Re: [openssl-dev] openssl 1.0.2 SNAPSHOT issue that exists since 20160521
On Tue, May 24, 2016 at 11:47:21PM +0200, Richard Levitte wrote: > In message <20160524154456.ga23...@doctor.nl2k.ab.ca> on Tue, 24 May 2016 > 09:44:57 -0600, The Doctor said: > > doctor> On Tue, May 24, 2016 at 05:15:52PM +0200, Richard Levitte wrote: > doctor> > So I understand correctly, it works when the patch is reversed > (that's > doctor> > what -R does), right? Good, that gives us a point. However, that > doctor> > commit is there for a reason, so like I said, if you can help us > doctor> > figure out what goes wrong on your system, everyone will be happier. > doctor> > > doctor> > doctor> All right, what if you are using egd instead of rnadomd ? > > How exactly do you mean? > Usually I use egd as the Randomd just does not perform to expectation. Randomd does not act stable here. > Side note: it feels like you're playing the guessing game with me. My > patience for that is running thin. Please give me details. In the > end, helping us is helping yourself, as we don't have any BSDi system > to try things on ourselves. > > -- > Richard Levitte levi...@openssl.org > OpenSSL Project http://www.openssl.org/~levitte/ -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Abuse a man unjustly, and you will make friends for him. -Edgar Watson Howe -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] openssl 1.0.2 SNAPSHOT issue that exists since 20160521
In message <20160524154456.ga23...@doctor.nl2k.ab.ca> on Tue, 24 May 2016 09:44:57 -0600, The Doctor said: doctor> On Tue, May 24, 2016 at 05:15:52PM +0200, Richard Levitte wrote: doctor> > So I understand correctly, it works when the patch is reversed (that's doctor> > what -R does), right? Good, that gives us a point. However, that doctor> > commit is there for a reason, so like I said, if you can help us doctor> > figure out what goes wrong on your system, everyone will be happier. doctor> > doctor> doctor> All right, what if you are using egd instead of rnadomd ? How exactly do you mean? Side note: it feels like you're playing the guessing game with me. My patience for that is running thin. Please give me details. In the end, helping us is helping yourself, as we don't have any BSDi system to try things on ourselves. -- Richard Levitte levi...@openssl.org OpenSSL Project http://www.openssl.org/~levitte/ -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] openssl 1.0.2 SNAPSHOT issue that exists since 20160521
On Tue, May 24, 2016 at 05:15:52PM +0200, Richard Levitte wrote: > In message <20160524142412.ga6...@doctor.nl2k.ab.ca> on Tue, 24 May 2016 > 08:24:12 -0600, The Doctor said: > > doctor> On Tue, May 24, 2016 at 12:26:02PM +0200, Richard Levitte wrote: > doctor> > In message <20160524070954.ga17...@doctor.nl2k.ab.ca> on Tue, 24 > May 2016 01:09:55 -0600, The Doctor said: > doctor> > > doctor> > doctor> On Mon, May 23, 2016 at 10:10:46AM +0200, Richard Levitte > wrote: > doctor> > doctor> > In message <20160523070428.ga17...@doctor.nl2k.ab.ca> on > Mon, 23 May 2016 01:04:29 -0600, The Doctor said: > doctor> > doctor> > > doctor> > doctor> > doctor> On Sun, May 22, 2016 at 06:34:26AM -0600, The > Doctor wrote: > doctor> > doctor> > doctor> > > doctor> > doctor> > doctor> > when executing > doctor> > doctor> > doctor> > > doctor> > doctor> > doctor> > ../apps/openssl x509 -sha1 -CAcreateserial -in > reqCA.ss -days 30 -req -out certCA.ss -signkey keyCA.ss -extfile CAss.cnf > -extensions v3_ca > doctor> > doctor> > doctor> > > doctor> > doctor> > doctor> > during the test phase, it looks as if the test > hangs. > doctor> > doctor> > doctor> > > doctor> > doctor> > doctor> > Please look into this. > doctor> > doctor> > doctor> > > doctor> > doctor> > doctor> > doctor> > doctor> > doctor> > doctor> > doctor> > doctor> This issue now exists in 20160523 . > doctor> > doctor> > doctor> > doctor> > doctor> > doctor> Please look into this showstopper. > doctor> > doctor> > > doctor> > doctor> > Can't reproduce. I've tried on Linux (Debian bleeding > edge) and > doctor> > doctor> > FreeBSD (8.4-RELEASE-p14). However, I did it with the > default config > doctor> > doctor> > (BSD-x86_64, which is what ./config gives me > automagically, and no > doctor> > doctor> > extra options), please remind me of yours. > doctor> > doctor> > > doctor> > doctor> > doctor> > doctor> All right, what changed between 20160520 and 20160521 ? > doctor> > doctor> > doctor> > doctor> Simple question. That is the source of the showstopper. > doctor> > > doctor> > I'm attaching the only change that I can think makes a difference. > doctor> > Try a 'patch -R -p1 < xopen_source.patch' and see if that changes > doctor> > anything. > doctor> > > doctor> > I don't think we're going to back off from that change, so if you > can > doctor> > help us figure out what goes wrong with it on your system and how to > doctor> > improve the change, that's be great. > doctor> > > doctor> > Cheers, > doctor> > Richard > doctor> > > doctor> > -- > doctor> > Richard Levitte levi...@openssl.org > doctor> > OpenSSL Project http://www.openssl.org/~levitte/ > doctor> > doctor> > commit e10b54ca32280d9fec20085f404dcdcf2217c90e > doctor> > Author: Andy Polyakov > doctor> > Date: Mon May 16 16:44:33 2016 +0200 > doctor> > > doctor> > rand/randfile.c: remove _XOPEN_SOURCE definition. > doctor> > > doctor> > Defintions of macros similar to _XOPEN_SOURCE belong in command > line > doctor> > or in worst case prior first #include directive in source. As > for > doctor> > macros is was allegedly controlling. One can argue that we are > doctor> > probably better off demanding S_IS* macros but there are systems > doctor> > that just don't comply, hence this compromise solution... > doctor> > > doctor> > Reviewed-by: Rich Salz > doctor> > (cherry picked from commit > 2e6d7799ffc47604d06e0465afeb84b91aff8006) > doctor> > > doctor> > diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c > doctor> > index 9537c56..76bdb9a 100644 > doctor> > --- a/crypto/rand/randfile.c > doctor> > +++ b/crypto/rand/randfile.c > doctor> > @@ -56,11 +56,6 @@ > doctor> > * [including the GNU Public Licence.] > doctor> > */ > doctor> > > doctor> > -/* We need to define this to get macros like S_IFBLK and S_IFCHR */ > doctor> > -#if !defined(OPENSSL_SYS_VXWORKS) > doctor> > -# define _XOPEN_SOURCE 500 > doctor> > -#endif > doctor> > - > doctor> > #include > doctor> > #include > doctor> > #include > doctor> > @@ -80,6 +75,29 @@ > doctor> > #ifndef OPENSSL_NO_POSIX_IO > doctor> > # include > doctor> > # include > doctor> > +/* > doctor> > + * Following should not be needed, and we could have been stricter > doctor> > + * and demand S_IS*. But some systems just don't comply... Formally > doctor> > + * below macros are "anatomically incorrect", because normally they > doctor> > + * would look like ((m) & MASK == TYPE), but since MASK > availability > doctor> > + * is as questionable, we settle for this poor-man fallback... > doctor> > + */ > doctor> > +# if !defined(S_ISBLK) > doctor> > +# if defined(_S_IFBLK) > doctor> > +# define S_ISBLK(m) ((m) & _S_IFBLK) > doctor> > +# elif defined(S_IFBLK) > doctor> > +# define S_ISBLK(m) ((m) & S_IFBLK) > doctor> > +# elif defined(_WIN32) > doctor> > +# define S_ISBLK(m) 0 /* no concept of block devices on Windows > */ > doctor> >
Re: [openssl-dev] openssl 1.0.2 SNAPSHOT issue that exists since 20160521
In message <20160524142412.ga6...@doctor.nl2k.ab.ca> on Tue, 24 May 2016 08:24:12 -0600, The Doctor said: doctor> On Tue, May 24, 2016 at 12:26:02PM +0200, Richard Levitte wrote: doctor> > In message <20160524070954.ga17...@doctor.nl2k.ab.ca> on Tue, 24 May 2016 01:09:55 -0600, The Doctor said: doctor> > doctor> > doctor> On Mon, May 23, 2016 at 10:10:46AM +0200, Richard Levitte wrote: doctor> > doctor> > In message <20160523070428.ga17...@doctor.nl2k.ab.ca> on Mon, 23 May 2016 01:04:29 -0600, The Doctor said: doctor> > doctor> > doctor> > doctor> > doctor> On Sun, May 22, 2016 at 06:34:26AM -0600, The Doctor wrote: doctor> > doctor> > doctor> > doctor> > doctor> > doctor> > when executing doctor> > doctor> > doctor> > doctor> > doctor> > doctor> > ../apps/openssl x509 -sha1 -CAcreateserial -in reqCA.ss -days 30 -req -out certCA.ss -signkey keyCA.ss -extfile CAss.cnf -extensions v3_ca doctor> > doctor> > doctor> > doctor> > doctor> > doctor> > during the test phase, it looks as if the test hangs. doctor> > doctor> > doctor> > doctor> > doctor> > doctor> > Please look into this. doctor> > doctor> > doctor> > doctor> > doctor> > doctor> doctor> > doctor> > doctor> doctor> > doctor> > doctor> This issue now exists in 20160523 . doctor> > doctor> > doctor> doctor> > doctor> > doctor> Please look into this showstopper. doctor> > doctor> > doctor> > doctor> > Can't reproduce. I've tried on Linux (Debian bleeding edge) and doctor> > doctor> > FreeBSD (8.4-RELEASE-p14). However, I did it with the default config doctor> > doctor> > (BSD-x86_64, which is what ./config gives me automagically, and no doctor> > doctor> > extra options), please remind me of yours. doctor> > doctor> > doctor> > doctor> doctor> > doctor> All right, what changed between 20160520 and 20160521 ? doctor> > doctor> doctor> > doctor> Simple question. That is the source of the showstopper. doctor> > doctor> > I'm attaching the only change that I can think makes a difference. doctor> > Try a 'patch -R -p1 < xopen_source.patch' and see if that changes doctor> > anything. doctor> > doctor> > I don't think we're going to back off from that change, so if you can doctor> > help us figure out what goes wrong with it on your system and how to doctor> > improve the change, that's be great. doctor> > doctor> > Cheers, doctor> > Richard doctor> > doctor> > -- doctor> > Richard Levitte levi...@openssl.org doctor> > OpenSSL Project http://www.openssl.org/~levitte/ doctor> doctor> > commit e10b54ca32280d9fec20085f404dcdcf2217c90e doctor> > Author: Andy Polyakov doctor> > Date: Mon May 16 16:44:33 2016 +0200 doctor> > doctor> > rand/randfile.c: remove _XOPEN_SOURCE definition. doctor> > doctor> > Defintions of macros similar to _XOPEN_SOURCE belong in command line doctor> > or in worst case prior first #include directive in source. As for doctor> > macros is was allegedly controlling. One can argue that we are doctor> > probably better off demanding S_IS* macros but there are systems doctor> > that just don't comply, hence this compromise solution... doctor> > doctor> > Reviewed-by: Rich Salz doctor> > (cherry picked from commit 2e6d7799ffc47604d06e0465afeb84b91aff8006) doctor> > doctor> > diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c doctor> > index 9537c56..76bdb9a 100644 doctor> > --- a/crypto/rand/randfile.c doctor> > +++ b/crypto/rand/randfile.c doctor> > @@ -56,11 +56,6 @@ doctor> > * [including the GNU Public Licence.] doctor> > */ doctor> > doctor> > -/* We need to define this to get macros like S_IFBLK and S_IFCHR */ doctor> > -#if !defined(OPENSSL_SYS_VXWORKS) doctor> > -# define _XOPEN_SOURCE 500 doctor> > -#endif doctor> > - doctor> > #include doctor> > #include doctor> > #include doctor> > @@ -80,6 +75,29 @@ doctor> > #ifndef OPENSSL_NO_POSIX_IO doctor> > # include doctor> > # include doctor> > +/* doctor> > + * Following should not be needed, and we could have been stricter doctor> > + * and demand S_IS*. But some systems just don't comply... Formally doctor> > + * below macros are "anatomically incorrect", because normally they doctor> > + * would look like ((m) & MASK == TYPE), but since MASK availability doctor> > + * is as questionable, we settle for this poor-man fallback... doctor> > + */ doctor> > +# if !defined(S_ISBLK) doctor> > +# if defined(_S_IFBLK) doctor> > +# define S_ISBLK(m) ((m) & _S_IFBLK) doctor> > +# elif defined(S_IFBLK) doctor> > +# define S_ISBLK(m) ((m) & S_IFBLK) doctor> > +# elif defined(_WIN32) doctor> > +# define S_ISBLK(m) 0 /* no concept of block devices on Windows */ doctor> > +# endif doctor> > +# endif doctor> > +# if !defined(S_ISCHR) doctor> > +# if defined(_S_IFCHR) doctor> > +# define S_ISCHR(m) ((m) & _S_IFCHR) doctor> > +# elif defined(S_IFCHR) doctor> > +# define S_ISCHR(m) ((m) & S_IFCHR) doctor> > +# endif doctor> > +# endif doctor> > #endif doctor> >
Re: [openssl-dev] openssl 1.0.2 SNAPSHOT issue that exists since 20160521
On Tue, May 24, 2016 at 12:26:02PM +0200, Richard Levitte wrote: > In message <20160524070954.ga17...@doctor.nl2k.ab.ca> on Tue, 24 May 2016 > 01:09:55 -0600, The Doctor said: > > doctor> On Mon, May 23, 2016 at 10:10:46AM +0200, Richard Levitte wrote: > doctor> > In message <20160523070428.ga17...@doctor.nl2k.ab.ca> on Mon, 23 > May 2016 01:04:29 -0600, The Doctor said: > doctor> > > doctor> > doctor> On Sun, May 22, 2016 at 06:34:26AM -0600, The Doctor wrote: > doctor> > doctor> > > doctor> > doctor> > when executing > doctor> > doctor> > > doctor> > doctor> > ../apps/openssl x509 -sha1 -CAcreateserial -in reqCA.ss > -days 30 -req -out certCA.ss -signkey keyCA.ss -extfile CAss.cnf -extensions > v3_ca > doctor> > doctor> > > doctor> > doctor> > during the test phase, it looks as if the test hangs. > doctor> > doctor> > > doctor> > doctor> > Please look into this. > doctor> > doctor> > > doctor> > doctor> > doctor> > doctor> > doctor> > doctor> This issue now exists in 20160523 . > doctor> > doctor> > doctor> > doctor> Please look into this showstopper. > doctor> > > doctor> > Can't reproduce. I've tried on Linux (Debian bleeding edge) and > doctor> > FreeBSD (8.4-RELEASE-p14). However, I did it with the default > config > doctor> > (BSD-x86_64, which is what ./config gives me automagically, and no > doctor> > extra options), please remind me of yours. > doctor> > > doctor> > doctor> All right, what changed between 20160520 and 20160521 ? > doctor> > doctor> Simple question. That is the source of the showstopper. > > I'm attaching the only change that I can think makes a difference. > Try a 'patch -R -p1 < xopen_source.patch' and see if that changes > anything. > > I don't think we're going to back off from that change, so if you can > help us figure out what goes wrong with it on your system and how to > improve the change, that's be great. > > Cheers, > Richard > > -- > Richard Levitte levi...@openssl.org > OpenSSL Project http://www.openssl.org/~levitte/ > commit e10b54ca32280d9fec20085f404dcdcf2217c90e > Author: Andy Polyakov > Date: Mon May 16 16:44:33 2016 +0200 > > rand/randfile.c: remove _XOPEN_SOURCE definition. > > Defintions of macros similar to _XOPEN_SOURCE belong in command line > or in worst case prior first #include directive in source. As for > macros is was allegedly controlling. One can argue that we are > probably better off demanding S_IS* macros but there are systems > that just don't comply, hence this compromise solution... > > Reviewed-by: Rich Salz > (cherry picked from commit 2e6d7799ffc47604d06e0465afeb84b91aff8006) > > diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c > index 9537c56..76bdb9a 100644 > --- a/crypto/rand/randfile.c > +++ b/crypto/rand/randfile.c > @@ -56,11 +56,6 @@ > * [including the GNU Public Licence.] > */ > > -/* We need to define this to get macros like S_IFBLK and S_IFCHR */ > -#if !defined(OPENSSL_SYS_VXWORKS) > -# define _XOPEN_SOURCE 500 > -#endif > - > #include > #include > #include > @@ -80,6 +75,29 @@ > #ifndef OPENSSL_NO_POSIX_IO > # include > # include > +/* > + * Following should not be needed, and we could have been stricter > + * and demand S_IS*. But some systems just don't comply... Formally > + * below macros are "anatomically incorrect", because normally they > + * would look like ((m) & MASK == TYPE), but since MASK availability > + * is as questionable, we settle for this poor-man fallback... > + */ > +# if !defined(S_ISBLK) > +# if defined(_S_IFBLK) > +# define S_ISBLK(m) ((m) & _S_IFBLK) > +# elif defined(S_IFBLK) > +# define S_ISBLK(m) ((m) & S_IFBLK) > +# elif defined(_WIN32) > +# define S_ISBLK(m) 0 /* no concept of block devices on Windows */ > +# endif > +# endif > +# if !defined(S_ISCHR) > +# if defined(_S_IFCHR) > +# define S_ISCHR(m) ((m) & _S_IFCHR) > +# elif defined(S_IFCHR) > +# define S_ISCHR(m) ((m) & S_IFCHR) > +# endif > +# endif > #endif > > #ifdef _WIN32 > @@ -151,8 +169,8 @@ int RAND_load_file(const char *file, long bytes) > #endif > if (in == NULL) > goto err; > -#if defined(S_IFBLK) && defined(S_IFCHR) && !defined(OPENSSL_NO_POSIX_IO) > -if (sb.st_mode & (S_IFBLK | S_IFCHR)) { > +#if defined(S_ISBLK) && defined(S_ISCHR) && !defined(OPENSSL_NO_POSIX_IO) > +if (S_ISBLK(sb.st_mode) || S_ISCHR(sb.st_mode)) { > /* > * this file is a device. we don't want read an infinite number of > * bytes from a random device, nor do we want to use buffered I/O The patch worked. What is next? -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Abuse a man unjustly, and you will make friends for him. -Edgar Watson Howe -- openssl-dev mailing list To unsubscribe
Re: [openssl-dev] openssl 1.0.2 SNAPSHOT issue that exists since 20160521
In message <20160524070954.ga17...@doctor.nl2k.ab.ca> on Tue, 24 May 2016 01:09:55 -0600, The Doctor said: doctor> On Mon, May 23, 2016 at 10:10:46AM +0200, Richard Levitte wrote: doctor> > In message <20160523070428.ga17...@doctor.nl2k.ab.ca> on Mon, 23 May 2016 01:04:29 -0600, The Doctor said: doctor> > doctor> > doctor> On Sun, May 22, 2016 at 06:34:26AM -0600, The Doctor wrote: doctor> > doctor> > doctor> > doctor> > when executing doctor> > doctor> > doctor> > doctor> > ../apps/openssl x509 -sha1 -CAcreateserial -in reqCA.ss -days 30 -req -out certCA.ss -signkey keyCA.ss -extfile CAss.cnf -extensions v3_ca doctor> > doctor> > doctor> > doctor> > during the test phase, it looks as if the test hangs. doctor> > doctor> > doctor> > doctor> > Please look into this. doctor> > doctor> > doctor> > doctor> doctor> > doctor> doctor> > doctor> This issue now exists in 20160523 . doctor> > doctor> doctor> > doctor> Please look into this showstopper. doctor> > doctor> > Can't reproduce. I've tried on Linux (Debian bleeding edge) and doctor> > FreeBSD (8.4-RELEASE-p14). However, I did it with the default config doctor> > (BSD-x86_64, which is what ./config gives me automagically, and no doctor> > extra options), please remind me of yours. doctor> > doctor> doctor> All right, what changed between 20160520 and 20160521 ? doctor> doctor> Simple question. That is the source of the showstopper. I'm attaching the only change that I can think makes a difference. Try a 'patch -R -p1 < xopen_source.patch' and see if that changes anything. I don't think we're going to back off from that change, so if you can help us figure out what goes wrong with it on your system and how to improve the change, that's be great. Cheers, Richard -- Richard Levitte levi...@openssl.org OpenSSL Project http://www.openssl.org/~levitte/ commit e10b54ca32280d9fec20085f404dcdcf2217c90e Author: Andy Polyakov Date: Mon May 16 16:44:33 2016 +0200 rand/randfile.c: remove _XOPEN_SOURCE definition. Defintions of macros similar to _XOPEN_SOURCE belong in command line or in worst case prior first #include directive in source. As for macros is was allegedly controlling. One can argue that we are probably better off demanding S_IS* macros but there are systems that just don't comply, hence this compromise solution... Reviewed-by: Rich Salz (cherry picked from commit 2e6d7799ffc47604d06e0465afeb84b91aff8006) diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c index 9537c56..76bdb9a 100644 --- a/crypto/rand/randfile.c +++ b/crypto/rand/randfile.c @@ -56,11 +56,6 @@ * [including the GNU Public Licence.] */ -/* We need to define this to get macros like S_IFBLK and S_IFCHR */ -#if !defined(OPENSSL_SYS_VXWORKS) -# define _XOPEN_SOURCE 500 -#endif - #include #include #include @@ -80,6 +75,29 @@ #ifndef OPENSSL_NO_POSIX_IO # include # include +/* + * Following should not be needed, and we could have been stricter + * and demand S_IS*. But some systems just don't comply... Formally + * below macros are "anatomically incorrect", because normally they + * would look like ((m) & MASK == TYPE), but since MASK availability + * is as questionable, we settle for this poor-man fallback... + */ +# if !defined(S_ISBLK) +# if defined(_S_IFBLK) +# define S_ISBLK(m) ((m) & _S_IFBLK) +# elif defined(S_IFBLK) +# define S_ISBLK(m) ((m) & S_IFBLK) +# elif defined(_WIN32) +# define S_ISBLK(m) 0 /* no concept of block devices on Windows */ +# endif +# endif +# if !defined(S_ISCHR) +# if defined(_S_IFCHR) +# define S_ISCHR(m) ((m) & _S_IFCHR) +# elif defined(S_IFCHR) +# define S_ISCHR(m) ((m) & S_IFCHR) +# endif +# endif #endif #ifdef _WIN32 @@ -151,8 +169,8 @@ int RAND_load_file(const char *file, long bytes) #endif if (in == NULL) goto err; -#if defined(S_IFBLK) && defined(S_IFCHR) && !defined(OPENSSL_NO_POSIX_IO) -if (sb.st_mode & (S_IFBLK | S_IFCHR)) { +#if defined(S_ISBLK) && defined(S_ISCHR) && !defined(OPENSSL_NO_POSIX_IO) +if (S_ISBLK(sb.st_mode) || S_ISCHR(sb.st_mode)) { /* * this file is a device. we don't want read an infinite number of * bytes from a random device, nor do we want to use buffered I/O -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] openssl 1.0.2 SNAPSHOT issue that exists since 20160521
On Mon, May 23, 2016 at 10:10:46AM +0200, Richard Levitte wrote: > In message <20160523070428.ga17...@doctor.nl2k.ab.ca> on Mon, 23 May 2016 > 01:04:29 -0600, The Doctor said: > > doctor> On Sun, May 22, 2016 at 06:34:26AM -0600, The Doctor wrote: > doctor> > > doctor> > when executing > doctor> > > doctor> > ../apps/openssl x509 -sha1 -CAcreateserial -in reqCA.ss -days 30 > -req -out certCA.ss -signkey keyCA.ss -extfile CAss.cnf -extensions v3_ca > doctor> > > doctor> > during the test phase, it looks as if the test hangs. > doctor> > > doctor> > Please look into this. > doctor> > > doctor> > doctor> > doctor> This issue now exists in 20160523 . > doctor> > doctor> Please look into this showstopper. > > Can't reproduce. I've tried on Linux (Debian bleeding edge) and > FreeBSD (8.4-RELEASE-p14). However, I did it with the default config > (BSD-x86_64, which is what ./config gives me automagically, and no > extra options), please remind me of yours. > All right, what changed between 20160520 and 20160521 ? Simple question. That is the source of the showstopper. > Cheers, > Richard > > -- > Richard Levitte levi...@openssl.org > OpenSSL Project http://www.openssl.org/~levitte/ -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Abuse a man unjustly, and you will make friends for him. -Edgar Watson Howe -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] openssl 1.0.2 SNAPSHOT issue that exists since 20160521
On Mon, May 23, 2016 at 10:10:46AM +0200, Richard Levitte wrote: > In message <20160523070428.ga17...@doctor.nl2k.ab.ca> on Mon, 23 May 2016 > 01:04:29 -0600, The Doctor said: > > doctor> On Sun, May 22, 2016 at 06:34:26AM -0600, The Doctor wrote: > doctor> > > doctor> > when executing > doctor> > > doctor> > ../apps/openssl x509 -sha1 -CAcreateserial -in reqCA.ss -days 30 > -req -out certCA.ss -signkey keyCA.ss -extfile CAss.cnf -extensions v3_ca > doctor> > > doctor> > during the test phase, it looks as if the test hangs. > doctor> > > doctor> > Please look into this. > doctor> > > doctor> > doctor> > doctor> This issue now exists in 20160523 . > doctor> > doctor> Please look into this showstopper. > > Can't reproduce. I've tried on Linux (Debian bleeding edge) and > FreeBSD (8.4-RELEASE-p14). However, I did it with the default config > (BSD-x86_64, which is what ./config gives me automagically, and no > extra options), please remind me of yours. > ./Configure 386 threads shared experimental-libunbound experimental-dane no-sse2 enable-srtp no-sctp experimental-jpake experimental-store enable-whrlpool enable-montasm enable-capieng enable-cms enable-seed enable-tlsext enable-ssl-trace enable-camellia enable-rfc3779 enable-gmp enable-mdc2 enable-md5 enable-rc5 experimental-multiblock enable-unit-test zlib-dynamic no-ssl3 --prefix=/usr/contrib --openssldir=/usr/contrib debug-bsdi-x86-elf ; make update;make depend "debug-bsdi-x86-elf", "gcc3:-DPERL5 -DL_ENDIAN -DTERMIOS -fomit-frame-pointer -O2 -Wall -g::${BSDthreads}::-lgmp -ldl -lm -lc -lz:THIRY_TWO_BIT_LONG RC4_CHUNK BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fP IC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", > Cheers, > Richard > > -- > Richard Levitte levi...@openssl.org > OpenSSL Project http://www.openssl.org/~levitte/ -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Abuse a man unjustly, and you will make friends for him. -Edgar Watson Howe -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] openssl 1.0.2 SNAPSHOT issue that exists since 20160521
In message <20160523070428.ga17...@doctor.nl2k.ab.ca> on Mon, 23 May 2016 01:04:29 -0600, The Doctor said: doctor> On Sun, May 22, 2016 at 06:34:26AM -0600, The Doctor wrote: doctor> > doctor> > when executing doctor> > doctor> > ../apps/openssl x509 -sha1 -CAcreateserial -in reqCA.ss -days 30 -req -out certCA.ss -signkey keyCA.ss -extfile CAss.cnf -extensions v3_ca doctor> > doctor> > during the test phase, it looks as if the test hangs. doctor> > doctor> > Please look into this. doctor> > doctor> doctor> doctor> This issue now exists in 20160523 . doctor> doctor> Please look into this showstopper. Can't reproduce. I've tried on Linux (Debian bleeding edge) and FreeBSD (8.4-RELEASE-p14). However, I did it with the default config (BSD-x86_64, which is what ./config gives me automagically, and no extra options), please remind me of yours. Cheers, Richard -- Richard Levitte levi...@openssl.org OpenSSL Project http://www.openssl.org/~levitte/ -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] openssl 1.0.2 SNAPSHOT issue that exists since 20160521
On Sun, May 22, 2016 at 06:34:26AM -0600, The Doctor wrote: > > when executing > > ../apps/openssl x509 -sha1 -CAcreateserial -in reqCA.ss -days 30 -req -out > certCA.ss -signkey keyCA.ss -extfile CAss.cnf -extensions v3_ca > > during the test phase, it looks as if the test hangs. > > Please look into this. > This issue now exists in 20160523 . Please look into this showstopper. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Abuse a man unjustly, and you will make friends for him. -Edgar Watson Howe -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] openssl 1.0.2 SNAPSHOT issue that exists since 20160521
when executing ../apps/openssl x509 -sha1 -CAcreateserial -in reqCA.ss -days 30 -req -out certCA.ss -signkey keyCA.ss -extfile CAss.cnf -extensions v3_ca during the test phase, it looks as if the test hangs. Please look into this. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Abuse a man unjustly, and you will make friends for him. -Edgar Watson Howe -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev