I believe you mean 2022-10-29.
Correct, our automation machinery went belly up during the 29th,
alongside our web server. It's up and running now.
Cheers,
Richard
On Mon, 31 Oct 2022 12:17:49 +0100,
The Doctor via openssl-users wrote:
>
> No snapshots since 2022-10-19.
>
>
Thanks for the notification, it seems our web server went belly up
over the weekend. We'll investigate.
Cheers,
Richard
On Sun, 30 Oct 2022 19:41:02 +0100,
James Muir wrote:
>
> https://www.openssl.org/docs/manmaster/man7/provider.html ("service
> unavailable")
> ht
t me ask you this: on what Windows version was your application
built? Common wisdom would be to build on the oldest version...
Cheers,
Richard
On Thu, 20 Oct 2022 02:54:19 +0200,
David Harris wrote:
>
> Up front, I'd like to apologize if this is an FAQ or has been answered
> elsewher
. That is to say, it may change in the future... or not.
Happy experimenting!
Cheers,
Richard
On Sat, 20 Aug 2022 08:17:56 +0200,
b1...@b1bb2.com wrote:
>
> To: openssl-users@openssl.org
> I am experimenting with
> https://github.com/openssl/openssl/archive/refs/heads/master.zip
>
On Mon, 14 Mar 2022 at 11:03, Tomas Mraz wrote:
> On Mon, 2022-03-14 at 08:58 -0300, Richard Dymond wrote:
> > By the way, the reason I need to get the 'r' and 's' values from the
> > DSA signature is that I am encoding them one after the other as 160-
> > bit unsigned inte
DSA_SIG
(i.e. without having to extract 'r' and 's' first and then use BN_bn2bin())?
Richard
[1] https://datatracker.ietf.org/doc/html/rfc4253#section-6.6
place in the blob
Which seems very cumbersome, and requires intimate knowledge of the layout
of the signature blob.
Is there a better way to get the 'r' and 's' values from a DSA signature in
OpenSSL 3.0 without using deprecated functions?
Thanks.
Richard
'no-module' will do what you want. I noticed, though, that the
documentation in INSTALL.md isn't entirely clear on what that does.
./config --prefix=$HOME/local/openssl-3.0.1 no-shared no-module
Cheers,
Richard
On Tue, 22 Feb 2022 07:37:03 +0100,
Shunichi Shinohara wrote:
>
> H
ne, and this seems to be it.
Richard
and it produced exactly the same output each time, so
presumably the reason has nothing to do with the config file being unique
to the machine.
Does it have something to do with the FIPS standard itself?
Richard
Y)
Cheers,
Richard
On Mon, 23 Aug 2021 21:42:00 +0200,
Ken Goldman wrote:
>
> I get warnings on all my ASN1_SEQUENCE_END, a missing prototype for the _it
> functions.
> The code is working, but I'd like a clean compile.
>
> 3.0.0 only, 1.0.2 and 1.1.1 are OK.
>
>
led by default because it doesn't add
any security."
I'm sure this can be debated, but that's at least an explanation.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
hadn't discovered the 'cert:' "scheme". That answers quite a lot :-)
Time for me to throw away my skeleton then ;-)
Cheers,
Richard
On Thu, 01 Jul 2021 19:49:00 +0200,
Reinier Torenbeek wrote:
>
> Hi,
>
> For anyone interested in leveraging Windows CNG with OpenSSL 1.1.1, yo
have access to
> nmake.exe.
>
> !IF "$(DESTDIR)" != ""
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
this, as we can probably assume that it's a corporate
filter that automagically adds those.
And oh boy! openssl-users having almost 3000 subscribers, that's
quite a lot of people to chase down and ensure they have destroyed all
copies, I tell ya! "Good luck" is probably an appropriate response
On Tue, 22 Jun 2021 21:58:30 +0200,
Michael Richardson wrote:
>
> Richard Levitte wrote:
> >> But, having both "libssl-dev" and "libssl3-dev" installed at the same
> >> time is going to be a problem.
>
> > Not really.
" and "libcrypto3". Yeah, maybe that's uncool,
> but it may be pragmatic.
It's not at all pragmatic, let alone not at all cool, seeing that
libssl3 isn't ours. I hope you understand this at this point.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
lse
/***lower version code */
#include
#endif
If that's not the case, you may have found a bug. A short example
program that demonstrates this flaw would be nice in that case.
Cheers,
Richard
On Thu, 06 May 2021 12:38:30 +0200,
Shivakumar Poojari wrote:
>
>
I juste add this:
(stdin)= a9ea3acfbc9406a774245ac029d8d9f2
root@PKI:/# /usr/bin/openssl req -in /ca/network-ca/csr/network-ca.csr -noout
-modulus | openssl md5
(stdin)= a9ea3acfbc9406a774245ac029d8d9f2
-Message d'origine-
De : openssl-users De la part de Richard
Simard
Envoyé : 16
When I try to sign a certificate, I get this message and yet the certificate
and the key match
Someone can help me?
Tank You!
Richard Simard
root@PKI:/# /usr/bin/openssl ca -selfsign -config /etc/root-ca.conf -in
/ca/network-ca/csr/network-ca.csr -out /ca/network-ca/crt/network-ca.crt
t;EVP_PKEY_decrypt".
I believe that one of these functions would help you:
EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_pkey(OSSL_LIB_CTX *libctx,
EVP_PKEY *pkey, const char *propquery);
Cheers,
Richard
--
Richar
Cheers
Richard
The Doctor skrev: (14 februari 2021 13:33:51 CET)
>Anyome running tests running into an infinite loop
>on 04-test_encoder_decoder_legacy.t ?
--
Richard by mobile
This was a good find, thank you all.
It's clearly a bug. Fix on GitHub, in PR #14030
(https://github.com/openssl/openssl/pull/14030)
Cheers,
Richard
On Thu, 28 Jan 2021 21:04:17 +0100,
Russ Housley wrote:
>
> [1 ]
> [2 ]
> RFC 4055 says:
>
>The object identifie
That should be fixed, I merged a fixup commit yesterday.
Cheers,
Richard
On Mon, 25 Jan 2021 15:56:28 +0100,
The Doctor wrote:
>
> Anyone using BSD running into basename issues?
>
> --
> Member - Liberal International This is doctor@@nl2k.ab.ca Ici
> doctor@@nl2k.ab.
n't see that any of us will protest if someone chooses to
chip in and add such support, at least in our providers [*]
-
[*] in other words, PR welcome... I believe that the RSA-PSS work
can be a good enough template that RSA-OAEP key support doesn't
have to be too hard to do.
Cheers,
I would like to know if among you, if anyone would have a good example in order
to integrate a Certificates Transparency list into my certificates.
Tank You!
Richard Simard
isbehaving machinery.
Apart from hightened emotions (I understand them, believe you me), are
there tangible reasons for applying the kind of arbitrary
sledge-hammer that you propose?
I would rather not, unless I really must.
Cheers,
Richard
On Mon, 31 Aug 2020 16:28:53 +0200,
Marc Roos wrote:
&
It would be helpful if you showed us the Configure options, as they
may very well have affected diverse macros.
Cheers,
Richard
On Thu, 23 Jul 2020 21:39:45 +0200,
prudvi raj wrote:
> Hi,
>
> We are upgrading our code base to openssl 1.1.1g from 1.0.2k.
> During Compilation
he
normal object files that are used to build up libraries and
applications, and are produced in OpenSSL before 1.1.0 as well.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
I have it uploaded to pgp.mit.edu. It should replicate from there, I
at least also found it on keys.gnupg.net.
Cheers,
Richard
On Thu, 16 Jul 2020 16:03:37 +0200,
Bruce Cloutier wrote:
>
> Where can I get the PGP key for the signature for this message? Seems
> not to have been
Fixed!
On Sat, 04 Jul 2020 23:35:28 +0200,
Richard Levitte wrote:
>
> Hmmm... I can see issues over IPv4 from my laptop, but it works
> flawlessly over iPv6, as well as from the VMS machines I've access to
> (over IPv4). Not sure what's going on there.
>
> The Doctor, woul
Hmmm... I can see issues over IPv4 from my laptop, but it works
flawlessly over iPv6, as well as from the VMS machines I've access to
(over IPv4). Not sure what's going on there.
The Doctor, would you mind telling us what's going on on your end?
Cheers,
Richard
On Sat, 04 Jul 2020 23:06:54
nfiguration.
We do produce alongside static libraries alongside the DLLs since
1.1.1: libcrypto_static.lib.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
I have very little knowledge of Rust... however, there seems to exist
an openssl crate available already: https://docs.rs/openssl/0.10.29/openssl/
Does that help?
Cheers,
Richard
On Tue, 23 Jun 2020 23:38:38 +0200,
Ken Goldman wrote:
>
> Environment is Windows, Visual Studi
On Thu, 18 Jun 2020 09:25:43 +0200,
Hal Murray wrote:
>
> In the context of making things go fast/clean, do I need a reset? If so, why?
No. I sent another message where I pointed out that I made a mistake
when saying so.
--
Richard Levitte levi...@openssl.org
OpenSSL P
hat engine doesn't implement it. In other words,
you do have this situation in 1.1.1 as well, just less obviously.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
On Thu, 18 Jun 2020 08:27:13 +0200,
Richard Levitte wrote:
>
> I think 16k was enough to demonstrate that the timing difference
> becomes more marginal the larger the amount of data to encrypt in the
> same session is.
>
> This makes me think that we might want to rethink t
, i.e. pass the key anew, etc etc
etc.
Cheers,
Richard
On Thu, 18 Jun 2020 06:50:45 +0200,
Hal Murray wrote:
>
> > How does it look for large input? As in many kilobytes or megabytes?
>
> 16K is all I was willing to wait for. Timing for really long blocks turns
>
your code to see what's going on.
Regarding preloaded cipher and key, that tells me that the actual
computation of a MAC is quick enough, that most of the slowdown is
parameter overhead. That was expected.
Cheers,
Richard
On Sun, 14 Jun 2020 17:30:50 +0200,
Hal Murray wrote:
>
> In g
e set of functions EVP_DigestSign*.
Attached is the diff of your program, rewritten to use that.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
===File /tmp/pkey.c.diff
--- /home/levitte/tmp/pk
ent in EVP_MAC_xxx?
>
> ---
>
> I found the params stuff, but that's new in 3.0.0
> How do I do it in 1.1.1 or earlier?
In 1.1.1 and earlier, there is a different idea, using EVP_PKEY
routines to "sign" with a MAC. We have a EVP_PKEY to EVP_MAC bridge
in 3.0.0 to bridge the
p with a BIO
method that supports whatever file API that UWP supports.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
example:
perl Configure VC-WIN64I no-asm
Also, just in case you made a mistake and are running on a regular
x86_64 CPU (Intel or AMD, doesn't matter), you should use the config
target 'VC-WIN64A' instead of 'VC-WIN64I'.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
any
> OpenSSL 3.0 sanctionned, EVP_PKEY-based way to crypt using a private
> key and decrypt using a public key?
Yes, see above. Those functions have been around for a while, I think
you can start playing with them in any current OpenSSL version.
Cheers,
Richard
--
Richard Levitte
amounts to only one, even though it then contains a series of
certificates, so that's not really part of the discussion here)
Cheers,
Richard
On Fri, 22 May 2020 09:41:53 +0200,
Kyle Hamilton wrote:
>
> There is a format that puts all DER certificates into a single DER-formatted
>
recently added an X509_LOOKUP variant that uses OSSL_STORE
for its object retrieval, see the section 'OSSL_STORE Method' in
doc/man3/X509_LOOKUP_hash_dir.pod in recent OpenSSL source, such as
the alpha releases)
Cheers,
Richard
On Fri, 22 May 2020 00:53:39 +0200,
paul h. roubekas wrote:
> I am a compl
becomes
part of libcrypto, in an inaccessible state (in other words, you still
have to "load" it).
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
remember if it was
discussed in particular... it might simply be an omission.
All that being said, DH_bits() was undeprecated yesterday. See
https://github.com/openssl/openssl/pull/11669
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
e major one is that provider modules are
intended to be fairly OpenSSL version agnostic, by design. Engines
are unfortunately not version agnostic at all, acutely so since
OpenSSL 1.1.0. So while provider modules do not need to be updated
for every OpenSSL version, engines do.
Cheers,
Richard
>
>
Would you mind testing if https://github.com/openssl/openssl/pull/11655
fixes this?
Cheers,
Richard
On Mon, 27 Apr 2020 18:29:12 +0200,
Blumenthal, Uri - 0553 - MITLL wrote:
>
> I hit this problem recompiling libp11 with the current OpenSSL-3.0 master.
> It's on MacOS Catalin
.h before ssl.h. Is this intentional or a bug?
>
> It's easy enough for me to fix this in my source code, but other
> packages that rely upon openssl break with "ssl.h is unusable" errors
> due of this change (OpenLDAP is one such example).
>
> Norm Green
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
terns there
with the attribute 'export-ignore'. Those are files that don't make
it into the tarball.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
Hi,
could you share commands that led to this error?
It looks to me referenced non existent section in config file like as param
"-extensions" option.
Regards,
Libor
On 2020-04-06 19:43, Richard Simard wrote:
Hi!
Anybody can help me whit this error?
Error Loading
Hi!
Anybody can help me whit this error?
Error Loading extension section server_cert
140091048477824:error:0E06D06C:configuration file routines:NCONF_get_string:no
value:../crypto/conf/conf_lib.c:273:group=CA_default name=email_in_dn
140091048477824:error:0E06D06C:configuration file
. Unfortunately...
Cheers,
Richard
On Fri, 20 Mar 2020 22:12:08 +0100,
Salz, Rich via openssl-users wrote:
>
>
> The doc/man5/config.pod file says to use
>
> 1.OU = “My first OU”
>
> 2.OU = “My second OU”
>
> But doc/man5/x509v
this in my checkout of OpenSSL's master branch:
./Configure linux-generic64 no-asm no-threads \
--cross-compile-prefix=riscv64-linux-gnu-
Running 'make' was a breeze, it went through flawlessly.
I haven't done much further tests, though.
Cheers,
Richard
On Mon, 09 Mar 2020 20:23
o tries this will have to be
prepared for it to take a while to get into the main source.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
://www.groupesti.com/img/logo-28x28.png]Groupe Solutions TI
[cid:image002.jpg@01D5F141.F213CD90]
Richard Simard
B. Sc. I, ING. I, M.S.I. ASER
Président
Agent Provincial FQCQ
Matricule : 83787
Radioamateur : VA2SI Formateur et Examinateur
Groupe Solutions TI
3-4109, Saint-Alexandre
Saguenay, Québec
G8A 2H1, Canada
, but
it would be just that, a simulation, and I'm quite sceptical that it
would gain you much more than the mere comfort of having an interface
that you're used to deal with.
Cheers,
Richard
On Sun, 02 Feb 2020 15:27:52 +0100,
Eran Borovik wrote:
> I am in the process of integrating OpenSSL with
Fixed.
Side note: openssl-...@openssl.org does not exist any more.
Cheers,
Richard
On Sat, 21 Dec 2019 07:32:30 +0100,
The Doctor wrote:
>
> What is happening.
>
> For 2 days in a row, the snapshots are not available.
>
> What gives?
> --
> Member - Liberal Inte
engine that supports message digest and
> asymmetric crypto (sign
> and decrypt), I am trying to port the existing simple/demo engines from the
> Engine Corner examples
> (thanks, Richard!).
>
> The fork of https://github.com/engine-corner/Lesson-2-A-digest.git that
> compiles
[cipher_overhead_test]=../libcrypto.a ../libssl.a libtestutil.a
ENDIF
SOURCE[uitest]=uitest.c ../apps/lib/apps_ui.c
Cheers,
Richard ( I'll check if there are others with the same problem )
On Fri, 22 Nov 2019 17:20:53 +0100,
Claus Assmann wrote:
>
> Just FYI: trying to build openssl
For C compilers that can't generate makefile dependency files, we have
makedepend as a fallback.
Cheers
Richard
shiva kumar skrev: (24 oktober 2019 20:41:28 CEST)
>what is the use of makedepend in openssl 1.1.1?
>openssl 1.1.1 can build without makepend then what's the use of
>m
On our RHEL7 system I created a local CA. When i try to sign the linux
created csr there is no problem. But trying to sign from Palo Alto or F5
csr's it errors with
The stateOrProvinceName field needed to be the same
> in the CA certificate CA certificate (My Entry) and the request (My Entry)
the
right move. However, if your applications do deal with threads,
directly or indirectly, disabling threads in libcrypto is of course a
bad move.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
2b supported in openssl-dgst (latest OpenSSL release)?
No, sorry. It has been added for upcoming OpenSSL 3.0, though.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
On Tue, 08 Oct 2019 14:59:23 +0200,
Richard Levitte wrote:
>
> On Mon, 07 Oct 2019 21:55:50 +0200,
> Dan Heinz wrote:
> >
> > >The no-dso is silently not valid in 1.1.1c. That option didn't work
> > >right, so it was unusable in practice anyway. However, som
>The specific patch may be possible to find on github (unless that branch has
> >been deleted), otherwise you will have to cherry-pick the appropriate commit.
>
> >Github PR: https://github.com/openssl/openssl/pull/9889
> >Commit ID: 8dcd57461972dceaaf014b71d173d0a8758e7054
&
), otherwise you will have to cherry-pick the
appropriate commit.
Github PR: https://github.com/openssl/openssl/pull/9889
Commit ID: 8dcd57461972dceaaf014b71d173d0a8758e7054
Cheers,
Richard
On Mon, 07 Oct 2019 17:19:26 +0200,
Dan Heinz wrote:
>
>
> Please bear with me as I am a Windows
(i.e. actually check if there's any pending
input or output).
Simply put, the zlib BIO filter doesn't behave correctly in this
regard. Corrective PR here: https://github.com/openssl/openssl/pull/9876
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
Thanks for the heads up.
For some reason, the information at our CDN remained incorrect for the
"BAD" files, so I purged all the current release files there, so their
cache for them would rebuild from scratch. They look better now.
Cheers,
Richard
On Thu, 12 Sep 2019 00:25:40 +
Issue found... Apache detected .gz in the file name and set the
encoding to 'application/x-gzip'... Apparently, we already force .asc
and .sha1 files to application/binary, but have apparently not added a
similar directive for .sha256 files.
Now done.
Cheers,
Richard
On Wed, 11 Sep 2019 22:04
like the best immediate hack to me.
"hack" would be the operative word here. While it's true that this
would fulfill the objective, I frankly wouldn't like to see such a
cert.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
This bug was found a couple of days after 1.1.1b was released. The fix us found
in commit dbb1340314fcec37662d79720e6566fdd5a232e8
The best thing you can do is to update your source to 1.1.1c, which has this
fix and more.
Cheers
Richard
Michael Wojcik skrev: (2 augusti 2019 16:00:59
CEST
to fetch stuff that the ENGINE
API doesn't have specific support for (certs and list of certs and
whatever other stuff I forget). I'm replacing with support for the
OSSL_STORE API, so those things can be fetched in a better supported
manner.
Cheers,
Richard ( https://github.com/openssl/openssl/pull
I did some server maintenance this morning, and that may have interrupted
today's snapshot production.
I don't intend to fix it. A new snapshot should appear tomorrow.
Cheers
Richard
The Doctor skrev: (26 juli 2019 12:23:15 CEST)
>What happened? I do not see any.
--
Richard by mobile
ion_conf. All library configuration lines appear in the
default section at the start of the configuration file.
"the default section" is key.
So the "openssl_conf = openssl_init" line must be early in the config
file. The order of the different named sections doesn
RSA_set0_key() is the function you should use.
For more information, do 'man RSA_set0_key', or have a look here:
https://www.openssl.org/docs/man1.1.0/man3/RSA_set0_key.html
Cheers,
Richard
On Wed, 10 Jul 2019 11:51:01 +0200,
Swamy J-S wrote:
>
>
> Recently i upgraded openssl f
the static library instead of the shared
one, unconditionally.
Cheers
Richard
"J. J. Farrell" skrev: (19 juni 2019 20:11:53 CEST)
>Have you tried it? It's the simplest way to find out what would happen,
>
>though it's a very strange thing to do. It's almost certainly not the
&g
I'd suggest reading the files called 'README' and 'INSTALL' as a start.
Cheers
Richard
"Lewis, Michael L" skrev: (11 juni 2019 18:55:48
CEST)
>Hi,
>
>I'm trying to build OpenSSL for windows (openssl-1.1.1c), I do the
>following steps:
>
>
>1. cd into open
The correct line would be:
INCLUDE[../../libcrypto]=../include
(or well, if there's a '../include' somewhere in a SOURCE directive,
it should be removed)
Cheers,
Richard
On Tue, 04 Jun 2019 22:12:09 +0200,
Salz, Rich via openssl-users wrote:
>
>
> I am importing some code int
e that we don't use any more
Remove Itanium assembler for RC4 and MD5 (assembler versions of old and
weak algorithms for an old chip)
Standardize apps/rehash copyright comment; approved by Timo
Put dual-copyright notice on mkcert
Reviewed-by: Richard Levitte
(Merged from
In what way does it link to both? What output do you get when running
'ldd' in your application? Is it using some kind of dynamic module
that happens to be linked with an older OpenSSL version?
Cheers,
Richard
On Tue, 28 May 2019 06:59:27 +0200,
Chethan Kumar wrote:
>
>
> Dear all,
to generate one (a
single top Makefile).
Please read INSTALL for more information.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
The diverse things that 'make update' generates is supposed to be the
same across platforms, so the intention is that they get generated on
one platform (Linux / Unix) and that these changes get distributed to
all others.
Cheers,
Richard
On Fri, 24 May 2019 14:38:14 +0200,
Lynch, Andrew wrote
Well, those -I options are directly generated from 'INCLUDE'
statements in build.info files.
Would you mind giving me the output from this command?
perl configdata.pm --dump
Cheers,
Richard
On Fri, 24 May 2019 04:45:11 +0200,
dengwenbin_0301 wrote:
>
>
> I tried on opens
How static do you want it to be? There is the configuration option
'-static' that makes the binary as independent as possible, i.e. even
links it with static libc.
Cheers,
Richard
On Thu, 23 May 2019 08:26:43 +0200,
Raveendra Padasalagi via openssl-users wrote:
>
>
> Hi,
>
>
es when one wants to mix/add extra randomness
>from, e.g., an external source (that, for whatever reasons, is trusted
>more than what's provided by the system).
>
>Then just set it to 1.0 and be done with it.
That hardly helps on systems that don't have floating point at all.
Cheers
R
quot;\"/usr/local/lib/engines-3\""
-DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DNDEBUG -MMD -MF
apps/libapps-lib-app_rand.d.tmp -MT apps/libapps-lib-app_rand.o -c
-o apps/libapps-lib-app_rand.o ../apps/app_rand.c
So the question is what hap
The issue isn't with any defined or not so defined macro, but most
probably rather with how you're loading the library in the 3rd party
code base. Could it be that you're linking with libssl only?
Cheers,
Richard
On Fri, 10 May 2019 22:29:36 +0200,
Sunghyun Park wrote:
>
> Hi, all.
And now, to openssl-users. Oops...
Originalmeddelande
Från: Richard Levitte
Skickat: 16 maj 2019 08:34:06 GMT-07:00
Till: John Unsworth
Ämne: RE: OpenSSL 1.1.1b tests fail on Solaris - solution and possible fix
The actual problem is the call of DEFINE macros in safestack.h
Well, you do need to actually build it, i.e. run "make"
What I want to do is exactly what you did that got you that error.
What command did you run after configuring?
Cheers,
Richard
On Mon, 13 May 2019 07:19:31 -0700,
Samiya Khanum wrote:
>
>
> Hi Richard,
>
>
What else did you do other than configuring?
Cheers
Richard
Samiya Khanum via openssl-users skrev: (13 maj 2019
05:19:18 GMT-07:00)
>Hi,
>
>Earlier our application used openSSL version 1.0.2n. We want to upgrade
>to
>1.1.1b.
>When I compile openssl, I see "openssl
..
Cheers,
Richard
On Thu, 25 Apr 2019 10:06:53 +0200,
Swamy J-S wrote:
>
>
> Am working in Ubuntu 18.04 with openssl 1.1.0g version. I built a custom
> openssl engine and now i
> want to use this engine instead of default openssl engine.
>
> My engine library name is
e Borland comes with some
kind of make utility... or do Borland users use something else?
What's its default Makefile name?
Cheers,
Richard ( slowly working out something that is more flexible )
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
On Wed, 10 Apr 2019 at 17:25, Benjamin Kaduk via openssl-users <
openssl-users@openssl.org> wrote:
> On Wed, Apr 10, 2019 at 12:13:27PM -0400, Dennis Clarke wrote:
>
> > Very odd. I thought that there were more at one point.
>
> The ones with truncated (8-byte) authentication tag are not intended
Hi All,
I haven't found a way to list the supported openssl ciphers from the
command line (i.e. get the list of potential values for -ciphersuites). I
understand that currently there are only 5 options however this could
change over time, so I wanted to avoid hard coding the list in a script. Am
On Tue, 19 Mar 2019 at 07:56, Swamy J-S wrote:
> Right now my code uses curl library with libcurl4 and gnuTLS as SSL
> backend. Am using many curl options such as CURLOPT_SSL_VERIFYPEER ,
>
If you use gnuTLS as your SSL backend then this is nothing to do with
openssl at all.
Kind Regards
Rich
Tentative fix: https://github.com/openssl/openssl/pull/8548
On Thu, 21 Mar 2019 07:22:39 +0100,
Richard Levitte wrote:
>
> Said and done: https://github.com/openssl/openssl/issues/8547
>
> I would appreciate it if you followed what's happening there and
> helped out g
Said and done: https://github.com/openssl/openssl/issues/8547
I would appreciate it if you followed what's happening there and
helped out getting it right...
Cheers,
Richard
On Thu, 21 Mar 2019 07:09:37 +0100,
Richard Levitte wrote:
>
> "collect2" indicates that this isn't Sol
1 - 100 of 1377 matches
Mail list logo