mments
in for exact numeric details.
SSLeay_version(SSLEAY_VERSION)
Returns the text representation of the version, including
patch level.
Cheers,
Richard
--
Richard Levitte rich...@levitte.org
http://ri
t
)
Of course, you could try to talk with your cert vendor and see if they
could support a subjectAltName of that type. I do have some doubts,
as I'd guess it comes with a price, but it may be worth trying.
Cheers,
Richard
--
Richard Levitte rich...@levitte.org
ncomplete type
openSSL> > s_socket.c:526: `AF_INET' undeclared (first use in this function)
openSSL> > s_socket.c:531: dereferencing pointer to incomplete type
openSSL> > s_socket.c:532: dereferencing pointer to incomplete type
openSSL> > s_socket.c:533: dereferencin
-- my application will have the code to
build
redfloyd> the ENGINE and register it.
redfloyd>
redfloyd>
redfloyd>
redfloyd> Are there any good pointers on building an ENGINE?
There's an example in demos/engines/rsaref/... does that help?
--
Richard Lev
p(stderr);
Cheers,
Richard
-
Please consider sponsoring my work on free software.
See http://www.free.lp.se/sponsoring.html for details.
--
Richard Levitte [EMAIL PROTECTED]
http://richard.levitte.org/
"When I became a m
EVP_aes_256_cfb128
const EVP_CIPHER *EVP_aes_256_ofb(void);
const EVP_CIPHER *EVP_aes_256_ctr(void);
Cheers,
Richard
--
Richard Levitte rich...@levitte.org
http://richard.levitte.org/
"Life is a tremendous celebration - and I
I've seen the same thing. Fixing it. Unfortunately, it will mean
that you will have to pick up a snapshot a little later or wait until
the next release.
Cheers,
Richard
In message <4971adfe.9030...@tibco.com> on Sat, 17 Jan 2009 05:07:58 -0500, Sue
Abercrombie said:
aberz> I am trying to bui
e database say Revokde, the EXPDATE is the revoked time
?
elkpichico> and when is Expired ?
elkpichico>
elkpichico> Thanks a lot if somebody can ask me some of the questions.
elkpichico> I really appreciate.
elkpichico>
elkpichico> Regards,
elkpichico> Andres.
--
]fips_set_key.c
aberz> [.fips.aes]fips_aes_core.c
aberz>
aberz> I have not tried to identify missing header files. Difficult in any
case, and impossible without all of the .c files.
aberz>
aberz> Questions, comments, recommendations? Any and all are welcome.
aberz>
aberz> Chee
out the request algorithm specifically), while with
-evp, the EVP routines that you identified above will be called
instead.
Cheers,
Richard
--
Richard Levitte rich...@levitte.org
http://richard.levitte.org/
"Life is a tre
've no VAX/VMS account (only
a Alpha/VMS one), so I can't verify or fix. Is there any way you can
help us?
Cheers,
Richard
--
Richard Levitte rich...@levitte.org
http://richard.levitte.org/
"Life is a tremendous celebratio
gt; From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Bérczi Gábor
Whalenr> Sent: Wednesday, May 13, 2009 7:02 AM
Whalenr> To: openssl-users@openssl.org
Whalenr> Subject: Re: compiling 1.0.0-beta2 on OpenVMS
Whalenr>
Whalenr> I can certainl
assumption is correct, OpenSSL expects the same semantics as
malloc(), realloc() and free(), so you free() replacement must be able
to handle a NULL argument.
Cheers,
Richard
--
Richard Levitte rich...@levitte.org
http://richard.levitte.o
In message <4fbf35d0.3020...@wisemo.com> on Fri, 25 May 2012 09:33:36 +0200,
Jakob Bohm said:
jb-openssl> On 5/25/2012 12:30 AM, Richard Levitte wrote:
jb-openssl> > In
jb-openssl> >
message
jb-openssl> > on Thu, 24 May 2012 17:46:49 +0530, Sudarshan
jb-openssl&g
er> malloc_debug_func(ret, num, file, line, 1);
noloader>
noloader> return ret;
noloader> }
It's correct that CRYPTO_malloc(), CRYPTO_realloc() and CRYPTO_free()
don't verify the parameters, they are just wrappers around the real
memory routines (mall
For C compilers that can't generate makefile dependency files, we have
makedepend as a fallback.
Cheers
Richard
shiva kumar skrev: (24 oktober 2019 20:41:28 CEST)
>what is the use of makedepend in openssl 1.1.1?
>openssl 1.1.1 can build without makepend then what's the use of
>makedepend?
>is
overhead_test.o:(cipher_overhead)
> cc: error: linker command failed with exit code 1 (use -v to see invocation)
> *** Error 1 in . (Makefile:8181 'test/cipher_overhead_test')
> *** Error 1 in [[path removed]]/openssl-1.1.1d (Makefile:174 'all')
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
gt; MD5(stdin)= 61a08703a6a4c774cad650afaedd9c10
>
> $ echo "shoot" | openssl3 dgst -md5 -engine emd5
>
> engine "emd5" set.
>
> Error setting digest
>
> C0:05:98:0C:01:00:00:00:error:digital envelope
> routines:EVP_DigestInit_ex:initialization
rnational This is doctor@@nl2k.ab.ca Ici
> doctor@@nl2k.ab.ca
> Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist
> rising!
> https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism
> Merry Christmas 2019 and Happy New Year
ing with BIOs directly?
>
> Many thanks,
> Eran
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
ffort... PRs would
certainly be welcome, but anyone who tries this will have to be
prepared for it to take a while to get into the main source.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
pting to cross-compile for RV64 from an x86 machine.
>
> On Mon, Mar 9, 2020 at 3:12 PM Scott Neugroschl wrote:
>
>
>
> Is the “no-asm” configuration option still supported?
>
>
>
> From: openssl-users On Behalf Of
> Kristin B
/x509v3_config.pod says to append the numeric, as in
>
> email.1 = steve@here
>
> email.2 = steve@there
>
> I believe the second form is correct. Can anyone confirm?
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
tterns there
with the attribute 'export-ignore'. Those are files that don't make
it into the tarball.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
ement to include
> err.h before ssl.h. Is this intentional or a bug?
>
> It's easy enough for me to fix this in my source code, but other
> packages that rely upon openssl break with "ssl.h is unusable" errors
> due of this change (OpenLDAP is one such example).
>
> Norm Green
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
s/ur20980/openssl-3/include/openssl/safestack.h:175:40: note: expanded
> from macro 'DEFINE_OR_DECLARE_STACK_OF'
> # define DEFINE_OR_DECLARE_STACK_OF(s) DEFINE_STACK_OF(s)
>^
> /Users/ur20980/openssl-3/include/openssl/safestack.h:135:29: note: expanded
> from macro 'DEFINE_STACK_OF'
> # define DEFINE_STACK_OF(t) SKM_DEFINE_STACK_OF(t, t, t)
> ^
> /Users/ur20980/openssl-3/include/openssl/safestack.h:84:21: note: expanded
> from macro 'SKM_DEFINE_STACK_OF'
> return (t2 *)OPENSSL_sk_pop((OPENSSL_STACK *)sk); \
> ^
> fatal error: too many errors emitted, stopping now [-ferror-limit=]
>
> --
> Regards,
> Uri
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
> This means that the algorithm you are trying to use isn't available in
> >> > the loaded providers. Since you should be getting the default provider
> >> > loaded automatically it could be because some legacy algorithms were
> >> > moved to the legacy provider (MD2, MD4, MDC2, RMD160, CAST5, BF
> >> > (Blowfish), IDEA, SEED, RC2, RC4, RC5 and DES (but not 3DES)). If you're
> >> > using something from that list then that would explain it.
> >>
> >> Can we add the legacy provider, via configuration, or via code?
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
ated. I can't remember if it was
discussed in particular... it might simply be an omission.
All that being said, DH_bits() was undeprecated yesterday. See
https://github.com/openssl/openssl/pull/11669
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
omes
part of libcrypto, in an inaccessible state (in other words, you still
have to "load" it).
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
er -in ww_temp.pem -out ww_temp.der
>
> The Question) How do I get all the certs in the .der file?
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
IX-WG RFCs which define it and
> specify the same
> order as the TC1, but if you're curious you can chase them down by looking up
> IANA's list of media
> types and searching for "application/pkix-pkipath".
>
> -Kyle H
>
> On Fri, May 22, 2020, 00:55 Rich
is my question : is there any
> OpenSSL 3.0 sanctionned, EVP_PKEY-based way to crypt using a private
> key and decrypt using a public key?
Yes, see above. Those functions have been around for a while, I think
you can start playing with them in any current OpenSSL version.
Cheers,
Rich
's done
with the configuration option 'no-asm', so for example:
perl Configure VC-WIN64I no-asm
Also, just in case you made a mistake and are running on a regular
x86_64 CPU (Intel or AMD, doesn't matter), you should use the config
target 'VC-WIN64A' instead of 'VC-WIN64I'.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
have to come up with a BIO
method that supports whatever file API that UWP supports.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
uivalent in EVP_MAC_xxx?
>
> ---
>
> I found the params stuff, but that's new in 3.0.0
> How do I do it in 1.1.1 or earlier?
In 1.1.1 and earlier, there is a different idea, using EVP_PKEY
routines to "sign" with a MAC. We have a EVP_PKEY to EVP_MAC bridge
in 3.0.0 to
gned to work with the set of functions EVP_DigestSign*.
Attached is the diff of your program, rewritten to use that.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
===File /tmp/pkey.c.diff
---
> AES-128 16 48 16170 0.170 475ac1c053379e7dbd4ce80b87d2178e
> AES-192 24 48 16182 0.182 c906422bfe0963de6df50e022b4aa7d4
> AES-256 32 48 16196 0.196 991f4017858de97515260dd9ae440b06
>
>
>
> --
> These are my opinions. I hate spam.
>
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
MAC
> AES-128 16 16384 16 25462 25.462 581f7b133ad6f3697f33c3f836fdb6e6
> EVP_MAC with Preload cipher and key
> AES-128 16 16384 16 24567 24.567 581f7b133ad6f3697f33c3f836fdb6e6
>
>
>
> --
> These are my opinions. I hate spam.
>
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
On Thu, 18 Jun 2020 08:27:13 +0200,
Richard Levitte wrote:
>
> I think 16k was enough to demonstrate that the timing difference
> becomes more marginal the larger the amount of data to encrypt in the
> same session is.
>
> This makes me think that we might want to rethink t
ll fail if that engine doesn't implement it. In other words,
you do have this situation in 1.1.1 as well, just less obviously.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
On Thu, 18 Jun 2020 09:25:43 +0200,
Hal Murray wrote:
>
> In the context of making things go fast/clean, do I need a reset? If so, why?
No. I sent another message where I pointed out that I made a mistake
when saying so.
--
Richard Levitte levi...@openssl.org
OpenSSL P
e, the Shining Light openssl
> build and the openssl crate.
>
> Does anyone have experience getting this to link?
>
> Environment variables?
> cargo.toml
> anything else?
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
egardless of configuration.
We do produce alongside static libraries alongside the DLLs since
1.1.1: libcrypto_static.lib.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
> Have there been stablility issues lately?
> >
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
Fixed!
On Sat, 04 Jul 2020 23:35:28 +0200,
Richard Levitte wrote:
>
> Hmmm... I can see issues over IPv4 from my laptop, but it works
> flawlessly over iPv6, as well as from the VMS machines I've access to
> (over IPv4). Not sure what's going on there.
>
> The Do
s soon as possible.
> > To report a bug, open an issue on GitHub:
> >
> > https://github.com/openssl/openssl/issues
> >
> > Please check the release notes and mailing lists to avoid duplicate
> > reports of known issues. (Of course, the source is also avai
they are the
normal object files that are used to build up libraries and
applications, and are produced in OpenSSL before 1.1.0 as well.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
" has " #include".
>
> How to resolve this , Might I have missed something during configure &
> compilation ??
> fwiw: have given "./configure gcc" & same was given when we had
> upgraded to 1.0.2 from
> previous versions long ago.
>
> Thanks,
> Prud.
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
g
> 2019) and Australia (25 Dec 2019 to 9 Jan 2020):
>
> [1] https://tdtemcerts.wordpress.com/
>
> [2] https://tdtemcerts.blogspot.sg/
>
> [3] https://www.scribd.com/user/270125049/Teo-En-Ming
>
> -END EMAIL SIGNATURE-
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
iority item. That being
said, I can't see that any of us will protest if someone chooses to
chip in and add such support, at least in our providers [*]
-
[*] in other words, PR welcome... I believe that the RSA-PSS work
can be a good enough template that RSA-OAEP key support doesn
ca
> Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist
> rising!
> Look at Psalms 14 and 53 on Atheism https://www.empire.kred/ROOTNK?t=94a1f39b
>
> Born 29 Jan 1969 Redhill, Surrey, UK
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
>36:d=4 hl=2 l= 9 cons: SEQUENCE
>38:d=5 hl=2 l= 3 prim: OBJECT:countryName
>
> From https://tools.ietf.org/html/rfc5280#section-4.1.1.2, It isn't clear
> if NULL parameters
> can be completely omitted or if it should st
Hmmm, I have never seen that (apart from in one of my own development branches,
but that never reached the main source).
If you want anyone to look into it, it would be a good idea to show us what
your configuration is. The output from this command is recommended:
perl configdata.pm -d
Che
P_PKEY_decrypt".
I believe that one of these functions would help you:
EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_pkey(OSSL_LIB_CTX *libctx,
EVP_PKEY *pkey, const char *propquery);
Cheers,
Richard
--
R
gt; Inc. and its Affiliates that is confidential and/or proprietary for the sole
> use of the intended
> recipient. Any review, disclosure, reliance or distribution by others or
> forwarding without
> express permission is strictly prohibited. If you are not the intended
> re
d
> consider calling it "libssl3" and "libcrypto3". Yeah, maybe that's uncool,
> but it may be pragmatic.
It's not at all pragmatic, let alone not at all cool, seeing that
libssl3 isn't ours. I hope you understand this at this point.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
On Tue, 22 Jun 2021 21:58:30 +0200,
Michael Richardson wrote:
>
> Richard Levitte wrote:
> >> But, having both "libssl-dev" and "libssl3-dev" installed at the same
> >> time is going to be a problem.
>
> > Not really. Pro
for this, as we can probably assume that it's a corporate
filter that automagically adds those.
And oh boy! openssl-users having almost 3000 subscribers, that's
quite a lot of people to chase down and ensure they have destroyed all
copies, I tell ya! "Good luck" is probably an
ve access to
> nmake.exe.
>
> !IF "$(DESTDIR)" != ""
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
1.1.1k
> on Windows 10, with Visual Studio 2017 and 2019. It is released under the
> Apache-2.0 license.
>
> Any feedback is welcome, please send it to me or open an issue on GitHub.
>
> Best regards,
> Reinier
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
fication is disabled by default because it doesn't add
any security."
I'm sure this can be debated, but that's at least an explanation.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
T_VALIDITY, notBefore, ASN1_TIME),
> ASN1_SIMPLE(TPM_PARTIAL_CERT_VALIDITY, notAfter, ASN1_TIME),
> } ASN1_SEQUENCE_END(TPM_PARTIAL_CERT_VALIDITY)<<<< line 97 is here
>
> certifyx509.c:97: warning: no previous prototype for
> 'TPM_PARTIAL_CERT_VALIDITY_it'
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
in
> launching Erlang,
> all work well.
>
> https://github.com/openssl/openssl/blob/b19fcc66d382357617744690dc3363947de2cb6f/doc/man3/OSSL_PROVIDER.pod
>
> So, copying legacy.so and adding an environment variable can be an option.
> Before going with the option, I wa
will not search for it throughout the
> global system? Or is there a general (all system) fix for this?
> Another problem is Python 3.10.6 requires a OpenSSL 1.1.1 or
> newer. Can I link my Python virtual machine to the openssl virtual
> machine? Your comments are appreciated.
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
ds based on later versions of 1.1.1.
>
> Does this ring any bells with anyone? Again, apologies if this is answered
> elsewhere - I *did* spend some time in Google but couldn't find anything that
> seemed relevant.
>
> Thanks in advance for any advice.
>
> Cheers!
>
> -- David --
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
t; https://wiki.openssl.org/index.php/OpenSSL_3.0 ("unable to connect")
>
> The urls above do not seem to work. Is this a consequence with the
> recent release withdrawal?
>
> The main web page, www.openssl.org, seems to work as normal.
>
> -James M
>
--
objective? -unknown Beware
> https://mindspring.com
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
enssl-users wrote:
>> > Where are they?
>>
>> --
>> Tom Mr??z, OpenSSL
>>
>
> I use lynx
That's absolutely fine and makes no difference. The snapshots got in
place, but probably became visible after you looked.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
nts/ip_net2-6.9/ipcrypto/openssl-3_1_3/providers/common/der/der_ec_sig.c:41:
> error: 'ossl_der_oid_id_ecdsa_with_sha3_384' undeclared (first use in this
> function)
>
> C:/Dev/WindRiverDSMPDDR_V19_OSSL_313/components/ip_net2-6.9/ipcrypto/openssl-3_1_3/providers/common/der/der_ec_sig.c:42:
> error: 'ossl_der_oid_id_ecdsa_with_sha3_512' undeclared (first use in this
> function)
>
>
>
>
>
> Thanks & Regards,
>
> Damodhar.
>
> +91-7702191212
>
>
>
> General
>
--
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
You can give your implementation the property "provider=myname" and for
fetching, you can use the conditional property query string
"?provider=myname". That will ensure that, for whatever the app is
fetching, it will pick what your provider offers first, and fall back to
using stuff from any other
here, technically
speaking? I mean, except for backward compatibility (people will
suddenly HAVE to have a line saying "using namespace openssl;" or
something like that).
Cheers,
Richard
--
Richard Levitte rich...@levitte.org
27;t reset the buffer to
empty), BIO_reset() is.
However, you need to be careful... if I were you, I would use the
read data before resetting, as BIO_get_mem_data() gives you the
pointer to the internal BIO_s_mem buffer, not to a duplicate of it.
Cheers,
Richard
--
Richard Levitte
---------
Cheers,
Richard
--
Richard Levitte rich...@levitte.org
http://richard.levitte.org/
"Life is a tremendous celebration - and I'm invite
And of course, I noticed this email after sending my own... sorry.
In message
on Mon, 8 Sep 2014 18:41:40 +0200, Iñaki Baz Castillo said:
ibc> 2014-09-08 18:35 GMT+02:00 Kyle Hamilton :
ibc> > The allocated buffer needs to be sizeof(char *). What's happening is the
ibc> > address of the buffe
s code alive or not.
Cheers,
Richard
--
Richard Levitte rich...@levitte.org
http://richard.levitte.org/
"Life is a tremendous celebration - and I'm invited!"
-- from a friend
he info.
rsalz>
rsalz> One possibility is to have a separate program use prngd and write it to
a RANDFILE that openssl uses. Probably servers are the most important users,
and you could/should have one file per server ...
I'd like to remind people of the possibility
Forthcoming OpenSSL releases
The OpenSSL project team would like to announce the forthcoming release
of OpenSSL versions 1.0.2c, 1.0.1o.
These releases will be made available on Friday 12th June. They will
fix two specific issues: 1) an HMAC ABI incompatibility with p
Clarification on the forthcoming OpenSSL releases
=
To clarify, the mentioned HMAC ABI incompatibility occurred in
recently released versions 1.0.2b and 1.0.1n which are security fixes
but which may cause other problems due to the ABI issue. Therefo
Hi,
due to a mysql screwup, whatever was sent to openssl-b...@openssl.org
after 06:00 UTC today was lost (everything before that was safely
backed up). If you did send something, I would like to kindly ask you
to resend it.
Sorry for the inconvenience.
Cheers,
Richard
--
Richard Levitte
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL version 1.1.0 pre release 2 (alpha)
===
OpenSSL - The Open Source toolkit for SSL/TLS
http://www.openssl.org/
OpenSSL 1.1.0 is currently in alpha. OpenSSL 1.1.0 pre release 2 has now
Forwarding this here. However, I would prefer discussions to happen
on openssl-...@openssl.org, since this is about OpenSSL development.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
--- Begin Message ---
Hi,
some time
someone would package the already existing engine_pkcs11 with
OpenSSL (that packaging doesn't have to be done by the OpenSSL team),
*or* with hardware distributions.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
In message <1456140741.4735.272.ca...@infradead.org> on Mon, 22 Feb 2016
11:32:21 +, David Woodhouse said:
dwmw2> On Sat, 2016-02-20 at 22:55 +0100, Richard Levitte wrote:
dwmw2> >
dwmw2> > sander> What I would like to see though is for such a PKCS#11 Engine
dwmw2&
But really doubtful to happen in 1.1 as the API freeze is in a month.
Yeah, 1.1 is unrealistic, I'm sorry to say.
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
h mean the same thing, from Feb 10 for 30 days.
rsalz>
rsalz> Comments?
It's not a huge step to support full blown ISO 8601 (which has a few
more alternatives to specify time intervals *). I like the idea.
Cheers,
Richard
(*) https://en.wikipedia.org/wiki/ISO_8601
--
Richard Levitte
ecify time intervals *). I like the idea.
rsalz>
rsalz> No, it *is* a huge step. There's a reason why W3C XML schema language
(XSD), not known for being lightweight, profiled the ISO standard.
Sorry, I was unclear. What I meant was that it's not a huge step from
the XSD to full b
be lib_[-].lib where
kim.grasman> is only appended for 64-bit builds.
Are you sure? Looking at my builds, I find libcrypto-1_1.dll and
libssl-1_1.dll with the import libraries libcrypto.lib and
libssl.lib.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Pro
In message <1446abd3-1599-24fe-1340-fc7f3da5e...@wisemo.com> on Fri, 16 Sep
2016 00:12:30 +0200, Jakob Bohm said:
jb-openssl> On 16/09/2016 00:08, Richard Levitte wrote:
jb-openssl> > In message
jb-openssl> >
jb-openssl> > on Thu, 15 Sep 2016 12:17:12 +0200, Kim
In message
on Fri, 16 Sep 2016 09:43:37 +0200, Kim Gräsman said:
kim.grasman> Hi Richard,
kim.grasman>
kim.grasman> On Fri, Sep 16, 2016 at 12:08 AM, Richard Levitte
wrote:
kim.grasman> > In message
on Thu, 15
Sep 2016 12:17:12 +0200, Kim Gräsman said:
kim.grasman
Andrew, I think you need to read up in the INSTALL file in 1.1.0.
Jing Liu's sequence of commands seems correct to me, and with 1.1.0,
the default install prefix *is* C:\Program Files (x86)\OpenSSL\ for
VC-Win32.
Cheers,
Richard
In message
on Wed,
21 Sep 2016 12:54:58 +, Andrew Hartley
s
Weird problem. I assume that if you do 'dir ms' while standing in
D:\openssl-1.1.0, you will in fact see applink.c. Correct?
My I suggest applying the attached patch to util/copy.pl and see if
you get a better explanation for the mystery?
Cheers,
Richard
In message
on Wed, 21 Sep 2016 20:35
libcrypto will figure out that it's a IPv6 address
from the presence of colons.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
libssl-1_1.dll on Win32.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
In message
<0675024e00e342d9a8c668fd10791...@usma1ex-dag1mb1.msg.corp.akamai.com> on Sun,
16 Oct 2016 20:12:02 +, "Salz, Rich" said:
rsalz> Use the –nocommands flag.
Another way, which also works with OpenSSL versions before 1.1.0, is
-ign_eof
Cheers,
Richard
I just tested on two systems, Debian [unstable] and FreeBSD 8.4, and
in both cases, that test goes through with no trouble at all.
Could you tell us your exact configuration? If I recall correctly,
you have your own hacked configuration, right?
Cheers,
Richard
In message <20161031142938.ga97...
Hi,
I'm curious. Why exactly do you want to change the shared library
version?
That being said, this is not a good idea. I hope I explained why well
enough in the thread with the subject "OpenSSL 1.0.2h generates
libss.so.1.0.0 instead of libssl.so.1.0.2" started by you on
openssl-dev. For ref
ddress. So in the end, it becomes a story of how users from one
domain are capable of throw out everyone else that checks their DMARC
policy.
Last time we went through this, we ignored the problem, for reasons I
cannot remember now. I'll have a closer look at what mailman can
off
In message <20161108.083722.982336643109774878.levi...@openssl.org> on Tue, 08
Nov 2016 08:37:22 +0100 (CET), Richard Levitte said:
levitte> In message
on Mon, 7
Nov 2016 21:50:13 +0300, Dmitry Belyavsky said:
levitte>
levitte> beldmit> Hello Rich,
levitte> beldmit&g
this:
./config -Wl,--enable-new-dtags,-rpath,'$(LIBRPATH)'
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
What do you get from this command?
ldd ../engines/capi.so?
I think that the configuration example I gave you in my previous email
will also help this...
Cheers,
Richard
In message
on Fri, 11 Nov 2016 14:46:45 +, "Gupta, Saurabh"
said:
Saurabh.Gupta> I tried to dynamically load e_c
1 - 100 of 1068 matches
Mail list logo