Re: [openssl.org #982] BN_add failuire in tests for openssl-0.9.7e on Sun 5.8

2004-12-11 Thread Andy Polyakov via RT 

 OpenSSL version:  0.9.7e
 Last change:  Avoid a race condition when CRLs are checked in a multi...
 Options:  --prefix=/usr/local/pkg/openssl/openssl-0.9.7e 
 no-idea no-krb5
 OS (uname):   SunOS spike 5.8 Generic_117350-13 sun4u sparc SUNW,Sun-Fire
 OS (config):  sun4u-whatever-solaris2
 Target (default): solaris-sparcv9-cc
 Target:   solaris-sparcv9-cc
 Compiler: cc: Sun WorkShop 6 2000/04/07 C 5.1
 
 starting big number library test, could take a while...
 test BN_add
 Add test failed!

I can't reproduce this problem with Sun C 5.2. There should be 
test/tmp.bntest file left over, can you submit it? Essentially this 
smells compiler bug and I should recommend to try another compiler [or 
apply vendor patches] or drop optimization level. We had problems with 
Sun C 5.0 (as you might notice in ./config), so there is a remote 
opportunity that 5.1 can be suffering from similar deficiency too... A.

__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

[openssl.org #956] engine code in ECDSA and ECDH

2004-12-11 Thread Geoff Thorpe via RT 

[EMAIL PROTECTED] - Thu Oct 21 08:19:52 2004]:
 please try a recent snapshot

So it looks like this issue was resolved (I haven't checked, but Nils is
a trustworthy sort :-). I'm closing the ticket.

Cheers,
Geoff
-- 
Geoff Thorpe, RT/openssl.org
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: [openssl.org #982] BN_add failuire in tests for openssl-0.9.7e on Sun 5.8

2004-12-11 Thread Geoff Thorpe 
On December 11, 2004 08:41 am, Andy Polyakov via RT wrote:
  starting big number library test, could take a while...
  test BN_add
  Add test failed!

 I can't reproduce this problem with Sun C 5.2. There should be
 test/tmp.bntest file left over, can you submit it? Essentially this
 smells compiler bug and I should recommend to try another compiler [or
 apply vendor patches] or drop optimization level. We had problems with
 Sun C 5.0 (as you might notice in ./config), so there is a remote
 opportunity that 5.1 can be suffering from similar deficiency too... A.

If it turns out not to be compiler bug, see if you can reproduce it with a 
CVS checkout or snapshot of the main branch. There's been an audit of the 
bignum code going on there, and all sorts of little conditions have been 
caught and corrected - it's quite possible you're seeing one of these 
conditions that remain in the 0.9.7-stable branch. (NB, we've avoided 
trying to backport these bignum changes to the stable branches because 
they're interdependent can't be moved piecemeal - and moving a large 
change-set back to a stable branch tends to make administrators and 
package maintainers very grumpy.)

Cheers,
Geoff

-- 
Geoff Thorpe
[EMAIL PROTECTED]
http://www.geoffthorpe.net/

Greedy Genghis George, Guru of God and Guns.

__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: [openssl.org #982] BN_add failuire in tests for openssl-0.9.7e on Sun 5.8

2004-12-11 Thread Jan H. Julian via RT 

Attached and inline is tmp.bntest.

spike cat tmp.bntest
obase=16
ibase=16
print test BN_add\n
AF2F2FFF00FFD8D8535353FF002F00FF0053B000F3FF1F6F00E2FF000FFF
 
+ 
3E1B90000006161050505050505FF196262FF001B1B1B1B1B56566A6AFF00
 
- 
1FF05B506060504FF00FFFEFF0D6262FF20FFFE8B1C1B1B1A555700E1696B0F00
1

Jan


At 2:41 PM +0100 12/11/04, Andy Polyakov via RT wrote:
   OpenSSL version:  0.9.7e
  Last change:  Avoid a race condition when CRLs are checked in a multi...
  Options:  --prefix=/usr/local/pkg/openssl/openssl-0.9.7e
  no-idea no-krb5
  OS (uname):   SunOS spike 5.8 Generic_117350-13 sun4u sparc 
SUNW,Sun-Fire
  OS (config):  sun4u-whatever-solaris2
  Target (default): solaris-sparcv9-cc
  Target:   solaris-sparcv9-cc
  Compiler: cc: Sun WorkShop 6 2000/04/07 C 5.1

  starting big number library test, could take a while...
  test BN_add
  Add test failed!

I can't reproduce this problem with Sun C 5.2. There should be
test/tmp.bntest file left over, can you submit it? Essentially this
smells compiler bug and I should recommend to try another compiler [or
apply vendor patches] or drop optimization level. We had problems with
Sun C 5.0 (as you might notice in ./config), so there is a remote
opportunity that 5.1 can be suffering from similar deficiency too... A.


-- 
Jan Julian University of Alaska, ARSCmailto:[EMAIL PROTECTED]
(907) 450-8641  910 Yukon Drive, Suite 001http://www.arsc.edu
Fax: 450-8605  Fairbanks, AK 99775-6020 USA
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: [CVS] OpenSSL: OpenSSL_0_9_7-stable: openssl/ CHANGES openssl/crypto/a...

2004-12-11 Thread Eduardo PĂ©rez 
This patch seems to have introduced some code duplication:
It seems harmless, but still.

I tried to look line by line of the patch but I may have left something.

On 2004-12-05 02:04:45 +0100, Dr. Stephen Henson wrote:
   --- openssl/crypto/asn1/a_bitstr.c  12 Nov 2002 13:21:19 -  1.13.2.3
   +++ openssl/crypto/asn1/a_bitstr.c  5 Dec 2004 01:04:33 -   1.13.2.4
   @@ -194,7 +194,12 @@
   c=(unsigned char *)OPENSSL_realloc_clean(a-data,
a-length,
w+1);
   -   if (c == NULL) return(0);
   +   if (c == NULL)
   +   {
   +   
 ASN1err(ASN1_F_ASN1_BIT_STRING_SET_BIT,ERR_R_MALLOC_FAILURE);
   +   return 0;
   +   }
   +   if (w+1-a-length  0) memset(c+a-length, 0, w+1-a-length);
Duplication
   if (w+1-a-length  0) memset(c+a-length, 0, w+1-a-length);
   a-data=c;
   a-length=w+1;

   --- openssl/crypto/asn1/a_utctm.c   27 Jan 2004 01:16:09 -  1.24.2.3
   +++ openssl/crypto/asn1/a_utctm.c   5 Dec 2004 01:04:33 -   1.24.2.4
   @@ -203,7 +204,12 @@
   if ((p == NULL) || ((size_t)s-length  len))
   {
   p=OPENSSL_malloc(len);
   -   if (p == NULL) return(NULL);
   +   if (p == NULL)
   +   {
   +   ASN1err(ASN1_F_ASN1_UTCTIME_SET,ERR_R_MALLOC_FAILURE);
   +   return(NULL);
   +   }
   +   if (s-data != NULL)
Duplication
   if (s-data != NULL)
   OPENSSL_free(s-data);
   s-data=(unsigned char *)p;

   --- openssl/crypto/asn1/x_pubkey.c  30 May 2002 16:50:36 -  1.21.2.2
   +++ openssl/crypto/asn1/x_pubkey.c  5 Dec 2004 01:04:33 -   1.21.2.3
   @@ -143,7 +166,12 @@
   }
   p=s;
   i2d_PublicKey(pkey,p);
   -   if (!M_ASN1_BIT_STRING_set(pk-public_key,s,i)) goto err;
   +   if (!M_ASN1_BIT_STRING_set(pk-public_key,s,i))
   +   {
   +   X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
   +   goto err;
   +   }
   +   /* Set number of unused bits to zero */
Duplication
   /* Set number of unused bits to zero */
   pk-public_key-flags= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
   pk-public_key-flags|=ASN1_STRING_FLAG_BITS_LEFT;
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]