Re: [openssl-dev] OpenSSL

You should not run 0.9.8, any version. It is old, has known security bugs, and is end of life. Go to the website, click on download, and get a recent version. -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] OpenSSL

Dear Team We have installed httpd-2.2.25-win32-x86-openssl-0.9.8y apache web server which has openssl .9.8y as a part of the package, we ran the vulnerability scan for the same The system admin team has suggested to upgrade openssl 0.9.8zb, how do we go about it? We have used openssl t

Re: [openssl-dev] OpenSSL version 1.1.0 pre release 3 v. VMS

In message <16021619150191_20205...@antinode.info> on Tue, 16 Feb 2016 19:15:01 -0600 (CST), "Steven M. Schweda" said: sms> From: Richard Levitte sms> sms> > sms> Configuring for vms-alpha sms> > sms> %DCL-W-MAXPARM, too many parameters - reenter command with fewer parameters sms> > sms> \2\

Re: [openssl-dev] OpenSSL version 1.1.0 pre release 3 v. VMS

From: Richard Levitte > sms> Configuring for vms-alpha > sms> %DCL-W-MAXPARM, too many parameters - reenter command with fewer > parameters > sms> \2\ > > Yeah, that one is entirely harmless (and known). Ok. > sms>Apparently, the test for "--prefix" is case-sensitive, and DCL can't >

Re: [openssl-dev] memory leaks detected using libSSL 1.1

Hi Matt, Yes I am linking statically and I read the man about OPENSSL_init_crypto(), thanks. However I still have leaks reported. :-( What I have changed to adapt to v1.1 is calling OPENSSL_thread_stop() in each thread before it leaves, instead of ERR_remove_thread_state( NULL ), and I am callin

Re: [openssl-dev] OpenSSL version 1.1.0 pre release 3 published

On Tue, Feb 16, 2016 at 11:06:32PM +, Howard Chu wrote: > >I[t] must do nothing. That's what auto-initialization is for. It is > >wrong for libraries to initialize OpenSSL, because that can't be > >done safely. So in libraries that use OpenSSL, no OpenSSL initialization, > >and no cleanup.

Re: [openssl-dev] OpenSSL version 1.1.0 pre release 3 published

Viktor Dukhovni wrote: On Feb 16, 2016, at 11:17 AM, David Woodhouse wrote: If a library (or loadable plugin within an application) uses OpenSSL, how should it clean up after itself? I must do nothing. That's what auto-initialization is for. It is wrong for libraries to initialize OpenSSL

Re: [openssl-dev] Openssl-SNAP-20160216 issues

Can I make a few suggestions? Wait a day or two and see if the problem is fixed. Snapshots are expected to be broken now and then. Posting your config line is very important ./config have-egd For example. Or whatever it is. Remove/ignore things that pass, just show what fails. Thanks

Re: [openssl-dev] Openssl-SNAP-20160216 issues

On Tue, Feb 16, 2016 at 10:42:21AM +0100, Richard Levitte wrote: > In message <20160216090030.ga11...@doctor.nl2k.ab.ca> on Tue, 16 Feb 2016 > 02:00:30 -0700, The Doctor said: > > doctor> In the make test I am getting > doctor> > doctor> TOP=.. PERL=/usr/bin/perl5 /usr/bin/perl5 run_tests.pl al

[openssl-dev] [openssl.org #4294] [bug] failed to install in Ubuntu

system info: user@ubuntu:~/Downloads/openssl$ uname -a Linux ubuntu 4.2.0-16-generic #19-Ubuntu SMP Thu Oct 8 15:35:06 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux procedure: 1. git clone https://github.com/openssl/openssl 2. cd openssl/ 3. ./config 4. make depend 5. sudo make install output Test Su

Re: [openssl-dev] ECDH engine

> When I started to write the ECDSA code for engine_pkcs11 in 2011 the code to > support the method hooks was not > in the code. So I used internal OpenSSL header files to copy the ECDSA_METHOD > and replace the function needed. > Look for "BUILD_WITH_ECS_LOCL_H" in libp11. Not until 1.0.2 did Op

[openssl-dev] Post openssl-SNAP-20160120 issues

All right the last verion of Openssl-SNAP that I got to work was openssl-SNAP-20160120 Since then and issue with store was discovered and now Script started on Tue Jan 26 08:03:12 2016 ns2.nl2k.ab.ca//usr/source/openssl-SNAP-20160126$ !/bin /bin/sh ../configopenssl11 Configuring OpenSSL ver

Re: [openssl-dev] OpenSSL 1.1 pre-3 CRYPTO_set_mem_functions

> You know, you're entirely right. That's a flaw and needs correction. > Thanks for the notification. Yes, the macro's in crypto.h should call through the function pointers. -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl-users] OpenSSL version 1.1.0 pre release 3 published

>OpenSSL 1.1.0 is currently in alpha. OpenSSL 1.1.0 pre release 3 has now >been made available. For details of changes and known issues see the >release notes at: Just to emphasize one important point: Our next release is planned to be Beta-1, in about a month. After that, no new A

Re: [openssl-dev] Call for testing: OpenSSH 7.2

In OpenSSL 1.1, the fields of most structures are not available, the structures are made opaque. Instead accessors need to be used; if more need to be provided, that's an OpenSSL bug. Else it's an openssh porting issue. -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mail

[openssl-dev] OPENSSL_config with default configuration

Hello, OPENSSL_config with NULL argument crash in master branch. Please find attached file with proposed patch. Regards, Roumen >From f6eee9281567e47ae23383c527845cc4a897d195 Mon Sep 17 00:00:00 2001 From: Roumen Petrov Date: Fri, 12 Feb 2016 22:18:59 +0200 Subject: [PATCH 4/5] OPENSSL_config

[openssl-dev] [openssl.org #4312] documentation: RSA_new_method argument

Hello, Function argument is pointer to ENGINE - please find attached patch Regards, Roumen Petrov -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4312 Please log in as guest with password guest if prompted >From 2f2e1f210ec3c8452ecd041604fd14071a4b59ca Mon Sep 17 00:00:00 2001 Fro

[openssl-dev] duplicate opt* declaration in apps.h

Hello, Currently opt_next, opt_imax and opt_umax are declared more than once in apps.h - see attached patch Roumen >From 1e44a45a2c38a16ba342355bf92af6f0fc7d15f6 Mon Sep 17 00:00:00 2001 From: Roumen Petrov Date: Tue, 16 Feb 2016 21:30:27 +0200 Subject: [PATCH 5/5] redundant opt* declaratio

Re: [openssl-dev] Openssl-SNAP-20160216 issues

Interested, I added zlib and egd. Now I try HARNESS_VERBOSE=yes make test TESTS='test_networking' REsult: shlib_target=; if [ -n "libcrypto.so.1.1 libssl.so.1.1" ]; then shlib_target="bsd-gcc-shared"; fi; LIBRARIES="-L.. -lssl -L.. -lcrypto" ; make -f ../Makefile.shared -e APPNAME=opens

[openssl-dev] [openssl.org #4311] OpenSSL 1.1.0-pre3: quote PERL=$(PERL) in Makefiles

Hi there, I built OpenSSL 1.1.0-pre3 with PERL="/usr/bin/env perl" This has the nice effect, that any generated perl artefact that itself uses perl via the "#!" notation contains #!/usr/bin/env perl and not the perl path to which "/usr/bin/env perl" resolves during build time on the b

Re: [openssl-dev] Openssl-SNAP-20160216 issues

On Tue, Feb 16, 2016 at 10:42:21AM +0100, Richard Levitte wrote: > In message <20160216090030.ga11...@doctor.nl2k.ab.ca> on Tue, 16 Feb 2016 > 02:00:30 -0700, The Doctor said: > > doctor> In the make test I am getting > doctor> > doctor> TOP=.. PERL=/usr/bin/perl5 /usr/bin/perl5 run_tests.pl al

Re: [openssl-dev] Openssl-SNAP-20160216 issues

On Tue, Feb 16, 2016 at 10:42:21AM +0100, Richard Levitte wrote: > In message <20160216090030.ga11...@doctor.nl2k.ab.ca> on Tue, 16 Feb 2016 > 02:00:30 -0700, The Doctor said: > > doctor> In the make test I am getting > doctor> > doctor> TOP=.. PERL=/usr/bin/perl5 /usr/bin/perl5 run_tests.pl al

Re: [openssl-dev] OpenSSL version 1.1.0 pre release 3 published

On Mon, Feb 15, 2016 at 10:17:15PM +, Matt Caswell wrote: > Maybe EVP_cleanup() and other similar explicit deinit functions should > be deprecated, and do nothing in 1.1.0? The auto-deinit capability > should handle it. That way you would not need to do anything "special" > for 1.1.0 with "#if

Re: [openssl-dev] OpenSSL version 1.1.0 pre release 3 published

On 16/02/16 16:17, David Woodhouse wrote: > On Mon, 2016-02-15 at 22:17 +, Matt Caswell wrote: >> >> Maybe EVP_cleanup() and other similar explicit deinit functions should >> be deprecated, and do nothing in 1.1.0? The auto-deinit capability >> should handle it. That way you would not need to

Re: [openssl-dev] OpenSSL version 1.1.0 pre release 3 published

> On Feb 16, 2016, at 11:17 AM, David Woodhouse wrote: > > If a library (or loadable plugin within an application) uses OpenSSL, > how should it clean up after itself? I must do nothing. That's what auto-initialization is for. It is wrong for libraries to initialize OpenSSL, because that can'

Re: [openssl-dev] OpenSSL version 1.1.0 pre release 3 published

On Mon, 2016-02-15 at 22:17 +, Matt Caswell wrote: > > Maybe EVP_cleanup() and other similar explicit deinit functions should > be deprecated, and do nothing in 1.1.0? The auto-deinit capability > should handle it. That way you would not need to do anything "special" > for 1.1.0 with "#ifdef"

Re: [openssl-dev] Call for testing: OpenSSH 7.2

In message <20160216154855.ga27...@doctor.nl2k.ab.ca> on Tue, 16 Feb 2016 08:48:56 -0700, The Doctor said: doctor> So how exactly would you rewrite doctor> doctor> EVP_PKEY *pk = NULL; doctor> doctor> ? Not at all. Pointers to opaque types are perfectly fine in C. However, you may have to ti

Re: [openssl-dev] Call for testing: OpenSSH 7.2

On Tue, Feb 16, 2016 at 02:52:51AM +, Dr. Stephen Henson wrote: > On Mon, Feb 15, 2016, The Doctor wrote: > > > Just tested this on the old BSD/OS machine > > > > works with openssl 1.0.2X > > > > Openssl 1.1.X issues > > > > cipher.h in openssl 1.1 needs to read > > > > struct sshciphe

[openssl-dev] [openssl.org #4310] Fix various no-XXX build options

The UEFI/EDK2 build turns off a lot of options that it doesn't use, and a few of them got broken recently in OpenSSL HEAD. Even no-engine and no-ui doesn't seem to work correctly any more. Here are some fixes... -- David WoodhouseOpen Source Technology Centre david.wo

[openssl-dev] [openssl.org #4309] [PATCH] Fix UEFI/EDK2 build error by defining PRIu64

Provide an appropriate definition of PRIu64 for the EDK2 build, since we don't have there. ---  include/openssl/e_os2.h | 1 +  1 file changed, 1 insertion(+) diff --git a/include/openssl/e_os2.h b/include/openssl/e_os2.h index 1a1fe3e..59af447 100644 --- a/include/openssl/e_os2.h +++ b/include/op

Re: [openssl-dev] OpenSSL version 1.1.0 pre release 3 published

On Po, 2016-02-15 at 22:17 +, Matt Caswell wrote: > > On 15/02/16 21:50, Jouni Malinen wrote: > > On Mon, Feb 15, 2016 at 09:34:33PM +, Matt Caswell wrote: > > > On 15/02/16 21:25, Jouni Malinen wrote: > > > > Is this change in OpenSSL behavior expected? Is it not allowed > > > > to call >

Re: [openssl-dev] Openssl-SNAP-20160216 issues

In message <20160216090030.ga11...@doctor.nl2k.ab.ca> on Tue, 16 Feb 2016 02:00:30 -0700, The Doctor said: doctor> In the make test I am getting doctor> doctor> TOP=.. PERL=/usr/bin/perl5 /usr/bin/perl5 run_tests.pl alltests doctor> ../test/recipes/01-test_ordinals.t ok doctor> ../test

[openssl-dev] Openssl-SNAP-20160216 issues

In the make test I am getting TOP=.. PERL=/usr/bin/perl5 /usr/bin/perl5 run_tests.pl alltests ../test/recipes/01-test_ordinals.t ok ../test/recipes/05-test_bf.t .. ok ../test/recipes/05-test_cast.t ok ../test/recipes/05-test_des.t . ok ../test/recipes/

Re: [openssl-dev] OpenSSL version 1.1.0 pre release 3 v. VMS

In message <16021520565814_2020c...@antinode.info> on Mon, 15 Feb 2016 20:56:58 -0600 (CST), "Steven M. Schweda" said: sms>There's (still) a curious (but non-fatal) error message from sms> somewhere in the VMS configure procedure: sms> sms> ALP $ @config sms> Configuring OpenSSL version 1.1

[openssl-dev] build issue about engine-corner/Lesson-2-A-digest

Hi levitte, I am studyding how to write an engine nowadays, so I download your repo [1] and try to build it. 1. When the first time I run 'autoreconf -i', I got an error: *configure.ac:18 : error: possibly undefined macro: AC_MSG_FAILURE If this toke