshot.
--
Richard Levitte
[EMAIL PROTECTED]
[[EMAIL PROTECTED] - Wed Jul 24 14:24:12 2002]:
2) cmdline openssl x509 doesn't set AKI although it is specified
in the
config file and the CA cert has an appropriate SKI.
Do you have the possibility to send me that config file, your CA cert
and that resulting cert, so I can take a look,
[[EMAIL PROTECTED] - Thu Aug 1 23:12:26 2002]:
We tracked this problem to the use of parallel make (make -P under
IRIX). The test routines run shell scripts that are not safe to
run in parallel. For example, in tx509 there is the sequence:
cp $t fff.p
$cmd -in fff.p -inform p -outform p
[[EMAIL PROTECTED] - Fri Aug 2 09:00:52 2002]:
$ USER_CCDEFS =
_VMS_V6_SOURCE=1,__VMS_VER=6000,__CRTL_VER=6000
This, BTW, explains the problems you describe in PR 184. You see, the
declaration of strcasecmp() is wrapped in #if __CRTL_VER =
7000..#endif.
This means we
[[EMAIL PROTECTED] - Fri Aug 9 07:56:08 2002]:
The configuration and installation process of the new OpenSSL
0.9.6f
package is broken in several places. Same problems on Linux and
Solaris. The package cannot be installed properly.
OK, I thought the snapshots had been tested. My bad.
[levitte - Fri Aug 9 09:42:58 2002]:
4. The Makefile contains another error which prevents the
correct installation of shared libraries.
At the end of the install: section, the following line
$(MAKE) -f $$here/Makefile link-shared ); \
should read
The problem has been fixed. Please grab version 0.9.6g. This
ticket is now resolved.
[[EMAIL PROTECTED] - Sat Aug 10 00:44:57 2002]:
We have a question on the patched code:
http://www.openssl.org/news/patch_20020730_0_9_6d.txt
RCS file:
Get 0.9.6g, which fixes a few building bugs. This ticket will be
considered resolve.
[[EMAIL PROTECTED] - Mon Aug 12 18:34:28 2002]:
#make install
gcc -o rsa_test -I../include -fPIC -DTHREADS -D_REENTRANT
-DDSO_DLFCN
-DHAVE_DLF
CN_H -O3 -fomit-frame-pointer -Wall -DB_ENDIAN
I have solved problems 1 and 3. Problem 2 was will take a little
bit of pondering.
[[EMAIL PROTECTED] - Mon Aug 12 18:34:58 2002]:
1. In rmdtest.c:
If I build with OPENSSL_NO_RIPEMD and rmdtest.c fails to compile
because
openssl/ripemd.h cannot be found.
The line #include
[[EMAIL PROTECTED] - Tue Aug 13 00:08:25 2002]:
To see what would happen next, I added a
#else
else if (strcmp(*argv, -dhe1024dsa) == 0) {}
in the option test sequence. It now runs all the tests quite
happily but
crashes with several error lines in the cleanup code. Progress!
Back to
Bruce, unless you give me something else to go on, I'll change the
state of this ticket to resolved, on thursday.
[levitte - Sat Aug 10 02:58:49 2002]:
According to your log, that's 0.9.6e you're talking about. In
0.9.6f and 0.9.6g, The function OpenSSLDie() doesn't exist at all.
1 - 100 of 847 matches
Mail list logo