[openssl.org #71] [Fwd: Bug#141360: libssl-dev: gcc warning: redundant declaration of ERR_load_PEM_strings()]
I'm sure you read pem2.h and therefore the reason it exists. If you have a better idea on solving the circular dependency problem described, we're all ears. However, double declaration isn't an error, at least if the declarations are exactly the same. Until someone comes up with a better solution to break the circular dependency mentioned above, I don't see that this really needs to get fixed. I'll add the keyword nice to have to this ticket... -- Richard Levitte [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #74] problem with openssl-0.9.7-beta1 mkdef.pl
Thanks for the report, that was an error in production. If you grab the latest 0.9.7 snapshot, you'll probably see that things have improved... [[EMAIL PROTECTED] - Tue Jun 4 19:40:45 2002]: Hi, I have winnt 4.0 sp6a , vc++ 6 and NASM version 0.98 When I execute ms\do_nasm I have the following errors: D:\proyecto\sw\openssl\openssl-0.9.7-beta1perl util\mkdef.pl 16 libeay 1ms\libeay16.def Warning: EVP_aes_128_cfb does not have a number assigned Warning: EVP_aes_128_ofb does not have a number assigned Warning: EVP_aes_192_cfb does not have a number assigned Warning: EVP_aes_192_ofb does not have a number assigned Warning: EVP_aes_256_cfb does not have a number assigned Warning: EVP_aes_256_ofb does not have a number assigned D:\proyecto\sw\openssl\openssl-0.9.7-beta1perl util\mkdef.pl 32 libeay 1ms\libeay32.def Warning: EVP_aes_128_cfb does not have a number assigned Warning: EVP_aes_128_ofb does not have a number assigned Warning: EVP_aes_192_cfb does not have a number assigned Warning: EVP_aes_192_ofb does not have a number assigned Warning: EVP_aes_256_cfb does not have a number assigned Warning: EVP_aes_256_ofb does not have a number assigned after that I have not problem to compile and run openssl some ideas? thanks in advance __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] -- Richard Levitte [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #79] 0.9.7 Beta1 - Build problems on OpenVMS.
I just commited a fix. Thanks for the report. The next snapshot will contain the fix. [[EMAIL PROTECTED] - Tue Jun 4 22:13:18 2002]: I downloaded beta1 to a OpenVMS V7.2-1 system running DEC C V6.2-008. I ran into two build problems: 1. SSL-LIB.COM contains an ON ERROR statement that does not have a THEN clause. Embarassing!!! 2. TESTS.COM does not accept NONE as a valid TCPIP option. You mean MAKETESTS.COM, I'm sure :-). I have included the complete build log below. -- Richard Levitte [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #80] [Lutz.Jaenicke@aet.TU-Cottbus.DE: Re: Naina announce (was: [ANNOUNCE] OpenSSL 0.9.1 beta 1 released)]
hi Lutz, patch to add SET-specific objects is attached. It's rather large, still it would let to build Naina without modifying openssl code. thank you, Vadim - Forwarded message from Lutz Jaenicke [EMAIL PROTECTED] - From: Lutz Jaenicke [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: Naina announce (was: [ANNOUNCE] OpenSSL 0.9.1 beta 1 released) On Wed, Jun 05, 2002 at 03:35:31AM +0300, Vadim Fedukovich wrote: hi list, Naina library may be considered an ASN.1 test; it handles some Secure Electronic Transactions messages. http://www.unity.net/~vf/naina_r1.tgz It works with 0.9.7-beta-1, on linux, gcc 2.9.5 It could be great to include SET-specific objects into openssl; patch is there inside * Would you please just submit the patch with the additional OIDs into [EMAIL PROTECTED]? I however won't promise that it will make it into 0.9.7, which is already in feature freeze (depends on the actual submission). * Do you have a homepage for your project, for which we can add a link? Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] - End forwarded message - __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #81] Bug Report 0.9.7b1: make install broken on NeXTSTEP/OpenStep
I successfully built OpenSSL 0.9.7-beta1 on my m68k-next-openstep42 system. It did require adding an extra include somewhere I can't remember offhand, and patching one of the test case files, but other than that it built right out of the box without any issues. Make test completes without any errors. However, I cannot install using the Makefile. The exact error is making all in tools... installing man1/CA.pl.1 sh: dirname: not found *** Exit 1 NeXTSTEP and OpenStep include the basename utility, but not the dirname utility. Is there some sort of pre-existing workaround or is there an implmentation of dirname available in one of the GNU packages? I just thought I'd report this. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #70] [Fwd: Bug#144586: libssl-dev: Typo inBN_rand(3ssl) man page]
Am Mit, 2002-06-05 um 08.12 schrieb Richard Levitte via RT: BN_pseudo_rand_range() was given in the synopsis exactly as you requested, since 0.9.6c (or at least, that's what I can make out by checking with our repository). I must say that I have some difficulty doing anything with this report because of that... I had to apply the following patch for 0.9.6d: --- openssl-0.9.6d.orig/doc/crypto/BN_rand.pod +++ openssl-0.9.6d/doc/crypto/BN_rand.pod -14,7 +14,7 int BN_rand_range(BIGNUM *rnd, BIGNUM *range); - int BN_pseudo_rand_range(BIGNUM *rnd, int bits, int top, int bottom); + int BN_pseudo_rand_range(BIGNUM *rnd, BIGNUM *range); =head1 DESCRIPTION signature.asc Description: Dies ist ein digital signierter Nachrichtenteil
Re: [openssl.org #70] [Fwd: Bug#144586: libssl-dev: Typo in BN_rand(3ssl) man page]
Am Mit, 2002-06-05 um 08.12 schrieb Richard Levitte via RT: BN_pseudo_rand_range() was given in the synopsis exactly as you requested, since 0.9.6c (or at least, that's what I can make out by checking with our repository). I must say that I have some difficulty doing anything with this report because of that... I had to apply the following patch for 0.9.6d: --- openssl-0.9.6d.orig/doc/crypto/BN_rand.pod +++ openssl-0.9.6d/doc/crypto/BN_rand.pod @@ -14,7 +14,7 @@ int BN_rand_range(BIGNUM *rnd, BIGNUM *range); - int BN_pseudo_rand_range(BIGNUM *rnd, int bits, int top, int bottom); + int BN_pseudo_rand_range(BIGNUM *rnd, BIGNUM *range); =head1 DESCRIPTION __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #81] AutoReply: Bug Report 0.9.7b1: make install broken on NeXTSTEP/OpenStep
To follow up, I compiled a small dirname from the ucLinux project, and while that operates correctly, these man pages would not install. In the end I just ended up commenting out the Perl manual stuff and installing it by hand. The rest of the make install process completes successfully. Please, lets keep NeXTSTEP/OpenStep support in OpenSSL. I know that some other projects (such as GCC) are considering dropping NeXT support as an obsolete architecture, along with alot of other systems, like m68k and PDP. making all in tools... installing man1/CA.pl.1 sh: dirname: not found *** Exit 1 NeXTSTEP and OpenStep include the basename utility, but not the dirname utility. Is there some sort of pre-existing workaround or is there an implmentation of dirname available in one of the GNU packages? __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #70] [Fwd: Bug#144586: libssl-dev: Typo inBN_rand(3ssl) man page]
In message 1023267032.28480.18.camel@woodstock on 05 Jun 2002 10:50:31 +0200, Christoph Martin [EMAIL PROTECTED] said: martin Am Mit, 2002-06-05 um 08.12 schrieb Richard Levitte via RT: martin martin BN_pseudo_rand_range() was given in the synopsis exactly as you martin requested, since 0.9.6c (or at least, that's what I can make out by martin checking with our repository). I must say that I have some difficulty martin doing anything with this report because of that... martin martin I had to apply the following patch for 0.9.6d: martin martin --- openssl-0.9.6d.orig/doc/crypto/BN_rand.pod martin +++ openssl-0.9.6d/doc/crypto/BN_rand.pod martin @@ -14,7 +14,7 @@ martin martin int BN_rand_range(BIGNUM *rnd, BIGNUM *range); martin martin - int BN_pseudo_rand_range(BIGNUM *rnd, int bits, int top, int bottom); martin + int BN_pseudo_rand_range(BIGNUM *rnd, BIGNUM *range); martin martin =head1 DESCRIPTION D'oh! I looked in bn.pod. Silly me... -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Unsolicited commercial email is subject to an archival fee of $400. See http://www.stacken.kth.se/~levitte/mail/ for more info. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #77] Openssl 0.9.6d coredumps
Hi, The private key is not generated by me, it's generated with some commercial software (unknown vendor). Shamely, I need to sign my own certificate with this cert, can't avoid using this .-/. I will contact the provider and ask the software they are using. Thanks, Jarmo Robert Eiglmaier wrote: Hi Jarmo, how did you generate your private key? When I asn1parse it it looks very different from my openssl generated. First it has an AlgorithmIdentifier (rsaEncryption) where mine doesn't have one. And then it only has 6 integers (probably Modulus, pubKey, privKey, exp1, exp2 and coeff) where mine has 8 (Modulus, pubKey, privKey, P, Q, exp1, exp2 and coeff) Maybe this helps... Robert -Original Message- From: Jarmo Järvenpää via RT [mailto:[EMAIL PROTECTED]] Sent: Tuesday, June 04, 2002 7:50 PM Cc: [EMAIL PROTECTED] Subject: [openssl.org #77] Openssl 0.9.6d coredumps Hi all, I've tried to use the following certificate and private key to sign my own requested certificate but for some reason, openssl coredumps. Coredumps occur also when trying to obtain information from private key (with commands like pkcs8, rsa). Any idea why this is happening? (I can provide the coredump file if necessary) -BEGIN PRIVATE KEY- MIIB5DANBgkqhkiG9w0BAQEFADCCAdECgYBTAI9HrMBfEfuTiT9NyUD2jGsWIi1YKqsLt3SdTwi 9Bh/k7/x68GpTRcAzDpklvs4ZaJBXwiJxs6cLJabV+dCHZnH9X3SSrn8Hz1zYrcNgkHqm3Jx6jE aZxjN4MwRQd3KOjwmdZAvHd3+5IXRZPbmYdM1gC0QMiQpCP8rXXJzkZwIBIwKBgANzDplBB1Roe ioJsYI8Oo3nP6ErT66NaNqV65QrLj5hVcWw30WbnLBYAqsD7m1JwhUBBVVvIgNlOM/sSW1MNeGs RTOxpo6hbqe6WRqqtTEIopyOx/RUNM33NQ6Rfvo27/Sop4/xUe8DUQsnYJ0pJ5QStwOjlSXo9KV mT3nkuQYLAkEAgwz57Wdk9dGOxyYKHsWTk2Y4NlV87/+/QNRO5Wfl/YNKIDuHxLFTin7netad7X MFp43TPtBaNceNzx1UmctmuwJBAKIj149VZaw21RQ2vONV4R1Ll3qblnIQPnjyesCdBbABVVSOH gCW7K0ytUMY9aH+N8rrxTw+0h3D6ILVHbMtXEUCQCwSZx1ZSpxyRU6/6SWMZDibdjxd5Zh03GZh XxLSxzoiRyMygmB65OS5wFncscrd9CYmlpMpAKmatE7G0p+IrVE= -END PRIVATE KEY- ... __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #79] 0.9.7 Beta1 - Build problems on OpenVMS.
Hi, I downloaded beta1 to a OpenVMS V7.2-1 system running DEC C V6.2-008. I ran into two build problems: 1. SSL-LIB.COM contains an ON ERROR statement that does not have a THEN clause. 2. TESTS.COM does not accept NONE as a valid TCPIP option. I have included the complete build log below. Thanks, Kevin Greaney makevms.log.doc __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #77] Openssl 0.9.6d coredumps
Just found out the software, it's F-Secure VPN+. Robert Eiglmaier wrote: Hi Jarmo, how did you generate your private key? When I asn1parse it it looks very different from my openssl generated. First it has an AlgorithmIdentifier (rsaEncryption) where mine doesn't have one. And then it only has 6 integers (probably Modulus, pubKey, privKey, exp1, exp2 and coeff) where mine has 8 (Modulus, pubKey, privKey, P, Q, exp1, exp2 and coeff) Maybe this helps... Robert -Original Message- From: Jarmo Järvenpää via RT [mailto:[EMAIL PROTECTED]] Sent: Tuesday, June 04, 2002 7:50 PM Cc: [EMAIL PROTECTED] Subject: [openssl.org #77] Openssl 0.9.6d coredumps Hi all, I've tried to use the following certificate and private key to sign my own requested certificate but for some reason, openssl coredumps. Coredumps occur also when trying to obtain information from private key (with commands like pkcs8, rsa). Any idea why this is happening? (I can provide the coredump file if necessary) -BEGIN PRIVATE KEY- MIIB5DANBgkqhkiG9w0BAQEFADCCAdECgYBTAI9HrMBfEfuTiT9NyUD2jGsWIi1YKqsLt3SdTwi 9Bh/k7/x68GpTRcAzDpklvs4ZaJBXwiJxs6cLJabV+dCHZnH9X3SSrn8Hz1zYrcNgkHqm3Jx6jE aZxjN4MwRQd3KOjwmdZAvHd3+5IXRZPbmYdM1gC0QMiQpCP8rXXJzkZwIBIwKBgANzDplBB1Roe ioJsYI8Oo3nP6ErT66NaNqV65QrLj5hVcWw30WbnLBYAqsD7m1JwhUBBVVvIgNlOM/sSW1MNeGs RTOxpo6hbqe6WRqqtTEIopyOx/RUNM33NQ6Rfvo27/Sop4/xUe8DUQsnYJ0pJ5QStwOjlSXo9KV mT3nkuQYLAkEAgwz57Wdk9dGOxyYKHsWTk2Y4NlV87/+/QNRO5Wfl/YNKIDuHxLFTin7netad7X MFp43TPtBaNceNzx1UmctmuwJBAKIj149VZaw21RQ2vONV4R1Ll3qblnIQPnjyesCdBbABVVSOH gCW7K0ytUMY9aH+N8rrxTw+0h3D6ILVHbMtXEUCQCwSZx1ZSpxyRU6/6SWMZDibdjxd5Zh03GZh XxLSxzoiRyMygmB65OS5wFncscrd9CYmlpMpAKmatE7G0p+IrVE= -END PRIVATE KEY- ... __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
`NID_uniqueIdentifier' undeclared (first use in this function)
hi, We have ssl (VERSION=0.9.7-dev) in the OpenBSD-CURRENT. Now we dig the problem in ${PORTS}/comms/kermit. cc -O2 -DBSD44 -DCK_CURSES -DCK_NEWTERM -DTCPSOCKET -DOPENBSD -DUSE_UU_LOCK -DFNFLOAT -DUSE_STRERROR -DCKHTTP -DCK_SSL -DCK_AUTHENTICATION -DCK_ENCRYPTION -DCK_DES -DKTARGET=\openbsd\ -c ck_ssl.c ck_ssl.c: In function sl_tn_init': ck_ssl.c:1535: warning: assignment from incompatible pointer type ck_ssl.c:1536: warning: assignment from incompatible pointer type ck_ssl.c: In function sl_http_init': ck_ssl.c:2060: warning: assignment from incompatible pointer type ck_ssl.c: In function sl_check_server_name': ck_ssl.c:2671: warning: assignment makes pointer from integer without a cast ck_ssl.c:2714: warning: assignment makes pointer from integer without a cast ck_ssl.c: In function k_tn_tls_negotiate': ck_ssl.c:3232: ID_uniqueIdentifier' undeclared (first use in this function) ck_ssl.c:3232: (Each undeclared identifier is reported only once ck_ssl.c:3232: for each function it appears in.) ck_ssl.c: In function k_ssl_incoming': ck_ssl.c:3529: ID_uniqueIdentifier' undeclared (first use in this function) *** Error code 1 Stop in /home/ports/comms/kermit/w-kermit-8.0.201. *** Error code 1 Stop in /home/ports/comms/kermit (line 1758 of /usr/ports/infrastructure/mk/bsd.port.mk). I need a solution for this in ssl. --mpech [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #77] Openssl 0.9.6d coredumps
OK, there are several issues here. First of all, your private key is broken, or rather the structure it has been packed into. BEGIN PRIVATE KEY indicates that the key is wrapped in a PKCS8 structure. That structure should start with an integer indicating the version number of the structure (for now, it'll always be 0). That integer is missing, meaning the structure can't be correctly parsed. Second, it seems like OpenSSL lacks error control during the parsing of this particular type of structure, leading to the coredump you experienced. The following patch (which I shall commit promptly) fixes the problem (instead of a coredump, you'll get a few lines of error messages): --- crypto/pem/pem_lib.c2002/02/20 17:55:34 1.30.2.1 +++ crypto/pem/pem_lib.c2002/06/05 11:52:06 @@ -258,6 +258,7 @@ PKCS8_PRIV_KEY_INFO *p8inf; p8inf=d2i_PKCS8_PRIV_KEY_INFO( (PKCS8_PRIV_KEY_INFO **) x, p, len); + if(!p8inf) goto p8err; ret = (char *)EVP_PKCS82PKEY(p8inf); PKCS8_PRIV_KEY_INFO_free(p8inf); } else if (strcmp(nm,PEM_STRING_PKCS8) == 0) { For everyones info, the same error exists in 0.9.7 beta 1 as well. Beta 2 will be corrected appropriately. [[EMAIL PROTECTED] - Tue Jun 4 19:49:46 2002]: Hi all, I've tried to use the following certificate and private key to sign my own requested certificate but for some reason, openssl coredumps. Coredumps occur also when trying to obtain information from private key (with commands like pkcs8, rsa). Any idea why this is happening? (I can provide the coredump file if necessary) -BEGIN PRIVATE KEY- MIIB5DANBgkqhkiG9w0BAQEFADCCAdECgYBTAI9HrMBfEfuTiT9NyUD2jGsWIi1YKqsLt3SdTwi 9Bh/k7/x68GpTRcAzDpklvs4ZaJBXwiJxs6cLJabV+dCHZnH9X3SSrn8Hz1zYrcNgkHqm3Jx6jE aZxjN4MwRQd3KOjwmdZAvHd3+5IXRZPbmYdM1gC0QMiQpCP8rXXJzkZwIBIwKBgANzDplBB1Roe ioJsYI8Oo3nP6ErT66NaNqV65QrLj5hVcWw30WbnLBYAqsD7m1JwhUBBVVvIgNlOM/sSW1MNeGs RTOxpo6hbqe6WRqqtTEIopyOx/RUNM33NQ6Rfvo27/Sop4/xUe8DUQsnYJ0pJ5QStwOjlSXo9KV mT3nkuQYLAkEAgwz57Wdk9dGOxyYKHsWTk2Y4NlV87/+/QNRO5Wfl/YNKIDuHxLFTin7netad7X MFp43TPtBaNceNzx1UmctmuwJBAKIj149VZaw21RQ2vONV4R1Ll3qblnIQPnjyesCdBbABVVSOH gCW7K0ytUMY9aH+N8rrxTw+0h3D6ILVHbMtXEUCQCwSZx1ZSpxyRU6/6SWMZDibdjxd5Zh03GZh XxLSxzoiRyMygmB65OS5wFncscrd9CYmlpMpAKmatE7G0p+IrVE= -END PRIVATE KEY- The matching public key: (this seems to work) -BEGIN CERTIFICATE- MIICRzCCAbCgAwIBAgIEATEF8TANBgkqhkiG9w0BAQQFADBVMQswCQYDVQQGEwJGSTEoMCYGA1U EChMfVGhlIEZpbm5pc2ggQmFua2VycyBBc3NvY2lhdGlvbjEcMBoGA1UECxMTQ2xpZW50IENBIF VudHJ1c3RlZDAeFw0wMDA2MTQwNjMwMDBaFw0yNzEwMzEwODMwMDBaMFUxCzAJBgNVBAYTAkZJM SgwJgYDVQQKEx9UaGUgRmlubmlzaCBCYW5rZXJzIEFzc29jaWF0aW9uMRwwGgYDVQQLExNDbGll bnQgQ0EgVW50cnVzdGVkMIGcMA0GCSqGSIb3DQEBAQUAA4GKADCBhgKBgFMAj0eswF8R+5OJP03 JQPaMaxYiLVgqqwu3dJ1PCL0GH+Tv/HrwalNFwDMOmSW+zhlokFfCInGzpwslptX50Idmcf1fdJ KufwfPXNitw2CQeqbcnHqMRpnGM3gzBFB3co6PCZ1kC8d3f7khdFk9uZh0zWALRAyJCkI/ytdcn ORnAgEjoycwJTAPBgNVHQ8BAf8EBQMDB4AAMBIGA1UdEwEB/wQIMAYBAf8CAQIwDQYJKoZIhvcN AQEEBQADgYEAUQu1peUXTmTBcNvNXAc8bQ5TDW8vL5Sl9zPNJsWD99pAqjIyMXLx02+96g46fUA ujxTzsVFNlnJ+tbejvTDZcWqSc6r/H1TeGOc14HAAFIRGV3ifI65Kj3XAHYRAuaVQtb69DAvWxM 7VINWzZp1Ip3kM1MC1J7GjlbW5yyxDiGM= -END CERTIFICATE- Regards, Jarmo __ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] -- Richard Levitte [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #71] [Fwd: Bug#141360: libssl-dev: gcc warning:redundant declaration of ERR_load_PEM_strings()]
However, double declaration isn't an error, at least if the declarations are exactly the same. Until someone comes up with a better solution to break the circular dependency mentioned above, I don't see that this really needs to get fixed. I'll add the keyword nice to have to this ticket... This is typically done by making the declaration be like this; #ifndef _DECLARED_FOO extern struct foo *getafoo(); #define _DECLARED_FOO #endif __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #78] Memleak in libcrypto
A little more analysis seems to indicate that X509_EXTENSION isn't properly coded, since freeing it requires a dive into the OCTET_STRING (or whatever that translates to) and free whatever that's pointing to. The code in question is crypto/asn1/x_exten.c, and for comparison, one might want to look at crypto/asn1/x_x509.c... I've assigned this ticket to Steve, since he's much more competent on this type of stuff... [levitte - Wed Jun 5 14:12:27 2002]: Looks to me like X509_EXTENSION_free() doesn't do it's job properly. [[EMAIL PROTECTED] - Wed Jun 5 13:28:48 2002]: Ok, then when are those datas supposed to be freed ? Here is the code: X509V3_CTX ctx; X509V3_set_ctx_test(ctx); X509_EXTENSION *ext; char * FieldName=authorityInfoAccess; char * FieldValue=caIssuers;URI:http://www.openssl.org/root.crt; if (!(ext = X509V3_EXT_nconf(NULL, ctx, FieldName, FieldValue))) { return false; } X509_EXTENSION_free(ext); I don't see what I forget to free ? -- Richard Levitte [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #81] Bug Report 0.9.7b1: make install broken onNeXTSTEP/OpenStep
Richard Levitte via RT wrote: Can I assume that sed exists and works properly? dirname can be coded like this: echo $$i | sed -e 's|[^/]*$||' -e 's|/$||' dirname foo returns . which the above doesn't catch. I can only think of the following short shell script #! /bin/sh for I do case $I in */* ) echo $I | sed -e 's@\(.*\)/.*@\1@' ;; *) echo . esac done sed has had \(\) since v7 unix days. ... on the other hand, since you're already requirring perl ... __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #81] Bug Report 0.9.7b1: make install broken onNeXTSTEP/OpenStep
In message [EMAIL PROTECTED] on Wed, 05 Jun 2002 09:43:45 -0400, Rich Salz [EMAIL PROTECTED] said: rsalz Richard Levitte via RT wrote: rsalz Can I assume that sed exists and works properly? dirname can be rsalz coded like this: rsalz rsalz echo $$i | sed -e 's|[^/]*$||' -e 's|/$||' rsalz rsalz dirname foo returns . which the above doesn't catch. Ah, I missed that... rsalz */* ) echo $I | sed -e 's@\(.*\)/.*@\1@' ;; Why such a complicated sed? 's@/[^/]*$@@' is perfecty sufficient, and a little bit more efficient :-). rsalz on the other hand, since you're already requirring perl ... That was my next option. -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Unsolicited commercial email is subject to an archival fee of $400. See http://www.stacken.kth.se/~levitte/mail/ for more info. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #66] Possible bug in OpenSSL-0.9.6d/crypto/asn1/a_utctm.c
Thanks for the report, I've commited the suggested fix. [[EMAIL PROTECTED] - Fri May 31 21:03:26 2002]: I believe that I have found a bug in the above file and would like for someone else to santiy check it. At line 290 in a_utctm.c, a separate code block is being used if the library needs to call gmtime_r() to get the time structure. The value is stored in a temporary (data) that is declared in this code block. The address of the temporary is assigned to an external variable tm. This can cause some memory corruption problems. The memory corruption would occur if the compiler removes the memory allocated to the temporary after the code block is done. The derefencing of tm a couple of lines later could result in a SIGSEGV because that memory has been returned. The solution to this problem is to remove the code block and declare struct tm data at the beginning of ASN1_UTCTIME_cmp_time_t(). Darin Broady [EMAIL PROTECTED] Lexmark International, Inc. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] -- Richard Levitte [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #71] [Fwd: Bug#141360: libssl-dev: gcc warning:redundant declaration of ERR_load_PEM_strings()]
In message [EMAIL PROTECTED] on Wed, 05 Jun 2002 09:32:44 -0400, Rich Salz [EMAIL PROTECTED] said: rsalz However, double declaration isn't an error, at least if the rsalz declarations are exactly the same. Until someone comes up with a rsalz better solution to break the circular dependency mentioned above, I rsalz don't see that this really needs to get fixed. I'll add the keyword rsalz nice to have to this ticket... rsalz rsalz This is typically done by making the declaration be like this; rsalz #ifndef _DECLARED_FOO rsalz extern struct foo *getafoo(); rsalz #define _DECLARED_FOO rsalz #endif Eeeep. I know that would only be required in pem.h, but since the section where ERR_load_PEM_strings() is declared is generated automagically, it ultimately means we need to have that construction in all headers. It's ugly... Oh well, I'll see what I can do. I think I'll use names like _OPENSSL_DECLARED_FOO... -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Unsolicited commercial email is subject to an archival fee of $400. See http://www.stacken.kth.se/~levitte/mail/ for more info. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #71] [Fwd: Bug#141360: libssl-dev: gcc warning: redundant declaration of ERR_load_PEM_strings()]
However, double declaration isn't an error, at least if the declarations are exactly the same. Until someone comes up with a better solution to break the circular dependency mentioned above, I don't see that this really needs to get fixed. I'll add the keyword nice to have to this ticket... This is typically done by making the declaration be like this; #ifndef _DECLARED_FOO extern struct foo *getafoo(); #define _DECLARED_FOO #endif __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #81] Bug Report 0.9.7b1: make install broken on NeXTSTEP/OpenStep
Richard Levitte via RT wrote: Can I assume that sed exists and works properly? dirname can be coded like this: echo $$i | sed -e 's|[^/]*$||' -e 's|/$||' dirname foo returns . which the above doesn't catch. I can only think of the following short shell script #! /bin/sh for I do case $I in */* ) echo $I | sed -e 's@\(.*\)/.*@\1@' ;; *) echo . esac done sed has had \(\) since v7 unix days. ... on the other hand, since you're already requirring perl ... __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #81] Bug Report 0.9.7b1: make install broken on NeXTSTEP/OpenStep
In message [EMAIL PROTECTED] on Wed, 05 Jun 2002 09:43:45 -0400, Rich Salz [EMAIL PROTECTED] said: rsalz Richard Levitte via RT wrote: rsalz Can I assume that sed exists and works properly? dirname can be rsalz coded like this: rsalz rsalz echo $$i | sed -e 's|[^/]*$||' -e 's|/$||' rsalz rsalz dirname foo returns . which the above doesn't catch. Ah, I missed that... rsalz */* ) echo $I | sed -e 's@\(.*\)/.*@\1@' ;; Why such a complicated sed? 's@/[^/]*$@@' is perfecty sufficient, and a little bit more efficient :-). rsalz on the other hand, since you're already requirring perl ... That was my next option. -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Unsolicited commercial email is subject to an archival fee of $400. See http://www.stacken.kth.se/~levitte/mail/ for more info. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #71] [Fwd: Bug#141360: libssl-dev: gcc warning: redundant declaration of ERR_load_PEM_strings()]
In message [EMAIL PROTECTED] on Wed, 05 Jun 2002 09:32:44 -0400, Rich Salz [EMAIL PROTECTED] said: rsalz However, double declaration isn't an error, at least if the rsalz declarations are exactly the same. Until someone comes up with a rsalz better solution to break the circular dependency mentioned above, I rsalz don't see that this really needs to get fixed. I'll add the keyword rsalz nice to have to this ticket... rsalz rsalz This is typically done by making the declaration be like this; rsalz #ifndef _DECLARED_FOO rsalz extern struct foo *getafoo(); rsalz #define _DECLARED_FOO rsalz #endif Eeeep. I know that would only be required in pem.h, but since the section where ERR_load_PEM_strings() is declared is generated automagically, it ultimately means we need to have that construction in all headers. It's ugly... Oh well, I'll see what I can do. I think I'll use names like _OPENSSL_DECLARED_FOO... -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Unsolicited commercial email is subject to an archival fee of $400. See http://www.stacken.kth.se/~levitte/mail/ for more info. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #81] Bug Report 0.9.7b1: make install broken on NeXTSTEP/OpenStep
On 02-06-05 15:43:45 CEST, Rich Salz wrote: Richard Levitte via RT wrote: Can I assume that sed exists and works properly? dirname can be coded like this: echo $$i | sed -e 's|[^/]*$||' -e 's|/$||' dirname foo returns . which the above doesn't catch. I can only think of the following short shell script #! /bin/sh for I do case $I in */* ) echo $I | sed -e 's@\(.*\)/.*@\1@' ;; *) echo . esac done i remember on my SVR3 machine dirname(1) was a shell script: -r-xr-xr-x 1 sys bin93 Oct 11 1985 /bin/dirname* expr \ ${1-.}'/' : '\(/\)[^/]*/$' \ \| ${1-.}'/' : '\(.*[^/]\)//*[^/][^/]*//*$' \ \| . the solaris 1 dirname is: #! /bin/sh # # @(#)dirname.sh 1.5 89/03/22 SMI; from S5R2 1.2 # PATH=/bin:/usr/bin expr \ ${1-.}'/' : '\(/\)[^/]*//*$' \ \| ${1-.}'/' : '\(.*[^/]\)//*[^/][^/]*//*$' \ \| . i.e. the same with attribution. unlike sed expr usually is a sh built-in. rj __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #81] Bug Report 0.9.7b1: make install broken on NeXTSTEP/OpenStep
On 02-06-05 15:43:45 CEST, Rich Salz wrote: Richard Levitte via RT wrote: Can I assume that sed exists and works properly? dirname can be coded like this: echo $$i | sed -e 's|[^/]*$||' -e 's|/$||' dirname foo returns . which the above doesn't catch. I can only think of the following short shell script #! /bin/sh for I do case $I in */* ) echo $I | sed -e 's@\(.*\)/.*@\1@' ;; *) echo . esac done i remember on my SVR3 machine dirname(1) was a shell script: -r-xr-xr-x 1 sys bin93 Oct 11 1985 /bin/dirname* expr \ ${1-.}'/' : '\(/\)[^/]*/$' \ \| ${1-.}'/' : '\(.*[^/]\)//*[^/][^/]*//*$' \ \| . the solaris 1 dirname is: #! /bin/sh # # @(#)dirname.sh 1.5 89/03/22 SMI; from S5R2 1.2 # PATH=/bin:/usr/bin expr \ ${1-.}'/' : '\(/\)[^/]*//*$' \ \| ${1-.}'/' : '\(.*[^/]\)//*[^/][^/]*//*$' \ \| . i.e. the same with attribution. unlike sed expr usually is a sh built-in. rj __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #81] Bug Report 0.9.7b1: make install broken onNeXTSTEP/OpenStep
rsalz*/* ) echo $I | sed -e 's@\(.*\)/.*@\1@' ;; Why such a complicated sed? 's@/[^/]*$@@' is perfecty sufficient, and a little bit more efficient :-). Because it makes the implementation of basename pretty obvious :) As for efficiency :) here's an implementation that uses all shell builtins ... #! /bin/sh export IFS case $1 in */*) OLDIFS=$IFS ; IFS=/ ; set $1 ; IFS=$OLDIFS p='' while : ; do case $2 in ) break ;; esac case $p in ) p=$1 ;; *) p=$p/$1 ;; esac shift done echo $p ;; *) echo . ;; esac __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #81] Bug Report 0.9.7b1: make install broken on NeXTSTEP/OpenStep
I just commited a change that involves having a new script called dirname.pl in util/. Thanks for the report. [[EMAIL PROTECTED] - Wed Jun 5 09:33:57 2002]: I successfully built OpenSSL 0.9.7-beta1 on my m68k-next-openstep42 system. It did require adding an extra include somewhere I can't remember offhand, and patching one of the test case files, but other than that it built right out of the box without any issues. Make test completes without any errors. However, I cannot install using the Makefile. The exact error is making all in tools... installing man1/CA.pl.1 sh: dirname: not found *** Exit 1 NeXTSTEP and OpenStep include the basename utility, but not the dirname utility. Is there some sort of pre-existing workaround or is there an implmentation of dirname available in one of the GNU packages? I just thought I'd report this. -- Richard Levitte [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #81] Bug Report 0.9.7b1: make install broken onNeXTSTEP/OpenStep
In message [EMAIL PROTECTED] on Wed, 05 Jun 2002 10:10:52 -0400, Rich Salz [EMAIL PROTECTED] said: rsalz rsalz */* ) echo $I | sed -e 's@\(.*\)/.*@\1@' ;; rsalz rsalz Why such a complicated sed? 's@/[^/]*$@@' is perfecty sufficient, and rsalz a little bit more efficient :-). rsalz rsalz Because it makes the implementation of basename pretty rsalz obvious :) sed -e 's|^[^/]*/||g' rsalz As for efficiency :) here's an implementation that uses all rsalz shell builtins ... Heh, we can probably battle endlessly about efficiency. That was a pretty good one, and a bit less obscure than the expr variant shown here. :-) -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Unsolicited commercial email is subject to an archival fee of $400. See http://www.stacken.kth.se/~levitte/mail/ for more info. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #71] [Fwd: Bug#141360: libssl-dev: gcc warning: redundant declaration of ERR_load_PEM_strings()]
Uhmm, BTW, what exactly do you think that'll solve, considering the actual problem? [[EMAIL PROTECTED] - Wed Jun 5 15:54:26 2002]: However, double declaration isn't an error, at least if the declarations are exactly the same. Until someone comes up with a better solution to break the circular dependency mentioned above, I don't see that this really needs to get fixed. I'll add the keyword nice to have to this ticket... This is typically done by making the declaration be like this; #ifndef _DECLARED_FOO extern struct foo *getafoo(); #define _DECLARED_FOO #endif -- Richard Levitte [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: cvs commit: openssl/crypto/asn1 a_enum.c a_int.c
[EMAIL PROTECTED] wrote: levitte 05-Jun-2002 13:23:23 Modified:crypto/asn1 Tag: OpenSSL_0_9_6-stable a_enum.c a_int.c Log: signedness warning corrected Revision ChangesPath No revision No revision 1.15.2.2 +2 -1 openssl/crypto/asn1/a_enum.c 1.17.2.2 +2 -1 openssl/crypto/asn1/a_int.c Index: a_enum.c === RCS file: /e/openssl/cvs/openssl/crypto/asn1/a_enum.c,v retrieving revision 1.15.2.1 retrieving revision 1.15.2.2 diff -u -r1.15.2.1 -r1.15.2.2 --- a_enum.c2002/05/30 16:48:07 1.15.2.1 +++ a_enum.c2002/06/05 11:23:18 1.15.2.2 @@ -207,7 +207,8 @@ len=((j == 0)?0:((j/8)+1)); if (ret-length len+4) { - char *new_data=(char *)OPENSSL_realloc(ret-data, len+4); + unsigned char *new_data= + (unsigned char *)OPENSSL_realloc(ret-data, len+4); Why cast at all? Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit. - Robert Woodruff __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
small problem with openssl 0.9.7.b1 and the ocsp function
The doc says : Create an OCSP request and write it to a file: openssl ocsp -issuer issuer.pem -cert c1.pem -cert c2.pem -reqout req.der In my test, I try to do exactly that with : openssl ocsp -issuer ocsp_ca.pem -cert ocsp_valide.cer -cert ocsp_revoque.cer -reqout req.der But no req.der file is created. openssl ocsp -issuer ocsp_ca.pem -cert ocsp_valide.cer -cert ocsp_revoque.cer -text gives me this : OCSP Request Data: Version: 1 (0x0) Requestor List: Certificate ID: Hash Algorithm: sha1 Issuer Name Hash: F2891129F54C9DDEAA3E936DBFB870560335231F Issuer Key Hash: 6BFA75BDCDF62581B3A4265BB4462F11D3321B78 Serial Number: 56C745365CDD8F771ED95A323267765F Certificate ID: Hash Algorithm: sha1 Issuer Name Hash: F2891129F54C9DDEAA3E936DBFB870560335231F Issuer Key Hash: 6BFA75BDCDF62581B3A4265BB4462F11D3321B78 Serial Number: 01CA788D7569634FDF4BF6B4029CE1A9 Request Extensions: OCSP Nonce: 955CF8ECF789D6B68443206F4BAE2163 openssl ocsp -issuer ocsp_ca.pem -cert ocsp_valide.cer -cert ocsp_revoque.cer -text -reqout req.der gives only the text output and does not create the file. Are you in the process of writing the programming side documentation for the ocsp functionnality ? __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #71] [Fwd: Bug#141360: libssl-dev: gcc warning: redundant declaration of ERR_load_PEM_strings()]
It avoid the double declaration __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #81] Bug Report 0.9.7b1: make install broken on NeXTSTEP/OpenStep
rsalz*/* ) echo $I | sed -e 's@\(.*\)/.*@\1@' ;; Why such a complicated sed? 's@/[^/]*$@@' is perfecty sufficient, and a little bit more efficient :-). Because it makes the implementation of basename pretty obvious :) As for efficiency :) here's an implementation that uses all shell builtins ... #! /bin/sh export IFS case $1 in */*) OLDIFS=$IFS ; IFS=/ ; set $1 ; IFS=$OLDIFS p='' while : ; do case $2 in ) break ;; esac case $p in ) p=$1 ;; *) p=$p/$1 ;; esac shift done echo $p ;; *) echo . ;; esac __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #82] `NID_uniqueIdentifier' undeclared (first use in this function)
On Wed, Jun 05, 2002 at 03:10:58PM +0200, Lutz Jaenicke via RT wrote: [[EMAIL PROTECTED] - Wed Jun 5 14:48:52 2002]: ck_ssl.c: In function k_tn_tls_negotiate': ck_ssl.c:3232: ID_uniqueIdentifier' undeclared (first use in this function) ck_ssl.c:3232: (Each undeclared identifier is reported only once ck_ssl.c:3232: for each function it appears in.) ck_ssl.c: In function k_ssl_incoming': ck_ssl.c:3529: ID_uniqueIdentifier' undeclared (first use in this function) *** Error code 1 Thank you for a reply. The problem is caused by inconsistent definitions for the OID values. According to RFC2256, the OID 2.5.4.45 is assigned to X500UniqueIdentifier. UniqueIdentifier was assigned to pilotAttributeType.44 in RFC1274. If you have a look into crypto/objects/objects.txt you will see, that this was (still is) commented out. The reason is that UniqueIdentifier was (incorrectly) used for 2.5.4.45... In OpenSSL 0.9.7 I renamed the entry for 2.5.4.45 to fully comply with RFC2256. Now UniqueIdentifier is missing, as I did not uncomment the entry for RFC1274 (otherwise maybe nobody would have noted and only later strange failures would have been reported). I see. Let's discuss how to fix it!? For instance, mod_ssl 2.8.8-1.3.24 use workaround: #ifndef NID_uniqueIdentifier #define NID_uniqueIdentifier 102 #endif ## ## ## Also, markus@ created this temp patch: +@@ -102,6 +104,13 @@ + !ERROR This module requires OpenSSL 0.9.5a or higher + #endif /* OPENSSL_VERSION_NUMBER */ + #endif /* SSLDLL */ ++ ++#if OPENSSL_VERSION_NUMBER 0x00907000L ++#else ++ #ifndef NID_UniqueIdentifier ++ #define NID_uniqueIdentifier NID_x500UniqueIdentifier ++ #endif ++#endif + + static int auth_ssl_valid = 0; + static char *auth_ssl_name = 0;/* this holds the oneline name */ Comments ? --mpech __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #81] Bug Report 0.9.7b1: make install broken onNeXTSTEP/OpenStep
On Wed, 5 Jun 2002, Richard Levitte via RT wrote: Can I assume that sed exists and works properly? dirname can be coded like this: echo $$i | sed -e 's|[^/]*$||' -e 's|/$||' If that's guaranteed to work everywhere, that seems to be a good candidate for a 'dirname $$i' replacement... This won't work in systems where an initial / doesn't signify an absolute path. Windows and DOS based systems may start with a \ or with [a-zA-Z]:[\\/] for absolute path. DJGPP and Cygwin have their own dirname applications (from GNU shell utilities), so this shouldn't be a problem for them. I am not sure about other DOS/Windows based compilers. What about VMS? Doug __ Doug Kaufman Internet: [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #76] Cygwin problems with 0.9.7
[[EMAIL PROTECTED] - Tue Jun 4 19:47:39 2002]: Building 0.9.7 (snapshot from June 1) with Cygwin led to several warnings during compilation related to the assembly code now included by default. Despite the warnings, it passed the tests in make test. Does something need to get fixed? These warnings under Cygwin's port of GCC were errors under the DJGPP port of GCC. Doug (cd asm; /usr/local/bin/perl md5-586.pl cpp mx86unix.cpp) The argument cpp should probably be gaswin when used with Cygwin. There are probably other changes needed as well, but that's what I can guess so far. gcc -E -DOUT asm/mx86unix.cpp | as -o asm/mx86-out.o {standard input}: Assembler messages: {standard input}:57: Warning: .type pseudo-op used outside of .def/.endef ignored. {standard input}:57: Warning: rest of line ignored; first ignored character is `_' [...] -- Richard Levitte [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]