Re: [openssl.org #2099] [PATCH] OpenSSL 1.0.0 beta4 release (OpenVMS)
> http://antinode.info/ftp/openssl/1_0_1/apps/CA.com Updated. The first one lacked a "-" line continuation (sigh), and, while I was looking at "apps/CA.sh", I noticed that it checked to see if "CATOP" was defined before setting it to "demoCA": if [ -z "$CATOP" ] ; then CATOP=./demoCA ; fi It seemed reasonable to me for "apps/CA.com" to do that, too, so now it does. It must be perfect, now. Steven M. Schweda s...@antinode-info 382 South Warwick Street(+1) 651-699-9818 Saint Paul MN 55105-2547 __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #2099] [PATCH] OpenSSL 1.0.0 beta4 release (OpenVMS)
> [...] A revised "test/CA.com" may be found at: > > http://antinode.info/ftp/openssl/1_0_1/apps/CA.com That should have been 'A revised "apps/CA.com"', of course. SMS. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #2099] [PATCH] OpenSSL 1.0.0 beta4 release (OpenVMS)
From: Arpadffy Zoltan > TODO: > The CA.COM is not usable as it is therefore both tests: TESTCA.COM and > TESTTSA.COM fail. I don't remember what that "not usable" was, but on my VAX (VMS V7.3) system, I got some "%DCL-W-TKNOVF, command element is too long - shorten" complaints (and consequent test failures) caused by long file specifications (names based at "GIMP$DUA0:[UTILITY.SOURCE.OPENSSL.OPENSSL-1_0_1-STABLE-SNAP-20101217.TEST]", for example). A revised "test/CA.com" may be found at: http://antinode.info/ftp/openssl/1_0_1/apps/CA.com Has anyone decided whether something should be done about the zillion compiler complaints like the following? [...] bn_nist.c nist_set_192(t_d, buf, 0, 3, 3); ^ %CC-I-BADSUBSCRIPT, In this statement, an array subscript expression is either less than zero or greater than the largest value that can be represented by the size_t type. At line number 390 in GIMP$DUA0:[UTILITY.SOURCE.OPENSSL.OPENSSL-1_0_1-STABLE-SNAP-20101217.CRYPTO.BN]BN_NIST.C;1. nist_set_192(t_d, buf, 0, 3, 3); ^ %CC-I-BADSUBSCRIPT, In this statement, an array subscript expression is either less than zero or greater than the largest value that can be represented by the size_t type. At line number 390 in GIMP$DUA0:[UTILITY.SOURCE.OPENSSL.OPENSSL-1_0_1-STABLE-SNAP-20101217.CRYPTO.BN]BN_NIST.C;1. nist_set_192(t_d, buf, 4, 4, 0); ^ %CC-I-BADSUBSCRIPT, In this statement, an array subscript expression is either less than zero or greater than the largest value that can be represented by the size_t type. At line number 392 in GIMP$DUA0:[UTILITY.SOURCE.OPENSSL.OPENSSL-1_0_1-STABLE-SNAP-20101217.CRYPTO.BN]BN_NIST.C;1. [...] Steven M. Schweda s...@antinode-info 382 South Warwick Street(+1) 651-699-9818 Saint Paul MN 55105-2547 __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
RE: [openssl.org #2099] [PATCH] OpenSSL 1.0.0 beta4 release (OpenVMS)
Hello Richard, > Is parts of this still an issue or can I simply close this ticket? I have verified the listed issues and seem all of them are resolved in openssl-1.0.1-stable-SNAP-20101215 and I would suggest closing the ticket. Thank you, Richard. Regards, Z -Original Message- From: Richard Levitte via RT [mailto:r...@openssl.org] Sent: den 16 december 2010 01:18 To: Arpadffy Zoltan Cc: openssl-dev@openssl.org Subject: [openssl.org #2099] [PATCH] OpenSSL 1.0.0 beta4 release (OpenVMS) Is parts of this still an issue or can I simply close this ticket? > [zoltan.arpad...@scientificgames.se - Fri Nov 13 09:12:58 2009]: > > Hello, > > > Can you (and others in this thread) please submit bug fix patches to > the > > request tracker (r...@openssl.org) so they don't get overlooked?? > > Please note this is the official submit to RT (mail already submitted > to the list) > > Additionally to SMS's changes (below)... here are the changes that are > needed to be added in order to get OpenVMS build correctly. > > The only extra improvement is that I used the unused second variable > to configure the pointer size (32 or 64). > > TODO: > The CA.COM is not usable as it is therefore both tests: TESTCA.COM and > TESTTSA.COM fail. > > Regards, > Z > > TOR_ZAY $ gdiff -p DSA104: ORIG>MAKEVMS.COM DSA104:MAKEVMS.COM > *** dsa104:makevms.com Tue > Aug 25 09:30:02 2009 > --- dsa104:makevms.comThu > Nov 12 11:01:00 2009 > *** $! End > *** 347,356 > $! > $ ENDIF > $! > - $! There are many places where this is needed. > - $! > - $ WRITE H_FILE "#define _XOPEN_SOURCE_EXTENDED" > - $! > $! Close the [.CRYPTO.]OPENSSLCONF.H file > $! > $ CLOSE H_FILE > --- 347,352 > *** $ TIME = F$TIME() > *** 386,392 > $! > $! Write The [.CRYPTO.]BUILDINF.H File. > $! > ! $ WRITE H_FILE "#define CFLAGS """" /* Not filled in for now */" > $ WRITE H_FILE "#define PLATFORM ""VMS ''ARCH' ''VMS_VER'""" > $ WRITE H_FILE "#define DATE ""''TIME'"" " > $! > --- 382,388 > $! > $! Write The [.CRYPTO.]BUILDINF.H File. > $! > ! $ WRITE H_FILE "#define CFLAGS > ""/pointer_size=''POINTER_SIZE'/float=g"" /* compiler flags */" > $ WRITE H_FILE "#define PLATFORM ""VMS ''ARCH' ''VMS_VER'""" > $ WRITE H_FILE "#define DATE ""''TIME'"" " > $! > *** $! Tell The User We Are Partly Rebuildin > *** 410,416 > $! > $ WRITE SYS$OUTPUT "Rebuilding The '[.APPS]MD4.C', '[.APPS]MD5.C' > And '[.APPS]RMD160.C' Files." > $! > ! $ DELETE SYS$DISK:[.APPS]MD4.C;*,MD5.C;*,RMD160.C;* > $! > $! Copy MD4.C from [.CRYPTO.MD4] into [.APPS] > $! > --- 406,412 > $! > $ WRITE SYS$OUTPUT "Rebuilding The '[.APPS]MD4.C', '[.APPS]MD5.C' > And '[.APPS]RMD160.C' Files." > $! > ! $ DELETE /NOLOG SYS$DISK:[.APPS]MD4.C;*,MD5.C;*,RMD160.C;* > $! > $! Copy MD4.C from [.CRYPTO.MD4] into [.APPS] > $! > *** $! > *** 431,438 > $! First, We Have To "Rebuild" The "[.TEST]" Directory, So Delete > $! All The "C" Files That Are Currently There Now. > $! > ! $ DELETE SYS$DISK:[.TEST]*.C;* > ! $ DELETE SYS$DISK:[.TEST]EVPTESTS.TXT;* > $! > $! Copy all the *TEST.C files from [.CRYPTO...] into [.TEST] > $! > --- 427,434 > $! First, We Have To "Rebuild" The "[.TEST]" Directory, So Delete > $! All The "C" Files That Are Currently There Now. > $! > ! $ DELETE /NOLOG SYS$DISK:[.TEST]*.C;* > ! $ DELETE /NOLOG SYS$DISK:[.TEST]EVPTESTS.TXT;* > $! > $! Copy all the *TEST.C files from [.CRYPTO...] into [.TEST] > $! > *** $! > *** 755,761 > $!Tell The User We Don't Know What They Want. > $! > $ WRITE SYS$OUTPUT "" > ! $ WRITE SYS$OUTPUT "USAGE: @MAKEVMS.COM [Target] [not-used > option] [Debug option] " > $ WRITE SYS$OUTPUT "" > $ WRITE SYS$OUTPUT "Example: @MAKEVMS.COM ALL NORSAREF NODEBUG " > $ WRITE SYS$OUTPUT "" > --- 751,757 > $!Tell The User We Don't Know What They Want. > $! > $ WRITE SYS$OUTPUT "" > ! $ WRITE SYS$OUTPUT "USAGE: @MAKEVMS.COM [Target] [Pointer > size] [Debug option] "
[openssl.org #2099] [PATCH] OpenSSL 1.0.0 beta4 release (OpenVMS)
; + $ POINTER_SIZE = "64" > + $ ELSE > + $! > + $!Tell The User Entered An Invalid Option.. > + $! > + $ WRITE SYS$OUTPUT "" > + $ WRITE SYS$OUTPUT "The Option ",P2," Is Invalid. The Valid > Options Are:" > + $ WRITE SYS$OUTPUT "" > + $ WRITE SYS$OUTPUT "32 : Compile with 32 bit pointer size" > + $ WRITE SYS$OUTPUT "64 : Compile with 64 bit pointer size" > + $ WRITE SYS$OUTPUT "" > + $! > + $!Time To EXIT. > + $! > + $ GOTO TIDY > + $! > + $! End The Valid Arguement Check. > + $! > + $ ENDIF > + $ ENDIF > + $! End The P2 Check. > + $! > $! Check To See If P3 Is Blank. > $! > $ IF (P3.EQS."NODEBUG") > > > TOR_ZAY $ gdiff -p DSA104: ORIG.crypto.pqueue>pqueue.h DSA104: BETA4.CRYPTO.PQUEUE>PQUEUE.H > > *** dsa104: orig.crypto.pqueue>pqueue.hSat May 16 18:17:46 2009 > --- dsa104:pqueue.h > Thu Nov 12 10:12:12 2009 > *** > *** 64,69 > --- 64,74 > #include > #include > > + #ifdef OPENSSL_SYS_VMS > + #include > + #include > + #endif > + > typedef struct _pqueue *pqueue; > > typedef struct _pitem > > > TOR_ZAY $ gdiff -p DSA104: ORIG.apps>s_socket.c DSA104: BETA4.apps>s_socket.c > *** dsa104:s_socket.c > Wed Aug 26 13:21:50 2009 > --- dsa104:s_socket.cThu > Nov 12 10:47:18 2009 > *** > *** 72,78 > recursive header file inclusion, resulting in the compiler > complaining > that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, > which > is needed to have fileno() declared correctly... So let's define > u_int */ > ! #if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT) > #define __U_INT > typedef unsigned int u_int; > #endif > --- 72,78 > recursive header file inclusion, resulting in the compiler > complaining > that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, > which > is needed to have fileno() declared correctly... So let's define > u_int */ > ! #if (defined(VMS) || defined(__VMS)) && !defined(__U_INT) > #define __U_INT > typedef unsigned int u_int; > #endif > > > TOR_ZAY $ gdiff -p DSA104: ORIG.apps>s_server.c DSA104: BETA4.apps>s_server.c > *** dsa104:s_server.c > Wed Oct 28 18:49:38 2009 > --- dsa104:s_server.cThu > Nov 12 10:47:57 2009 > *** > *** 165,171 > recursive header file inclusion, resulting in the compiler > complaining > that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, > which > is needed to have fileno() declared correctly... So let's define > u_int */ > ! #if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT) > #define __U_INT > typedef unsigned int u_int; > #endif > --- 165,171 > recursive header file inclusion, resulting in the compiler > complaining > that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, > which > is needed to have fileno() declared correctly... So let's define > u_int */ > ! #if (defined(VMS) || defined(__VMS)) && !defined(__U_INT) > #define __U_INT > typedef unsigned int u_int; > #endif > > > TOR_ZAY $ gdiff -p DSA104: ORIG.test>tests.com DSA104: BETA4.test>tests.com > *** dsa104:tests.com > Tue Aug 25 09:17:14 2009 > --- dsa104:tests.com Thu > Nov 12 15:46:44 2009 > *** $ exe_dir := sys$disk:[-.'__arch'.exe.ap > *** 14,19 > --- 14,28 > $ > $ set default '__here' > $ > + $ ROOT = F$PARSE(__here,"[]A.;0",,,"SYNTAX_ONLY,NO_CONCEAL") - > "A.;0" > + $ ROOT_DEV = F$PARSE(ROOT,,,"DEVICE","SYNTAX_ONLY") > + $ ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") - > +- ".][00" - "[00." - "][" - "[" - "]" - > ".TEST" > + $ ROOT = ROOT_DEV + "[" + ROOT_DIR > + $ DEFINE/NOLOG SSLROOT 'ROOT'.APPS.] /TRANS=CONC > + $ > + $ openssl :== $'ROOT'.'__arch'.exe.apps]OPENSSL > + $ > $ on control_y then goto exit > $ on error then goto exit > $ > *** $! NOTE: This list reflects the list of > *** 25,38 > $! "alltests" target in Makefile. This should make it easy to see > $! if there's a difference that needs to be taken care of. > $ tests := - &
RE: OpenSSL 1.0.0 beta4 release
Hello Richard, I have tested the OPENSSL-100-STABLE-SNAP-20091116 and it looks much better. Thank you for the merge. I have two small remarks: 1. I'm still missing the pointer size choice. I think that it is wise to give the possibility to choose between 64 and 32 bit pointer size build. 2. Meanwhile the new development introduced four new functions that are longer than 32 chars. K-W-NUDFSYMS, 4 undefined symbols: %ILINK-I-UDFSYM,SSL_ADD_CLIENTHELLO_RENEGOTIATE %ILINK-I-UDFSYM,SSL_ADD_SERVERHELLO_RENEGOTIATE %ILINK-I-UDFSYM,SSL_PARSE_CLIENTHELLO_RENEGOTIA %ILINK-I-UDFSYM,SSL_PARSE_SERVERHELLO_RENEGOTIA Is there any possibility to handle these long function names issue automatically... with some coding rules or with merging trigger, that would solve automatically those VMS issues. Honestly, having that long function names is more sign of ignorance, than structure and good coding practice. Thank you. Regards, Z -Original Message- From: Richard Levitte [mailto:rich...@levitte.org] Sent: den 13 november 2009 09:44 To: openssl-dev@openssl.org; Arpadffy Zoltan Subject: Re: OpenSSL 1.0.0 beta4 release In message <839c820b5c926b4b89713b3a6ed68d2aae5...@sgstmail.scigames.at> on Fri, 13 Nov 2009 09:14:07 +0100, "Arpadffy Zoltan" said: Zoltan.Arpadffy> ... my only wish is to get a clean build on OpenVMS Zoltan.Arpadffy> when I download the code next time. That's what we all want in the end... Can I suggest you have a look at today's snapshot (that goes for Stephen as well) and go from there? -- Richard Levitte rich...@levitte.org http://richard.levitte.org/ "Life is a tremendous celebration - and I'm invited!" -- from a friend's blog, translated from Swedish __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: OpenSSL 1.0.0 beta4 release
In message <839c820b5c926b4b89713b3a6ed68d2aae5...@sgstmail.scigames.at> on Fri, 13 Nov 2009 09:14:07 +0100, "Arpadffy Zoltan" said: Zoltan.Arpadffy> ... my only wish is to get a clean build on OpenVMS Zoltan.Arpadffy> when I download the code next time. That's what we all want in the end... Can I suggest you have a look at today's snapshot (that goes for Stephen as well) and go from there? -- Richard Levitte rich...@levitte.org http://richard.levitte.org/ "Life is a tremendous celebration - and I'm invited!" -- from a friend's blog, translated from Swedish __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
RE: OpenSSL 1.0.0 beta4 release
Hello, I use the following compilers: HP C V7.2-001 on OpenVMS IA64 V8.3 Compaq C V6.4-008 on OpenVMS Alpha V7.3-2 These were the changes that I applied - and rewarded me with clean compile and usable libraries. For sure you know better the code... and there might be better solutions. Please, include what you feel that is right. ... my only wish is to get a clean build on OpenVMS when I download the code next time. Thank you Richard. Regards, Z -Original Message- From: Richard Levitte [mailto:rich...@levitte.org] Sent: den 12 november 2009 22:56 To: openssl-dev@openssl.org; Arpadffy Zoltan Subject: Re: OpenSSL 1.0.0 beta4 release In message <839c820b5c926b4b89713b3a6ed68d2aae5...@sgstmail.scigames.at> on Thu, 12 Nov 2009 16:26:57 +0100, "Arpadffy Zoltan" said: Zoltan.Arpadffy> Hello, Zoltan.Arpadffy> Zoltan.Arpadffy> Additionally to SMS's changes... here are the changes that are needed to Zoltan.Arpadffy> be added in order to get OpenVMS build correctly. Okay, since I'm obviously in an interactive mood (and it's been requested anyway ;-)), there are a couple of your patches that I don't understand: Zoltan.Arpadffy> TOR_ZAY $ gdiff -p Zoltan.Arpadffy> DSA104:pqueue.h Zoltan.Arpadffy> DSA104:PQUEUE.H Zoltan.Arpadffy> Zoltan.Arpadffy> *** dsa104:pqueue.h Sat May 16 18:17:46 2009 Zoltan.Arpadffy> --- dsa104:pqueue.h Thu Nov 12 10:12:12 2009 Zoltan.Arpadffy> *** Zoltan.Arpadffy> *** 64,69 Zoltan.Arpadffy> --- 64,74 Zoltan.Arpadffy> #include Zoltan.Arpadffy> #include Zoltan.Arpadffy> Zoltan.Arpadffy> + #ifdef OPENSSL_SYS_VMS Zoltan.Arpadffy> + #include Zoltan.Arpadffy> + #include Zoltan.Arpadffy> + #endif Zoltan.Arpadffy> + Zoltan.Arpadffy> typedef struct _pqueue *pqueue; Zoltan.Arpadffy> Zoltan.Arpadffy> typedef struct _pitem Why? I see nothing in that header file that would need anything from resource.h or sys/timeb.h... is it really something needed in one of the .c files? Then I think it's better to change there. Zoltan.Arpadffy> TOR_ZAY $ gdiff -p Zoltan.Arpadffy> DSA104:s_socket.c Zoltan.Arpadffy> DSA104:s_socket.c Zoltan.Arpadffy> *** dsa104:s_socket.c Wed Aug 26 13:21:50 2009 Zoltan.Arpadffy> --- dsa104:s_socket.cThu Nov 12 10:47:18 2009 Zoltan.Arpadffy> *** Zoltan.Arpadffy> *** 72,78 Zoltan.Arpadffy> recursive header file inclusion, resulting in the compiler complaining Zoltan.Arpadffy> that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which Zoltan.Arpadffy> is needed to have fileno() declared correctly... So let's define u_int */ Zoltan.Arpadffy> ! #if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT) Zoltan.Arpadffy> #define __U_INT Zoltan.Arpadffy> typedef unsigned int u_int; Zoltan.Arpadffy> #endif Zoltan.Arpadffy> --- 72,78 Zoltan.Arpadffy> recursive header file inclusion, resulting in the compiler complaining Zoltan.Arpadffy> that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which Zoltan.Arpadffy> is needed to have fileno() declared correctly... So let's define u_int */ Zoltan.Arpadffy> ! #if (defined(VMS) || defined(__VMS)) && !defined(__U_INT) Zoltan.Arpadffy> #define __U_INT Zoltan.Arpadffy> typedef unsigned int u_int; Zoltan.Arpadffy> #endif Why? it includes e_os2.h, which defines OPENSSL_SYS_VMS_DECC if DEC C (Compaq C? HP C?) is used. Does this mean the definitions in e_os2.h need to be updated? Zoltan.Arpadffy> TOR_ZAY $ gdiff -p Zoltan.Arpadffy> DSA104:s_server.c Zoltan.Arpadffy> DSA104:s_server.c Zoltan.Arpadffy> *** dsa104:s_server.c Wed Oct 28 18:49:38 2009 Zoltan.Arpadffy> --- dsa104:s_server.cThu Nov 12 10:47:57 2009 Zoltan.Arpadffy> *** Zoltan.Arpadffy> *** 165,171 Zoltan.Arpadffy> recursive header file inclusion, resulting in the compiler complaining Zoltan.Arpadffy> that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which Zoltan.Arpadffy> is needed to have fileno() declared correctly... So let's define u_int */ Zoltan.Arpadffy> ! #if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT) Zoltan.Arpadffy> #define __U_INT Zoltan.Arpadffy> typedef unsigned int u_int; Zoltan.Arpadffy> #endif Zoltan.Arpadffy> --- 165,171 Zoltan.Arpadffy> recursive header file inclusion, resulting in the compiler complaining Zoltan.Arpadffy> that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which Zoltan.Arpadffy> is needed to have fileno() declared correctly... So let's define u_int */ Zoltan.Arpadffy> ! #if (defined(VMS) || defined(__VMS)) && !defined(__U_INT) Zoltan.Arpadffy> #define __U_INT Zoltan.Arpadffy> typedef
[openssl.org #2099] [PATCH] OpenSSL 1.0.0 beta4 release (OpenVMS)
Sat May 16 18:17:46 2009 --- dsa104:pqueue.h Thu Nov 12 10:12:12 2009 *** *** 64,69 --- 64,74 #include #include + #ifdef OPENSSL_SYS_VMS + #include + #include + #endif + typedef struct _pqueue *pqueue; typedef struct _pitem TOR_ZAY $ gdiff -p DSA104:s_socket.c DSA104:s_socket.c *** dsa104:s_socket.c Wed Aug 26 13:21:50 2009 --- dsa104:s_socket.cThu Nov 12 10:47:18 2009 *** *** 72,78 recursive header file inclusion, resulting in the compiler complaining that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which is needed to have fileno() declared correctly... So let's define u_int */ ! #if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT) #define __U_INT typedef unsigned int u_int; #endif --- 72,78 recursive header file inclusion, resulting in the compiler complaining that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which is needed to have fileno() declared correctly... So let's define u_int */ ! #if (defined(VMS) || defined(__VMS)) && !defined(__U_INT) #define __U_INT typedef unsigned int u_int; #endif TOR_ZAY $ gdiff -p DSA104:s_server.c DSA104:s_server.c *** dsa104:s_server.c Wed Oct 28 18:49:38 2009 --- dsa104:s_server.cThu Nov 12 10:47:57 2009 *** *** 165,171 recursive header file inclusion, resulting in the compiler complaining that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which is needed to have fileno() declared correctly... So let's define u_int */ ! #if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT) #define __U_INT typedef unsigned int u_int; #endif --- 165,171 recursive header file inclusion, resulting in the compiler complaining that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which is needed to have fileno() declared correctly... So let's define u_int */ ! #if (defined(VMS) || defined(__VMS)) && !defined(__U_INT) #define __U_INT typedef unsigned int u_int; #endif TOR_ZAY $ gdiff -p DSA104:tests.com DSA104:tests.com *** dsa104:tests.comTue Aug 25 09:17:14 2009 --- dsa104:tests.com Thu Nov 12 15:46:44 2009 *** $ exe_dir := sys$disk:[-.'__arch'.exe.ap *** 14,19 --- 14,28 $ $ set default '__here' $ + $ ROOT = F$PARSE(__here,"[]A.;0",,,"SYNTAX_ONLY,NO_CONCEAL") - "A.;0" + $ ROOT_DEV = F$PARSE(ROOT,,,"DEVICE","SYNTAX_ONLY") + $ ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") - +- ".][00" - "[00." - "][" - "[" - "]" - ".TEST" + $ ROOT = ROOT_DEV + "[" + ROOT_DIR + $ DEFINE/NOLOG SSLROOT 'ROOT'.APPS.] /TRANS=CONC + $ + $ openssl :== $'ROOT'.'__arch'.exe.apps]OPENSSL + $ $ on control_y then goto exit $ on error then goto exit $ *** $! NOTE: This list reflects the list of *** 25,38 $! "alltests" target in Makefile. This should make it easy to see $! if there's a difference that needs to be taken care of. $ tests := - ! test_des,test_idea,test_sha,test_md4,test_md5,test_hmac,- test_md2,test_mdc2,test_wp,- test_rmd,test_rc2,test_rc4,test_rc5,test_bf,test_cast,test_aes,- test_rand,test_bn,test_ec,test_ecdsa,test_ecdh,- test_enc,test_x509,test_rsa,test_crl,test_sid,- test_gen,test_req,test_pkcs7,test_verify,test_dh,test_dsa,- ! test_ss,test_ca,test_engine,test_evp,test_ssl,test_tsa,test_ige,- ! test_jpake,test_cms $ endif $ tests = f$edit(tests,"COLLAPSE") $ --- 34,47 $! "alltests" target in Makefile. This should make it easy to see $! if there's a difference that needs to be taken care of. $ tests := - ! test_des,test_idea,test_sha,test_md4,test_md5,test_hmac,- test_md2,test_mdc2,test_wp,- test_rmd,test_rc2,test_rc4,test_rc5,test_bf,test_cast,test_aes,- test_rand,test_bn,test_ec,test_ecdsa,test_ecdh,- test_enc,test_x509,test_rsa,test_crl,test_sid,- test_gen,test_req,test_pkcs7,test_verify,test_dh,test_dsa,- ! test_ss,test_ca,test_engine,test_evp,test_ssl,- ! test_jpake,test_tsa,test_ige,test_cms $ endif $ tests = f$edit(tests,"COLLAPSE") $ *** $ test_jpake: *** 284,289 --- 293,302 $ write sys$output "Test JPAKE" $ mcr 'texe_dir''jpaketest' $ return + $ test_cms: + $ write sys$output "CMS consistency test" + $ perl CMS-TEST.PL + $ return $ $ $ exit: -Original Message- From: Richard Lev
Re: OpenSSL 1.0.0 beta4 release
Hi ALL ,
I tried to build openssl-1.0.0-beta4 version of Openssl for AIX . I am
getting error while building .
I have followed the following step.
1. ./Configure -DSSL_ALLOW_ADH --prefix=/usr --openssldir=/var/ssl
no-idea no-rc5 no-ec no-symlinks shared threads aix-cc
Configuring for aix-cc
no-ec [option] OPENSSL_NO_EC (skip dir)
no-ecdh [forced] OPENSSL_NO_ECDH (skip dir)
no-ecdsa[forced] OPENSSL_NO_ECDSA (skip dir)
no-gmp [default] OPENSSL_NO_GMP (skip dir)
no-gost [forced] OPENSSL_NO_GOST (skip dir)
no-idea [option] OPENSSL_NO_IDEA (skip dir)
no-jpake[experimental] OPENSSL_NO_JPAKE (skip dir)
no-krb5 [krb5-flavor not specified] OPENSSL_NO_KRB5
no-md2 [default] OPENSSL_NO_MD2 (skip dir)
no-rc5 [option] OPENSSL_NO_RC5 (skip dir)
no-rfc3779 [default] OPENSSL_NO_RFC3779 (skip dir)
no-store[experimental] OPENSSL_NO_STORE (skip dir)
no-symlinks [option]
no-zlib [default]
no-zlib-dynamic [default]
IsMK1MF=0
CC=cc
CFLAG =-DOPENSSL_THREADS -qthreaded -DDSO_DLFCN -DHAVE_DLFCN_H
-DSSL_ALLOW_ADH -q32 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst
-DSHA1_ASM -DSHA256_ASM -DAES_ASM
EX_LIBS =
CPUID_OBJ =ppccpuid.o
BN_ASM=bn-ppc.o
DES_ENC =des_enc.o fcrypt_b.o
AES_ENC =aes_core.o aes_cbc.o aes-ppc.o
BF_ENC=bf_enc.o
CAST_ENC =c_enc.o
RC4_ENC =rc4_enc.o rc4_skey.o
RC5_ENC =rc5_enc.o
MD5_OBJ_ASM =
SHA1_OBJ_ASM =sha1-ppc.o sha256-ppc.o
RMD160_OBJ_ASM=
CMLL_ENC= =camellia.o cmll_misc.o cmll_cbc.o
PROCESSOR =
RANLIB=/usr/bin/ranlib
ARFLAGS =-X 32
PERL =/usr/bin/perl
THIRTY_TWO_BIT mode
BN_LLONG mode
RC4 uses uchar
RC4_CHUNK is undefined
Since you've disabled or enabled at least one algorithm, you need to do
the following before building:
make depend
Configured for aix-cc.
making depend in crypto...
making depend in crypto/objects...
${TOP}/util/domd ${TOP} -MD makedepend -- -DOPENSSL_THREADS
-qthreaded -DDSO_DLFCN -DHAVE_DLFCN_H -DSSL_ALLOW_ADH -q32 -O
-DB_ENDIAN -qmaxmem=16384 -qro -qroconst -DSHA1_ASM -DSHA256_ASM
-DAES_ASM -I.. -I../.. -I../asn1 -I../evp -I../../include
-DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_EC -DOPENSSL_NO_ECDH
-DOPENSSL_NO_ECDSA -DOPENSSL_NO_GMP -DOPENSSL_NO_GOST
-DOPENSSL_NO_IDEA -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5
-DOPENSSL_NO_RFC3779 -DOPENSSL_NO_STORE -- o_names.c obj_dat.c
obj_lib.c obj_err.c obj_xref.c
making depend in crypto/md4...
${TOP}/util/domd ${TOP} -MD makedepend -- -DOPENSSL_THREADS
-qthreaded -DDSO_DLFCN -DHAVE_DLFCN_H -DSSL_ALLOW_ADH -q32 -O
-DB_ENDIAN -qmaxmem=16384 -qro -qroconst -DSHA1_ASM -DSHA256_ASM
-DAES_ASM -I.. -I../.. -I../asn1 -I../evp -I../../include
-DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_EC -DOPENSSL_NO_ECDH
-DOPENSSL_NO_ECDSA -DOPENSSL_NO_GMP -DOPENSSL_NO_GOST
-DOPENSSL_NO_IDEA -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5
-DOPENSSL_NO_RFC3779 -DOPENSSL_NO_STORE -- md4_dgst.c md4_one.c
making depend in crypto/md5...
${TOP}/util/domd ${TOP} -MD makedepend -- -DOPENSSL_THREADS
-qthreaded -DDSO_DLFCN -DHAVE_DLFCN_H -DSSL_ALLOW_ADH -q32 -O
-DB_ENDIAN -qmaxmem=16384 -qro -qroconst -DSHA1_ASM -DSHA256_ASM
-DAES_ASM -I.. -I../.. -I../asn1 -I../evp -I../../include
-DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_EC -DOPENSSL_NO_ECDH
-DOPENSSL_NO_ECDSA -DOPENSSL_NO_GMP -DOPENSSL_NO_GOST
-DOPENSSL_NO_IDEA -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5
-DOPENSSL_NO_RFC3779 -DOPENSSL_NO_STORE -- md5_dgst.c md5_one.c
making depend in crypto/sha...
${TOP}/util/domd ${TOP} -MD makedepend -- -DOPENSSL_THREADS
-qthreaded -DDSO_DLFCN -DHAVE_DLFCN_H -DSSL_ALLOW_ADH -q32 -O
-DB_ENDIAN -qmaxmem=16384 -qro -qroconst -DSHA1_ASM -DSHA256_ASM
-DAES_ASM -I.. -I../.. -I../asn1 -I../evp -I../../include
-DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_EC -DOPENSSL_NO_ECDH
-DOPENSSL_NO_ECDSA -DOPENSSL_NO_GMP -DOPENSSL_NO_GOST
-DOPENSSL_NO_IDEA -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5
-DOPENSSL_NO_RFC3779 -DOPENSSL_NO_STORE -- sha_dgst.c sha1dgst.c
sha_one.c sha1_one.c sha256.c sha512.c
making depend in crypto/mdc2...
${TOP}/util/domd ${TOP} -MD makedepend -- -DOPENSSL_THREADS
-qthreaded -DDSO_DLFCN -DHAVE_DLFCN_H -DSSL_ALLOW_ADH -q32 -O
-DB_ENDIAN -qmaxmem=16384 -qro -qroconst -DSHA1_ASM -DSHA256_ASM
-DAES_ASM -I.. -I../.. -I../asn1 -I../evp -I../../include
-DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_EC -DOPENSSL_NO_ECDH
-DOPENSSL_NO_ECDSA -DOPENSSL_NO_GMP -DOPENSSL_NO_GOST
-DOPENSSL_NO_IDEA -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5
-DOPENSSL_NO_RFC3779 -DOPENSSL_NO_STORE -- mdc2dgst.c mdc2_one.c
making depend in crypto/hmac...
${TOP}/util/domd ${TOP} -MD makedepend -- -DOPENSSL_THREADS
-qthreaded -DDSO_DLFCN -DHAVE_DLFCN_H -DSSL_ALLOW_ADH -q32 -O
-DB_ENDIAN -qmaxmem=16384 -qro -qroconst -DSHA1_ASM -DSHA256_ASM
-DAES_ASM -I.
Re: OpenSSL 1.0.0 beta4 release
From: Richard Levitte > sms>Added an "SSL_" prefix to the object library names so that a > sms> victim might have some chance of identifying the things amid the > sms> clutter in SYS$SHARE: > > Most victims have read some documentation and therefore know what the > library names are. Also, the names mimic the Unixly names, so those > coming from there will immediately recognise them. And not the least, > it would affect the victims, as you pointed out yourself. Ergo, lower > priority. Of course, HP uses an "SSL$" prefix, so VMS users coming from VMS might reasonably expect to see "SSL" somewhere in the names. Also, as remarked a while back, it would be hard to find a better opportunity to make such a change than a version 1.0.0 release. (It'd be ok with me to change the UNIX names, too, but I care less about those, and it'd annoy more victims.) > sms>Obviated the annoying copying of C source files into the > sms> "test" directory (symlinks being unsupported on many VMS systems > sms> and/or file systems). > > While annoying, it's not something that stops the build from working, > ergo lower priority. If all you're doing is one build. then it matters little. If you're trying to do some development, then it's more than a little annoying. It turns comparing source trees into a real ordeal. It messes with many files, and there's no easy way to clean up afterward. Less copying is simply better. (None is best.) Just one man's opinions. > [...] The main reason to do so is that I > want to have as little sources of error in my build as possible, so I > take in one piece at a time. If any of this stuff was even close to working when I downloaded it, then that argument might carry a little more weight. (Call me a whiner.) Steven M. Schweda s...@antinode-info 382 South Warwick Street(+1) 651-699-9818 Saint Paul MN 55105-2547 __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: OpenSSL 1.0.0 beta4 release
In message <839c820b5c926b4b89713b3a6ed68d2aae5...@sgstmail.scigames.at> on Thu, 12 Nov 2009 16:26:57 +0100, "Arpadffy Zoltan" said: Zoltan.Arpadffy> Hello, Zoltan.Arpadffy> Zoltan.Arpadffy> Additionally to SMS's changes... here are the changes that are needed to Zoltan.Arpadffy> be added in order to get OpenVMS build correctly. Okay, since I'm obviously in an interactive mood (and it's been requested anyway ;-)), there are a couple of your patches that I don't understand: Zoltan.Arpadffy> TOR_ZAY $ gdiff -p Zoltan.Arpadffy> DSA104:pqueue.h Zoltan.Arpadffy> DSA104:PQUEUE.H Zoltan.Arpadffy> Zoltan.Arpadffy> *** dsa104:pqueue.h Sat May 16 18:17:46 2009 Zoltan.Arpadffy> --- dsa104:pqueue.hThu Nov 12 10:12:12 2009 Zoltan.Arpadffy> *** Zoltan.Arpadffy> *** 64,69 Zoltan.Arpadffy> --- 64,74 Zoltan.Arpadffy> #include Zoltan.Arpadffy> #include Zoltan.Arpadffy> Zoltan.Arpadffy> + #ifdef OPENSSL_SYS_VMS Zoltan.Arpadffy> + #include Zoltan.Arpadffy> + #include Zoltan.Arpadffy> + #endif Zoltan.Arpadffy> + Zoltan.Arpadffy> typedef struct _pqueue *pqueue; Zoltan.Arpadffy> Zoltan.Arpadffy> typedef struct _pitem Why? I see nothing in that header file that would need anything from resource.h or sys/timeb.h... is it really something needed in one of the .c files? Then I think it's better to change there. Zoltan.Arpadffy> TOR_ZAY $ gdiff -p Zoltan.Arpadffy> DSA104:s_socket.c Zoltan.Arpadffy> DSA104:s_socket.c Zoltan.Arpadffy> *** dsa104:s_socket.c Wed Aug 26 13:21:50 2009 Zoltan.Arpadffy> --- dsa104:s_socket.c Thu Nov 12 10:47:18 2009 Zoltan.Arpadffy> *** Zoltan.Arpadffy> *** 72,78 Zoltan.Arpadffy> recursive header file inclusion, resulting in the compiler complaining Zoltan.Arpadffy> that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which Zoltan.Arpadffy> is needed to have fileno() declared correctly... So let's define u_int */ Zoltan.Arpadffy> ! #if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT) Zoltan.Arpadffy> #define __U_INT Zoltan.Arpadffy> typedef unsigned int u_int; Zoltan.Arpadffy> #endif Zoltan.Arpadffy> --- 72,78 Zoltan.Arpadffy> recursive header file inclusion, resulting in the compiler complaining Zoltan.Arpadffy> that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which Zoltan.Arpadffy> is needed to have fileno() declared correctly... So let's define u_int */ Zoltan.Arpadffy> ! #if (defined(VMS) || defined(__VMS)) && !defined(__U_INT) Zoltan.Arpadffy> #define __U_INT Zoltan.Arpadffy> typedef unsigned int u_int; Zoltan.Arpadffy> #endif Why? it includes e_os2.h, which defines OPENSSL_SYS_VMS_DECC if DEC C (Compaq C? HP C?) is used. Does this mean the definitions in e_os2.h need to be updated? Zoltan.Arpadffy> TOR_ZAY $ gdiff -p Zoltan.Arpadffy> DSA104:s_server.c Zoltan.Arpadffy> DSA104:s_server.c Zoltan.Arpadffy> *** dsa104:s_server.c Wed Oct 28 18:49:38 2009 Zoltan.Arpadffy> --- dsa104:s_server.c Thu Nov 12 10:47:57 2009 Zoltan.Arpadffy> *** Zoltan.Arpadffy> *** 165,171 Zoltan.Arpadffy> recursive header file inclusion, resulting in the compiler complaining Zoltan.Arpadffy> that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which Zoltan.Arpadffy> is needed to have fileno() declared correctly... So let's define u_int */ Zoltan.Arpadffy> ! #if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT) Zoltan.Arpadffy> #define __U_INT Zoltan.Arpadffy> typedef unsigned int u_int; Zoltan.Arpadffy> #endif Zoltan.Arpadffy> --- 165,171 Zoltan.Arpadffy> recursive header file inclusion, resulting in the compiler complaining Zoltan.Arpadffy> that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which Zoltan.Arpadffy> is needed to have fileno() declared correctly... So let's define u_int */ Zoltan.Arpadffy> ! #if (defined(VMS) || defined(__VMS)) && !defined(__U_INT) Zoltan.Arpadffy> #define __U_INT Zoltan.Arpadffy> typedef unsigned int u_int; Zoltan.Arpadffy> #endif Same thing here. Zoltan.Arpadffy> TOR_ZAY $ gdiff -p Zoltan.Arpadffy> DSA104:tests.com Zoltan.Arpadffy> DSA104:tests.com Zoltan.Arpadffy> *** dsa104:tests.com Tue Aug 25 09:17:14 2009 Zoltan.Arpadffy> --- dsa104:tests.com Thu Nov 12 15:46:44 2009 Zoltan.Arpadffy> *** $ exe_dir := sys$disk:[-.'__arch'.exe.ap Zoltan.Arpadffy> *** 14,19 Zoltan.Arpadffy> --- 14,28 Zoltan.Arpadffy> $ Zoltan.Arpadffy> $ set default '__here' Zoltan.Arpadffy> $ Zoltan.Arpadffy> + $ ROOT = F$PARSE(__here,"[]A.;0",,,"SYNTAX_ONLY,NO_CONCEAL") - Zoltan.Arpadffy> "A.;0" Zoltan.Arpadffy> + $ ROOT_DEV = F$PARSE(ROOT,,,"DEVICE","SYNTAX_ONLY") Zoltan.Arpadffy> + $ ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") - Zoltan.Arpadffy> +- ".][00" - "[00." - "][" - "[" - "]" - Zoltan.Arpadffy> ".TEST" Zoltan.Arpadffy> +
Re: OpenSSL 1.0.0 beta4 release
In message <839c820b5c926b4b89713b3a6ed68d2aae5...@sgstmail.scigames.at> on Thu, 12 Nov 2009 16:26:57 +0100, "Arpadffy Zoltan" said: Zoltan.Arpadffy> The only extra improvement is that I used the unused Zoltan.Arpadffy> second variable to configure the pointer size (32 or Zoltan.Arpadffy> 64). I can't see that it's used anywhere, except to change the CFLAGS definition in buildinf.h... oh, and what's the reason for /FLOAT=G ? Zoltan.Arpadffy> I am stressing to submit this patch ASAP because Zoltan.Arpadffy> Richard is in the merging mood today... hopefully Zoltan.Arpadffy> this one will pass too. :) Parts of it, yes. Quite honestly, I'm very tired of my procrastination when it comes to this. So yeah, I'm in merging mood, and I hope I can keep enough energy to see it through. Cheers, Richard -- Richard Levitte rich...@levitte.org http://richard.levitte.org/ "Life is a tremendous celebration - and I'm invited!" -- from a friend's blog, translated from Swedish __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: OpenSSL 1.0.0 beta4 release
In message <09111210562552_20202...@antinode.info> on Thu, 12 Nov 2009 10:56:25 -0600 (CST), "Steven M. Schweda" said: sms> From: "Dr. Stephen Henson" sms> sms> > Can you (and others in this thread) please submit bug fix patches to the sms> > request tracker (r...@openssl.org) so they don't get overlooked?? sms> sms>From my point of view, "overlooked" is less of a problem than sms> "rejected". And some of the stuff which gets added appears to sms> have been tested by no one. I call it "priorities", so some things aren't permanently rejected, just have lower importance in my view (and I do take on a role as peer reviewer, hope you don't mind). The main reason to do so is that I want to have as little sources of error in my build as possible, so I take in one piece at a time. sms>Obviated the annoying copying of C source files into the sms> "test" directory (symlinks being unsupported on many VMS systems sms> and/or file systems). While annoying, it's not something that stops the build from working, ergo lower priority. sms>Added an "SSL_" prefix to the object library names so that a sms> victim might have some chance of identifying the things amid the sms> clutter in SYS$SHARE: Most victims have read some documentation and therefore know what the library names are. Also, the names mimic the Unixly names, so those coming from there will immediately recognise them. And not the least, it would affect the victims, as you pointed out yourself. Ergo, lower priority. sms>I also tried building the stuff before I submitted my sms>suggestions. I've another construction with a nightly build that fetches the latest snapshot and tries to build it. Not optimum and means some commits will contain errors, but when my time is short, that's the best I can do. sms>Some of these proposed changes involve functional changes sms> which would affect the victims (object library and shared image sms> file name changes, for example), so deserve some discussion. I sms> see very little such discussion here. Suggestions get submitted. sms> Some get adopted. Some get rejected. I find out what happened sms> when I see the next "betaN" kit. It's not very satisfying, and sms> I've largely stopped caring. (This may or may not be seen as sms> much of a loss.) We're automatically building nightly source snapshots, maybe you should have a look at those. Now, for my own shit to admit, I haven't looked at this for a couple of months, and it weighs on me. There are other things in life that have preoccupied me a little too much, and I have overlooked OpenSSL. I'm trying to get back on track as we speak, and I'll try to find time to spend so my testing cycle gets a bit faster than "try one change per night"... Cheers, Richard -- Richard Levitte rich...@levitte.org http://richard.levitte.org/ "Life is a tremendous celebration - and I'm invited!" -- from a friend's blog, translated from Swedish __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: OpenSSL 1.0.0 beta4 release
From: "Dr. Stephen Henson" > Can you (and others in this thread) please submit bug fix patches to the > request tracker (r...@openssl.org) so they don't get overlooked?? From my point of view, "overlooked" is less of a problem than "rejected". And some of the stuff which gets added appears to have been tested by no one. For example, I offered revised VMS builders which (among other things): Obviated the annoying copying of C source files into the "test" directory (symlinks being unsupported on many VMS systems and/or file systems). Added an "SSL_" prefix to the object library names so that a victim might have some chance of identifying the things amid the clutter in SYS$SHARE: A bunch of other stuff which I've forgotten. I also tried building the stuff before I submitted my suggestions. Some of these proposed changes involve functional changes which would affect the victims (object library and shared image file name changes, for example), so deserve some discussion. I see very little such discussion here. Suggestions get submitted. Some get adopted. Some get rejected. I find out what happened when I see the next "betaN" kit. It's not very satisfying, and I've largely stopped caring. (This may or may not be seen as much of a loss.) Steven M. Schweda s...@antinode-info 382 South Warwick Street(+1) 651-699-9818 Saint Paul MN 55105-2547 __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: OpenSSL 1.0.0 beta4 release
On Thu, Nov 12, 2009, Arpadffy Zoltan wrote: > Hello, > > Additionally to SMS's changes... here are the changes that are needed to > be added in order to get OpenVMS build correctly. > > The only extra improvement is that I used the unused second variable to > configure the pointer size (32 or 64). > > TODO: > The CA.COM is not usable as it is therefore both tests: TESTCA.COM and > TESTTSA.COM > > I am stressing to submit this patch ASAP because Richard is in the > merging mood today... hopefully this one will pass too. :) > Can you (and others in this thread) please submit bug fix patches to the request tracker (r...@openssl.org) so they don't get overlooked?? Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
RE: OpenSSL 1.0.0 beta4 release
*** *** 64,69 --- 64,74 #include #include + #ifdef OPENSSL_SYS_VMS + #include + #include + #endif + typedef struct _pqueue *pqueue; typedef struct _pitem TOR_ZAY $ gdiff -p DSA104:s_socket.c DSA104:s_socket.c *** dsa104:s_socket.c Wed Aug 26 13:21:50 2009 --- dsa104:s_socket.cThu Nov 12 10:47:18 2009 *** *** 72,78 recursive header file inclusion, resulting in the compiler complaining that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which is needed to have fileno() declared correctly... So let's define u_int */ ! #if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT) #define __U_INT typedef unsigned int u_int; #endif --- 72,78 recursive header file inclusion, resulting in the compiler complaining that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which is needed to have fileno() declared correctly... So let's define u_int */ ! #if (defined(VMS) || defined(__VMS)) && !defined(__U_INT) #define __U_INT typedef unsigned int u_int; #endif TOR_ZAY $ gdiff -p DSA104:s_server.c DSA104:s_server.c *** dsa104:s_server.c Wed Oct 28 18:49:38 2009 --- dsa104:s_server.cThu Nov 12 10:47:57 2009 *** *** 165,171 recursive header file inclusion, resulting in the compiler complaining that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which is needed to have fileno() declared correctly... So let's define u_int */ ! #if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT) #define __U_INT typedef unsigned int u_int; #endif --- 165,171 recursive header file inclusion, resulting in the compiler complaining that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which is needed to have fileno() declared correctly... So let's define u_int */ ! #if (defined(VMS) || defined(__VMS)) && !defined(__U_INT) #define __U_INT typedef unsigned int u_int; #endif TOR_ZAY $ gdiff -p DSA104:tests.com DSA104:tests.com *** dsa104:tests.com Tue Aug 25 09:17:14 2009 --- dsa104:tests.com Thu Nov 12 15:46:44 2009 *** $ exe_dir := sys$disk:[-.'__arch'.exe.ap *** 14,19 --- 14,28 $ $ set default '__here' $ + $ ROOT = F$PARSE(__here,"[]A.;0",,,"SYNTAX_ONLY,NO_CONCEAL") - "A.;0" + $ ROOT_DEV = F$PARSE(ROOT,,,"DEVICE","SYNTAX_ONLY") + $ ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") - +- ".][00" - "[00." - "][" - "[" - "]" - ".TEST" + $ ROOT = ROOT_DEV + "[" + ROOT_DIR + $ DEFINE/NOLOG SSLROOT 'ROOT'.APPS.] /TRANS=CONC + $ + $ openssl :== $'ROOT'.'__arch'.exe.apps]OPENSSL + $ $ on control_y then goto exit $ on error then goto exit $ *** $! NOTE: This list reflects the list of *** 25,38 $! "alltests" target in Makefile. This should make it easy to see $! if there's a difference that needs to be taken care of. $ tests := - ! test_des,test_idea,test_sha,test_md4,test_md5,test_hmac,- test_md2,test_mdc2,test_wp,- test_rmd,test_rc2,test_rc4,test_rc5,test_bf,test_cast,test_aes,- test_rand,test_bn,test_ec,test_ecdsa,test_ecdh,- test_enc,test_x509,test_rsa,test_crl,test_sid,- test_gen,test_req,test_pkcs7,test_verify,test_dh,test_dsa,- ! test_ss,test_ca,test_engine,test_evp,test_ssl,test_tsa,test_ige,- ! test_jpake,test_cms $ endif $ tests = f$edit(tests,"COLLAPSE") $ --- 34,47 $! "alltests" target in Makefile. This should make it easy to see $! if there's a difference that needs to be taken care of. $ tests := - ! test_tsa,test_des,test_idea,test_sha,test_md4,test_md5,test_hmac,- test_md2,test_mdc2,test_wp,- test_rmd,test_rc2,test_rc4,test_rc5,test_bf,test_cast,test_aes,- test_rand,test_bn,test_ec,test_ecdsa,test_ecdh,- test_enc,test_x509,test_rsa,test_crl,test_sid,- test_gen,test_req,test_pkcs7,test_verify,test_dh,test_dsa,- ! test_ss,test_ca,test_engine,test_evp,test_ssl,- ! test_jpake,test_tsa,test_ige,test_cms $ endif $ tests = f$edit(tests,"COLLAPSE") $ *** $ test_jpake: *** 284,289 --- 293,302 $ write sys$output "Test JPAKE" $ mcr 'texe_dir''jpaketest' $ return + $ test_cms: + $ write sys$output "CMS consistency test" + $ perl CMS-TEST.PL + $ return $ $ $ exit: -Original Message- From: Arpadffy Zoltan [mailto:zoltan.arpad...@scientificgames.se] Sent: den 12 november 2009 15:32 To: openssl-dev@openssl.org;
RE: OpenSSL 1.0.0 beta4 release
Hello,
I have already made the correction off all remaining issues... 32/64 bit
pointer size handling.
I still have some minor issues around tests.com... but in about an hour
I will be able to submit a patch.
Regards,
Z
-Original Message-
From: Richard Levitte [mailto:rich...@levitte.org]
Sent: den 12 november 2009 15:07
To: openssl-dev@openssl.org; s...@antinode.info
Subject: Re: OpenSSL 1.0.0 beta4 release
I just committed the suggested changes. I try to find the time
checking the problems with the tests within the next few days.
Cheers,
Richard
In message <0915433492_20202...@antinode.info> on Wed, 11 Nov 2009
15:43:34 -0600 (CST), "Steven M. Schweda" said:
sms> From: open...@master.openssl.org (OpenSSL)
sms>
sms> > OpenSSL version 1.0.0 Beta 4
sms> > [...]
sms> > Since the third beta, the following has happened:
sms> > [...]
sms> - Build system fixes including VMS.
sms> > [...]
sms>
sms>Not entirely successful. Around here:
sms>
sms> ALP $ cc /version
sms> HP C V7.3-009 on OpenVMS Alpha V8.3
sms>
sms> I tried:
sms> @ makevms.com ALL "" NODEBUG DECC TCPIP
sms> @ [.test]tests.com
sms>
sms>
sms> ALP $ gdiff -u makevms.com_orig makevms.com
sms> --- makevms.com_orig2009-08-25 02:30:02 -0500
sms> +++ makevms.com 2009-11-11 13:21:47 -0600
sms> @@ -349,7 +349,7 @@
sms> $!
sms> $! There are many places where this is needed.
sms> $!
sms> -$ WRITE H_FILE "#define _XOPEN_SOURCE_EXTENDED"
sms> +$!!! WRITE H_FILE "#define _XOPEN_SOURCE_EXTENDED"
sms> $!
sms> $! Close the [.CRYPTO.]OPENSSLCONF.H file
sms> $!
sms>
sms>What, too many things were working correctly? This _seriously_
sms> breaks the build. Why was this added? "is needed" is not a
helpful
sms> explanation.
sms>
sms>
sms> --- apps/install.com_orig 2009-05-15 11:37:04 -0500
sms> +++ apps/install.com 2009-11-11 14:16:15 -0600
sms> @@ -57,7 +57,7 @@
sms> $
sms> $ SET NOON
sms> $ COPY CA.COM WRK_SSLEXE:CA.COM/LOG
sms> -$ SET FILE/PROT=W:RE WRK_SSLVEXE:CA.COM
sms> +$ SET FILE/PROT=W:RE WRK_SSLEXE:CA.COM
sms> $ COPY OPENSSL-VMS.CNF WRK_SSLROOT:[00]OPENSSL.CNF/LOG
sms> $ SET FILE/PROT=W:R WRK_SSLROOT:[00]OPENSSL.CNF
sms> $ SET ON
sms>
sms>Beside being simpler and perhaps a bit faster, using COPY
/PROTECTION
sms> instead of separate COPY and SET FILE /PROTECTION commands (as
sms> previously suggested) would halve the opportunities for careless
errors
sms> of this type.
sms>
sms>
sms> --- crypto/crypto-lib.com_orig 2009-08-25 02:22:08 -0500
sms> +++ crypto/crypto-lib.com 2009-11-11 10:48:40 -0600
sms> @@ -193,7 +193,8 @@
sms> $ LIB_SEED = "seed,seed_ecb,seed_cbc,seed_cfb,seed_ofb"
sms> $ LIB_MODES = "cbc128,ctr128,cfb128,ofb128"
sms> $ LIB_BN_ASM = "[.asm]vms.mar,vms-helper"
sms> -$ IF F$TRNLNM("OPENSSL_NO_ASM") THEN LIB_BN_ASM = "bn_asm"
sms> +$ IF F$TRNLNM("OPENSSL_NO_ASM") .OR. ARCH .NES. "VAX" THEN -
sms> + LIB_BN_ASM = "bn_asm"
sms> $ LIB_BN = "bn_add,bn_div,bn_exp,bn_lib,bn_ctx,bn_mul,bn_mod,"+ -
sms>"bn_print,bn_rand,bn_shift,bn_word,bn_blind,"+ -
sms>"bn_kron,bn_sqrt,bn_gcd,bn_prime,bn_err,bn_sqr,"+LIB_BN_ASM+","+
-
sms>
sms>Even if MACRO32 code were faster on an Alpha, the MACRO32
compiler
sms> there won't compile "vms.mar".
sms>
sms>
sms> --- crypto/symhacks.h_orig 2009-05-15 11:00:08 -0500
sms> +++ crypto/symhacks.h 2009-11-11 10:56:52 -0600
sms> @@ -138,6 +138,8 @@
sms> #define X509_policy_node_get0_qualifiers
X509_pcy_node_get0_qualifiers
sms> #undef X509_STORE_CTX_get_explicit_policy
sms> #define X509_STORE_CTX_get_explicit_policy
X509_STORE_CTX_get_expl_policy
sms> +#undef X509_STORE_CTX_get0_current_issuer
sms> +#define X509_STORE_CTX_get0_current_issuer
X509_STORE_CTX_get0_current_iss
sms>
sms> /* Hack some long CRYPTO names */
sms> #undef CRYPTO_set_dynlock_destroy_callback
sms>
sms>Yet another %CC-W-LONGEXTERN complaint.
sms>
sms>
sms> --- util/libeay.num_orig 2009-11-04 07:29:58 -0600
sms> +++ util/libeay.num2009-11-11 14:00:31 -0600
sms> @@ -4168,4 +4168,5 @@
sms> X509_STORE_set_verify_cb4543 EXIST::FUNCTION:
sms> X509_STORE_CTX_get0_current_crl 4544 EXIST::FUNCTION:
sms> X509_STORE_CTX_get0_parent_ctx 4545 EXIST::FUNCTION:
sms> -X509_STORE_CTX_get0_current_issuer 4546 EXIST::FUNCTION:
sms> +X509_STORE_CTX_get0_current_issuer 4546
EXIST:!VMS:FUNCTION:
sms> +X509_STORE_CTX_get0_current_iss 4546
EXIST:VMS:FUNCTION:
sms>
Re: OpenSSL 1.0.0 beta4 release
I just committed the suggested changes. I try to find the time
checking the problems with the tests within the next few days.
Cheers,
Richard
In message <0915433492_20202...@antinode.info> on Wed, 11 Nov 2009 15:43:34
-0600 (CST), "Steven M. Schweda" said:
sms> From: open...@master.openssl.org (OpenSSL)
sms>
sms> > OpenSSL version 1.0.0 Beta 4
sms> > [...]
sms> > Since the third beta, the following has happened:
sms> > [...]
sms> - Build system fixes including VMS.
sms> > [...]
sms>
sms>Not entirely successful. Around here:
sms>
sms> ALP $ cc /version
sms> HP C V7.3-009 on OpenVMS Alpha V8.3
sms>
sms> I tried:
sms> @ makevms.com ALL "" NODEBUG DECC TCPIP
sms> @ [.test]tests.com
sms>
sms>
sms> ALP $ gdiff -u makevms.com_orig makevms.com
sms> --- makevms.com_orig2009-08-25 02:30:02 -0500
sms> +++ makevms.com 2009-11-11 13:21:47 -0600
sms> @@ -349,7 +349,7 @@
sms> $!
sms> $! There are many places where this is needed.
sms> $!
sms> -$ WRITE H_FILE "#define _XOPEN_SOURCE_EXTENDED"
sms> +$!!! WRITE H_FILE "#define _XOPEN_SOURCE_EXTENDED"
sms> $!
sms> $! Close the [.CRYPTO.]OPENSSLCONF.H file
sms> $!
sms>
sms>What, too many things were working correctly? This _seriously_
sms> breaks the build. Why was this added? "is needed" is not a helpful
sms> explanation.
sms>
sms>
sms> --- apps/install.com_orig 2009-05-15 11:37:04 -0500
sms> +++ apps/install.com 2009-11-11 14:16:15 -0600
sms> @@ -57,7 +57,7 @@
sms> $
sms> $ SET NOON
sms> $ COPY CA.COM WRK_SSLEXE:CA.COM/LOG
sms> -$ SET FILE/PROT=W:RE WRK_SSLVEXE:CA.COM
sms> +$ SET FILE/PROT=W:RE WRK_SSLEXE:CA.COM
sms> $ COPY OPENSSL-VMS.CNF WRK_SSLROOT:[00]OPENSSL.CNF/LOG
sms> $ SET FILE/PROT=W:R WRK_SSLROOT:[00]OPENSSL.CNF
sms> $ SET ON
sms>
sms>Beside being simpler and perhaps a bit faster, using COPY /PROTECTION
sms> instead of separate COPY and SET FILE /PROTECTION commands (as
sms> previously suggested) would halve the opportunities for careless errors
sms> of this type.
sms>
sms>
sms> --- crypto/crypto-lib.com_orig 2009-08-25 02:22:08 -0500
sms> +++ crypto/crypto-lib.com 2009-11-11 10:48:40 -0600
sms> @@ -193,7 +193,8 @@
sms> $ LIB_SEED = "seed,seed_ecb,seed_cbc,seed_cfb,seed_ofb"
sms> $ LIB_MODES = "cbc128,ctr128,cfb128,ofb128"
sms> $ LIB_BN_ASM = "[.asm]vms.mar,vms-helper"
sms> -$ IF F$TRNLNM("OPENSSL_NO_ASM") THEN LIB_BN_ASM = "bn_asm"
sms> +$ IF F$TRNLNM("OPENSSL_NO_ASM") .OR. ARCH .NES. "VAX" THEN -
sms> + LIB_BN_ASM = "bn_asm"
sms> $ LIB_BN = "bn_add,bn_div,bn_exp,bn_lib,bn_ctx,bn_mul,bn_mod,"+ -
sms>"bn_print,bn_rand,bn_shift,bn_word,bn_blind,"+ -
sms>"bn_kron,bn_sqrt,bn_gcd,bn_prime,bn_err,bn_sqr,"+LIB_BN_ASM+","+ -
sms>
sms>Even if MACRO32 code were faster on an Alpha, the MACRO32 compiler
sms> there won't compile "vms.mar".
sms>
sms>
sms> --- crypto/symhacks.h_orig 2009-05-15 11:00:08 -0500
sms> +++ crypto/symhacks.h 2009-11-11 10:56:52 -0600
sms> @@ -138,6 +138,8 @@
sms> #define X509_policy_node_get0_qualifiers X509_pcy_node_get0_qualifiers
sms> #undef X509_STORE_CTX_get_explicit_policy
sms> #define X509_STORE_CTX_get_explicit_policy
X509_STORE_CTX_get_expl_policy
sms> +#undef X509_STORE_CTX_get0_current_issuer
sms> +#define X509_STORE_CTX_get0_current_issuer
X509_STORE_CTX_get0_current_iss
sms>
sms> /* Hack some long CRYPTO names */
sms> #undef CRYPTO_set_dynlock_destroy_callback
sms>
sms>Yet another %CC-W-LONGEXTERN complaint.
sms>
sms>
sms> --- util/libeay.num_orig 2009-11-04 07:29:58 -0600
sms> +++ util/libeay.num2009-11-11 14:00:31 -0600
sms> @@ -4168,4 +4168,5 @@
sms> X509_STORE_set_verify_cb4543 EXIST::FUNCTION:
sms> X509_STORE_CTX_get0_current_crl 4544 EXIST::FUNCTION:
sms> X509_STORE_CTX_get0_parent_ctx 4545 EXIST::FUNCTION:
sms> -X509_STORE_CTX_get0_current_issuer 4546 EXIST::FUNCTION:
sms> +X509_STORE_CTX_get0_current_issuer 4546 EXIST:!VMS:FUNCTION:
sms> +X509_STORE_CTX_get0_current_iss 4546 EXIST:VMS:FUNCTION:
sms>
sms>See "crypto/symhacks.h".
sms>
sms>
sms>"test/testenc.com" seems to fail. SSLROOT not defined? (If you
sms> thought that it worked, what were you testing?) Apparently,
sms> "test/tests.com" exits on error, so no test results after that.
sms>
sms>
sms>Are there any plans to get this stuff to work properly before the
sms> actual release? The beta kits so far have not been encouraging. I've
sms> given up on seeing several previously suggested changed adopted, but it
sms> would be nice if, for example, a simple build simply worked.
sms>
sms>
sms>
sms>Steven M. Schweda s...@antinode-info
sms>382 South Warwick Street(+1) 651-699-9818
sms>Saint Paul MN 55105-2547
--
Richard Levitte rich...@levitte.org
Re: OpenSSL 1.0.0 beta4 release
From: open...@master.openssl.org (OpenSSL)
> OpenSSL version 1.0.0 Beta 4
> [...]
> Since the third beta, the following has happened:
> [...]
- Build system fixes including VMS.
> [...]
Not entirely successful. Around here:
ALP $ cc /version
HP C V7.3-009 on OpenVMS Alpha V8.3
I tried:
@ makevms.com ALL "" NODEBUG DECC TCPIP
@ [.test]tests.com
ALP $ gdiff -u makevms.com_orig makevms.com
--- makevms.com_orig2009-08-25 02:30:02 -0500
+++ makevms.com 2009-11-11 13:21:47 -0600
@@ -349,7 +349,7 @@
$!
$! There are many places where this is needed.
$!
-$ WRITE H_FILE "#define _XOPEN_SOURCE_EXTENDED"
+$!!! WRITE H_FILE "#define _XOPEN_SOURCE_EXTENDED"
$!
$! Close the [.CRYPTO.]OPENSSLCONF.H file
$!
What, too many things were working correctly? This _seriously_
breaks the build. Why was this added? "is needed" is not a helpful
explanation.
--- apps/install.com_orig 2009-05-15 11:37:04 -0500
+++ apps/install.com2009-11-11 14:16:15 -0600
@@ -57,7 +57,7 @@
$
$ SET NOON
$ COPY CA.COM WRK_SSLEXE:CA.COM/LOG
-$ SET FILE/PROT=W:RE WRK_SSLVEXE:CA.COM
+$ SET FILE/PROT=W:RE WRK_SSLEXE:CA.COM
$ COPY OPENSSL-VMS.CNF WRK_SSLROOT:[00]OPENSSL.CNF/LOG
$ SET FILE/PROT=W:R WRK_SSLROOT:[00]OPENSSL.CNF
$ SET ON
Beside being simpler and perhaps a bit faster, using COPY /PROTECTION
instead of separate COPY and SET FILE /PROTECTION commands (as
previously suggested) would halve the opportunities for careless errors
of this type.
--- crypto/crypto-lib.com_orig 2009-08-25 02:22:08 -0500
+++ crypto/crypto-lib.com 2009-11-11 10:48:40 -0600
@@ -193,7 +193,8 @@
$ LIB_SEED = "seed,seed_ecb,seed_cbc,seed_cfb,seed_ofb"
$ LIB_MODES = "cbc128,ctr128,cfb128,ofb128"
$ LIB_BN_ASM = "[.asm]vms.mar,vms-helper"
-$ IF F$TRNLNM("OPENSSL_NO_ASM") THEN LIB_BN_ASM = "bn_asm"
+$ IF F$TRNLNM("OPENSSL_NO_ASM") .OR. ARCH .NES. "VAX" THEN -
+ LIB_BN_ASM = "bn_asm"
$ LIB_BN = "bn_add,bn_div,bn_exp,bn_lib,bn_ctx,bn_mul,bn_mod,"+ -
"bn_print,bn_rand,bn_shift,bn_word,bn_blind,"+ -
"bn_kron,bn_sqrt,bn_gcd,bn_prime,bn_err,bn_sqr,"+LIB_BN_ASM+","+ -
Even if MACRO32 code were faster on an Alpha, the MACRO32 compiler
there won't compile "vms.mar".
--- crypto/symhacks.h_orig 2009-05-15 11:00:08 -0500
+++ crypto/symhacks.h 2009-11-11 10:56:52 -0600
@@ -138,6 +138,8 @@
#define X509_policy_node_get0_qualifiers X509_pcy_node_get0_qualifiers
#undef X509_STORE_CTX_get_explicit_policy
#define X509_STORE_CTX_get_explicit_policy X509_STORE_CTX_get_expl_policy
+#undef X509_STORE_CTX_get0_current_issuer
+#define X509_STORE_CTX_get0_current_issuer X509_STORE_CTX_get0_current_iss
/* Hack some long CRYPTO names */
#undef CRYPTO_set_dynlock_destroy_callback
Yet another %CC-W-LONGEXTERN complaint.
--- util/libeay.num_orig2009-11-04 07:29:58 -0600
+++ util/libeay.num 2009-11-11 14:00:31 -0600
@@ -4168,4 +4168,5 @@
X509_STORE_set_verify_cb4543 EXIST::FUNCTION:
X509_STORE_CTX_get0_current_crl 4544 EXIST::FUNCTION:
X509_STORE_CTX_get0_parent_ctx 4545 EXIST::FUNCTION:
-X509_STORE_CTX_get0_current_issuer 4546 EXIST::FUNCTION:
+X509_STORE_CTX_get0_current_issuer 4546 EXIST:!VMS:FUNCTION:
+X509_STORE_CTX_get0_current_iss 4546 EXIST:VMS:FUNCTION:
See "crypto/symhacks.h".
"test/testenc.com" seems to fail. SSLROOT not defined? (If you
thought that it worked, what were you testing?) Apparently,
"test/tests.com" exits on error, so no test results after that.
Are there any plans to get this stuff to work properly before the
actual release? The beta kits so far have not been encouraging. I've
given up on seeing several previously suggested changed adopted, but it
would be nice if, for example, a simple build simply worked.
Steven M. Schweda s...@antinode-info
382 South Warwick Street(+1) 651-699-9818
Saint Paul MN 55105-2547
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
OpenSSL 1.0.0 beta4 release
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 OpenSSL version 1.0.0 Beta 4 OpenSSL - The Open Source toolkit for SSL/TLS http://www.openssl.org/ OpenSSL is currently in a release cycle. The fourth beta is now released. This is expected be the final or penultimate beta depending on the number of bugs reported. The beta release is available for download via HTTP and FTP from the following master locations (the various FTP mirrors you can find under http://www.openssl.org/source/mirror.html): o http://www.openssl.org/source/ o ftp://ftp.openssl.org/source/ The file names of the beta are: o openssl-1.0.0-beta4.tar.gz Size: 4000628 MD5 checksum: f22750164e1db42145803fed8104df57 SHA1 checksum: f590232651b9033365e0aa9a2279cdef6519884c The checksums were calculated using the following command: openssl md5 < openssl-1.0.0-beta4.tar.gz openssl sha1 < openssl-1.0.0-beta4.tar.gz Please download and test them as soon as possible. This new OpenSSL version incorporates 120 documented changes and bugfixes to the toolkit (for a complete list see http://www.openssl.org/source/exp/CHANGES). Also check the latest snapshots at ftp://ftp.openssl.org/snapshot/ or CVS (see http://www.openssl.org/source/repos.html) reporting previously fixed bugs. Since the third beta, the following has happened: - Initial TLS session renegotiation fix - TLS ticket and SNI coexistance fix - Several DTLS fixes and updates. - Custom OCSP headers. - Check return values properly on some functions. - Some documentation for X509 chain verification functions. - Time routines fixed for CRL generation. - Additional PRNG duplication protection. - Cross compilation updates. - Build system fixes including VMS. - Other bug fixes. Reports and patches should be sent to openssl-b...@openssl.org. Discussions around the development of OpenSSL should be sent to openssl-...@openssl.org. Anything else should go to openssl-us...@openssl.org. The best way, at least on Unix, to create a report is to do the following after configuration: make report That will do a few basic checks of the compiler and bc, then build and run the tests. The result will appear on screen and in the file "testlog". Please read the report before sending it to us. There may be problems that we can't solve for you, like missing programs. Yours, The OpenSSL Project Team... Mark J. Cox Ben Laurie Andy Polyakov Ralf S. Engelschall Richard Levitte Geoff Thorpe Dr. Stephen Henson Bodo Möller Ulf Möller Lutz JänickeNils Larsch -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iQEVAwUBSvmFSaLSm3vylcdZAQIhswgAgocWmnNnGeMgz2Pp3tLahOQS3iYzu6eu UNNLYZhap45AYV0JMfQkSYiIgkDehZUWvUJ6e/zgNZ0tTKTtfRcexK6cSRwqmckQ UaykmDnc0B9JFLqPQ35OOE8DbgK+/JiWz5ZAZ7xzSPqqxc7TTB00R8+yNdsupNHc kb9RCxbBwN2wH4XhCMnptuNED4bY4LUxstWB+c3qe9VNnD6qvqfDaP09H+BHEg9Y CNsK5f5bmJmD5A2DQmgb1NNptad5JWOqWlL7gh8fM3cVv+Mit/Q5aooqQyWo4JV4 yoNHZ6hiO3N7zClMRkH8dJz4UDbZI3P0lhIMawnKoAUevBq85G10xQ== =y4JQ -END PGP SIGNATURE- __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
