Re: OpenSSL 1.0.1 released

2012-03-15 Thread Bruce Stephens
"William A. Rowe Jr." writes: > On 3/14/2012 12:27 PM, Bruce Stephens wrote: >> open...@master.openssl.org (OpenSSL) writes: >> >> [...] >> >>> o Preliminary FIPS capability for unvalidated 2.0 FIPS module. >> >> I note that #2741 appears not to be resolved, so if you build on Windows >>

Re: OpenSSL 1.0.1 released

2012-03-15 Thread Mike Frysinger
On Thursday 15 March 2012 03:19:07 Ludwig Nussel wrote: > Dr. Stephen Henson wrote: > > On Wed, Mar 14, 2012, Mike Frysinger wrote: > >> i'm not looking for downstream workarounds here but rather the right > >> answer. is openssl-1.0.1 expected to be ABI compatible with > >> openssl-1.0.0 ? > > >

Re: OpenSSL 1.0.1 released

2012-03-15 Thread Ludwig Nussel
Dr. Stephen Henson wrote: > On Wed, Mar 14, 2012, Mike Frysinger wrote: >> i'm not looking for downstream workarounds here but rather the right answer. >> >> is openssl-1.0.1 expected to be ABI compatible with openssl-1.0.0 ? > > Yes. In brief the versioning scheme introduced with 1.0.0 is: >

Re: OpenSSL 1.0.1 released

2012-03-14 Thread William A. Rowe Jr.
On 3/14/2012 12:27 PM, Bruce Stephens wrote: > open...@master.openssl.org (OpenSSL) writes: > > [...] > >> o Preliminary FIPS capability for unvalidated 2.0 FIPS module. > > I note that #2741 appears not to be resolved, so if you build on Windows > and use --with-fipsdir=... then that prob

Re: OpenSSL 1.0.1 released

2012-03-14 Thread Mike Frysinger
On Wednesday 14 March 2012 19:23:14 Dr. Stephen Henson wrote: > On Wed, Mar 14, 2012, Mike Frysinger wrote: > > i'm not looking for downstream workarounds here but rather the right > > answer. is openssl-1.0.1 expected to be ABI compatible with > > openssl-1.0.0 ? > > Yes. In brief the versioning

Re: OpenSSL 1.0.1 released

2012-03-14 Thread Richard Levitte
I've looked at that, and the modes part is quite integral to a number of other algorithms. Supporting it being turned off is likely to be a maintainance nightmare (especially since it will seldom blow up considering most platforms today have a C compiler that supports long long). My conclusion is

Re: OpenSSL 1.0.1 released

2012-03-14 Thread Dr. Stephen Henson
On Wed, Mar 14, 2012, Iain Morgan wrote: > On Wed, Mar 14, 2012 at 10:09:22 -0500, OpenSSL wrote: > > -BEGIN PGP SIGNED MESSAGE- > > > >We consider OpenSSL 1.0.1 to be the best version of OpenSSL > >available and we strongly recommend that users of older versions > >upgrade as

Re: OpenSSL 1.0.1 released

2012-03-14 Thread Iain Morgan
On Wed, Mar 14, 2012 at 10:09:22 -0500, OpenSSL wrote: > -BEGIN PGP SIGNED MESSAGE- > >We consider OpenSSL 1.0.1 to be the best version of OpenSSL >available and we strongly recommend that users of older versions >upgrade as soon as possible. OpenSSL 1.0.1 is available for >

Re: OpenSSL 1.0.1 released

2012-03-14 Thread Dr. Stephen Henson
On Wed, Mar 14, 2012, Mike Frysinger wrote: > > i'm not looking for downstream workarounds here but rather the right answer. > is openssl-1.0.1 expected to be ABI compatible with openssl-1.0.0 ? > Yes. In brief the versioning scheme introduced with 1.0.0 is: Changes to last letter: security a

Re: OpenSSL 1.0.1 released

2012-03-14 Thread Mike Frysinger
On Wednesday 14 March 2012 17:18:19 Kurt Roeckx wrote: > On Wed, Mar 14, 2012 at 02:30:29PM -0400, Mike Frysinger wrote: > > On Wednesday 14 March 2012 14:25:32 Dr. Stephen Henson wrote: > > > On Wed, Mar 14, 2012, Mike Frysinger wrote: > > > > On Wednesday 14 March 2012 11:09:22 OpenSSL wrote: > >

Re: OpenSSL 1.0.1 released

2012-03-14 Thread Dr. Stephen Henson
On Wed, Mar 14, 2012, Bruce Stephens wrote: > open...@master.openssl.org (OpenSSL) writes: > > [...] > > > o Preliminary FIPS capability for unvalidated 2.0 FIPS module. > > I note that #2741 appears not to be resolved, so if you build on Windows > and use --with-fipsdir=... then that pro

Re: OpenSSL 1.0.1 released

2012-03-14 Thread Bruce Stephens
open...@master.openssl.org (OpenSSL) writes: [...] > o Preliminary FIPS capability for unvalidated 2.0 FIPS module. I note that #2741 appears not to be resolved, so if you build on Windows and use --with-fipsdir=... then that probably won't work. [...]

Re: OpenSSL 1.0.1 released

2012-03-14 Thread Kurt Roeckx
On Wed, Mar 14, 2012 at 02:30:29PM -0400, Mike Frysinger wrote: > On Wednesday 14 March 2012 14:25:32 Dr. Stephen Henson wrote: > > On Wed, Mar 14, 2012, Mike Frysinger wrote: > > > On Wednesday 14 March 2012 11:09:22 OpenSSL wrote: > > > >OpenSSL version 1.0.1 released > > > >=

Re: OpenSSL 1.0.1 released

2012-03-14 Thread Mike Frysinger
On Wednesday 14 March 2012 14:36:09 Dr. Stephen Henson wrote: > On Wed, Mar 14, 2012, Mike Frysinger wrote: > > On Wednesday 14 March 2012 14:25:32 Dr. Stephen Henson wrote: > > > On Wed, Mar 14, 2012, Mike Frysinger wrote: > > > > On Wednesday 14 March 2012 11:09:22 OpenSSL wrote: > > > > >Ope

Re: OpenSSL 1.0.1 released

2012-03-14 Thread Tomas Mraz
On Wed, 2012-03-14 at 19:36 +0100, Dr. Stephen Henson wrote: > On Wed, Mar 14, 2012, Mike Frysinger wrote: > > > On Wednesday 14 March 2012 14:25:32 Dr. Stephen Henson wrote: > > > On Wed, Mar 14, 2012, Mike Frysinger wrote: > > > > On Wednesday 14 March 2012 11:09:22 OpenSSL wrote: > > > > >

Re: OpenSSL 1.0.1 released

2012-03-14 Thread Dr. Stephen Henson
On Wed, Mar 14, 2012, Mike Frysinger wrote: > On Wednesday 14 March 2012 14:25:32 Dr. Stephen Henson wrote: > > On Wed, Mar 14, 2012, Mike Frysinger wrote: > > > On Wednesday 14 March 2012 11:09:22 OpenSSL wrote: > > > >OpenSSL version 1.0.1 released > > > >===

Re: OpenSSL 1.0.1 released

2012-03-14 Thread Mike Frysinger
On Wednesday 14 March 2012 14:25:32 Dr. Stephen Henson wrote: > On Wed, Mar 14, 2012, Mike Frysinger wrote: > > On Wednesday 14 March 2012 11:09:22 OpenSSL wrote: > > >OpenSSL version 1.0.1 released > > >=== > > > > > >http://www.openssl.org/source/ex

Re: OpenSSL 1.0.1 released

2012-03-14 Thread Dr. Stephen Henson
On Wed, Mar 14, 2012, Mike Frysinger wrote: > On Wednesday 14 March 2012 11:09:22 OpenSSL wrote: > >OpenSSL version 1.0.1 released > >=== > > > >http://www.openssl.org/source/exp/CHANGES. > > > >The most significant changes are: > > > > o TL

Re: OpenSSL 1.0.1 released

2012-03-14 Thread Mike Frysinger
On Wednesday 14 March 2012 11:09:22 OpenSSL wrote: >OpenSSL version 1.0.1 released >=== > >http://www.openssl.org/source/exp/CHANGES. > >The most significant changes are: > > o TLS/DTLS heartbeat support. > o SCTP support. > o RFC

Re: OpenSSL 1.0.1 released

2012-03-14 Thread Andy Polyakov
> Unfortunately, it is still not possible to build on VAX architecture, > because the "[openssl.org #2653] [BUG] OpenSSL 1.0.1 OpenVMS issues > on VAX" is sill not solved. http://www.mail-archive.com/openssl-dev@openssl.org/msg29956.html

RE: OpenSSL 1.0.1 released

2012-03-14 Thread Arpadffy Zoltan
Hello, Thank you very much for 1.0.1 release. It builds and works perfect on OpenVMS Alpha and IA64 architectures - as long I could test it. Unfortunately, it is still not possible to build on VAX architecture, because the "[openssl.org #2653] [BUG] OpenSSL 1.0.1 OpenVMS issues on VAX" is sill