Re: [openssl-users] enable TLS_RSA_WITH_RC4_128_MD5 in openssl 1.1.0e?

2017-06-02 Thread Matt Caswell
On 01/06/17 18:16, Siyuan Xiang wrote: > Hi Matt, > > I tried the following command, it failed. following is my command. > > ./config enable-weak-ssl-ciphers --prefix=/opt > make > make DESTDIR=/path/to/dir INSTALL > > $ ./openssl version > OpenSSL 1.1.0e 16 Feb 2017 > > ./openssl

[openssl-users] ECDSA and ECDH

2017-06-02 Thread Manoj Ramachandran
Hi, We are planning to designing an embedded device integrating ATECC508A module for PKI support. The embedded device is planned to communicate with a host device which will be ported with FIPS compliant OpenSSL library. Our embedded device will be using ECDSA (FIPS 186-3) and ECDH (FIPS

Re: [openssl-users] OpenSSL version 1.0.2l published

2017-06-02 Thread Wouter Verhelst
On 02-06-17 03:18, Viktor Dukhovni wrote: > >> On Jun 1, 2017, at 10:54 AM, Wouter Verhelst >> wrote: >> >> It might be useful to make that point at the start of the CHANGES file, >> then. Currently, it just says "Changes between X.Y.Zx and X.Y.Zy >> [date]". While

Re: [openssl-users] ECDSA and ECDH

2017-06-02 Thread Salz, Rich via openssl-users
> with a host device which will be ported with FIPS compliant OpenSSL library.   > Our embedded device will be using ECDSA (FIPS 186-3)  and ECDH (FIPS > SP800-56A) by calling APIs of ATECC508A SDK.  Is there any compatibility > issue?   There shouldn't be. But interop is a hard thing, and a

Re: [openssl-users] OpenSSL version 1.0.2l published

2017-06-02 Thread Dennis Clarke
you are the first person to raise this issue that I can recall in over 20 years. I'll just go back to my server cave then. dc -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] -fPIC option missing for crypto/bn/x86_64-gcc.c and some other files in 1.0.2l that exists in 1.0.1m & 1.1.0c

2017-06-02 Thread Bill Smith
Hi, I'm building OpenSSL 1.0.2l on Centos Linux 5.4. When linking the libcrypto.a library against my application, I'm getting the error: /usr/bin/ld: /vobs_prgs/src/openssl/linuxx86_64/lib/libcrypto.a(x86_64-gcc.o): relocation R_X86_64_32 against 'a local symbol' can not be used when making a

Re: [openssl-users] OpenSSL version 1.0.2l published

2017-06-02 Thread Dennis Clarke
Sure, would "Major changes" be sufficient? This is essentially a RELEASE_NOTES file, not a comprehensive change log, which is subsumed by git. Exactly. Lots of us have been trained by much experience that a file named CHANGES contains *all* of the changes, while a file named RELEASE_NOTES

Re: [openssl-users] OpenSSL version 1.0.2l published

2017-06-02 Thread Salz, Rich via openssl-users
> Appending a note that, for a full change log, [DO THIS], would probably be > well received. https://github.com/openssl/openssl/pull/3606 -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] OpenSSL version 1.0.2l published

2017-06-02 Thread Salz, Rich via openssl-users
Dennis, Feel free to not read any documentation you find superfluous :) Too much information is not something people often say about OpenSSL. We believe many people find the current file useful. To wit, you are the first person to raise this issue that I can recall in over 20 years. --

Re: [openssl-users] OpenSSL version 1.0.2l published

2017-06-02 Thread Mark H. Wood
On Thu, Jun 01, 2017 at 09:18:26PM -0400, Viktor Dukhovni wrote: > > > On Jun 1, 2017, at 10:54 AM, Wouter Verhelst > > wrote: > > > > It might be useful to make that point at the start of the CHANGES file, > > then. Currently, it just says "Changes between X.Y.Zx

Re: [openssl-users] OpenSSL version 1.0.2l published

2017-06-02 Thread Dennis Clarke
On 06/02/2017 10:36 AM, Salz, Rich via openssl-users wrote: Dennis, Feel free to not read any documentation you find superfluous :) I'll simply leave this here as an example of truely fine CHANGES docs : https://lists.freedesktop.org/archives/xorg/2017-June/058761.html Dennis Clarke ps:

Re: [openssl-users] -fPIC option missing for crypto/bn/x86_64-gcc.c and some other files in 1.0.2l that exists in 1.0.1m & 1.1.0c

2017-06-02 Thread Michael Wojcik
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf > Of Bill Smith > Sent: Friday, June 02, 2017 08:11 > > Looking at the openssl build output, sure enough, it's missing -fPIC. This is one of the reasons why we use our own Configure script for OpenSSL. When we update to

Re: [openssl-users] OpenSSL version 1.0.2l published

2017-06-02 Thread Michael Wojcik
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf > Of Dennis Clarke > Sent: Friday, June 02, 2017 10:28 > > Simply remove the CHANGES file from the source release. > > Since it clearly is not a "CHANGES" list nor is it useful. It may not be useful to you.

[openssl-users] Source code to build "OpenSSL 1.0.1e-fips 11 Feb 2013"?

2017-06-02 Thread Joe Flowers
Hello Everyone, Will someone tell me where the source code is to build this version of openssl, please? "OpenSSL 1.0.1e-fips 11 Feb 2013" Thanks! Joe - -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Source code to build "OpenSSL 1.0.1e-fips 11 Feb 2013"?

2017-06-02 Thread Porter, Andrew
If that version string was printed by a Linux system-provided "openssl" command you'd be best off downloading the system-specific source packages. To make your best guess at building it manually yourself from original source: (a) your old OpenSSL source here: