Re: Build Error on 1.0.1 with FIPS

Ah, okay. We tried that out and the FIPS module does build great afterwards. But then, later, the 1.0.1 fips-capable build fails to build with this reasoning: nasm -f win64 -DNEAR -Ox -g -o tmp32dll\rc4-x86_64.obj tmp32dll\rc4-x86_ 64.asm tmp32dll\rc4-x86_64.asm:755: error: symbol `L$SEH_b

Re: Question on DTLS server calling dtls_handle_timeout during protocol handshake.

Hi Yogi, could you try the patch in http://rt.openssl.org/Ticket/Display.html?id=2550 and report if it fixes your issue? Best regards Michael On Jun 27, 2011, at 10:58 PM, Yogesh Chopra wrote: > Hi, > Please look at the debug messages attached to the original message, > These were printf's add

Re: Build Error on 1.0.1 with FIPS

On Thu, Jun 30, 2011, Tyrel Haveman wrote: > Thanks Steve, but now it's running into this instead: > Assembling: tmp32dll\x86_64cpuid.asm > tmp32dll\x86_64cpuid.asm(9) : error A2008:syntax error : SEGMENT > tmp32dll\x86_64cpuid.asm(12) : error A2008:syntax error : ENDS > NMAKE : fatal error U1077

Re: Build Error on 1.0.1 with FIPS

Thanks Steve, but now it's running into this instead: Assembling: tmp32dll\x86_64cpuid.asm tmp32dll\x86_64cpuid.asm(9) : error A2008:syntax error : SEGMENT tmp32dll\x86_64cpuid.asm(12) : error A2008:syntax error : ENDS NMAKE : fatal error U1077: '"C:\Program Files (x86)\Microsoft Visual Studio 10.

Re: Build Error on 1.0.1 with FIPS

On Thu, Jun 30, 2011, Tyrel Haveman wrote: > We just noticed that building the fips module on Linux works fine with > no-asm, but on a 64-bit Windows build, it doesn't work without no-asm. > Here's the error: > > link /nologo /subsystem:console /opt:ref /debug > /out:out32dll\fips_standal

Why does memory BIO use "internal copy operation" after reading?

In the documentation(http://www.openssl.org/docs/crypto/BIO_s_mem.html) I have read that: "Every read from a read write memory BIO will remove the data just read with an internal copy operation..." Why does memory BIO use "internal copy operation" after reading? Why it does not use a ring buf

[openssl.org #2551] [PATCH] All platforms: Option to disable sending renegotiation_info extension.

Now it is not possible to disable sending renegotiation_info extension from server. The only way to do it - is to disable TLS extension completelly, what may not be considered as acceptable. But this is required for compatibility with clients, which can't understand this extension (but do require

[openssl.org #2550] [PATCH] DTLS HelloVerifyRequest Timer bug

The server starts a timer when sending a HelloVerifyRequest, although its state should remain unchanged. Thanks to Yogesh Chopra for finding this bug! Best regards Robin --- ssl/d1_srvr.c 25 May 2011 14:29:55 - 1.20.2.18 +++ ssl/d1_srvr.c 27 Jun 2011 10:02:10 - @@ -29

make openssl fips module on AIX

Hi All, I downloaded openssl-fips-1.2.3.tar.gz and try to build it on AIX 5.2. I configured it like this: ./Configure fipscanisterbuild aix-gcc --openssldir= /emc/suna1/build/openssl-fips-1.2.3. But when make, it came to the following issue. -

Re: [openssl.org #2549] [Bug report / Linux / openssl 0.9.8k-7ubuntu8.6] openssl s_client does not verify certificate against server's host name

On 27/06/11 11:54, Peter Sylvester via RT wrote: > On 06/26/2011 08:05 PM, Peter Sylvester wrote: >> On 06/26/2011 02:59 PM, Alain Knaff via RT wrote: >>> Hello, >>> >>> openssl s_client -connect hostname.domain.com:443 does not verify that >>> the certificate matches the hostname. (i.e. hostname.d

Re: Question on DTLS server calling dtls_handle_timeout during protocol handshake.

Hi, Please look at the debug messages attached to the original message, These were printf's added in the DTLS code and these were messages captured on the server. We are seeing the server start a timer when it sends back a "HelloVerifyRequest". Based on your comments below it appears that shoul

Re: Build Error on 1.0.1 with FIPS

We just noticed that building the fips module on Linux works fine with no-asm, but on a 64-bit Windows build, it doesn't work without no-asm. Here's the error: link /nologo /subsystem:console /opt:ref /debug /out:out32dll\fips_standalone_sha1.exe @C:\Users\TyrelHa\AppData\Local\Temp\nmAD0D

Re: [PATCH] cfi/fpo directives in md5 assembly code

> I wasn't proposing that the other changes had to be done now --- just > noting that the lack of unwind information seems to be a problem that most > of the assembly files have. I think the extra registers' unwind info for the > md5 asm is worth including now, though, since it's a tiny enhancement