Re: [openssl-dev] Running against BoringSSL's SSL test suite

And also Openssl fails with Resume-Client-NoResume cases. Do you have any report on which test cases do fail and reasons for the failure? RT tickets 4387 through 4395 were the failures I've triaged. I'm sure there's more things in there to look through. I don't believe Resume-Client-NoResume

[openssl-dev] [openssl.org #3676] [PATCH] Export ASN1 templates for DH and ECDH groups

On Wed Mar 09 23:50:40 2016, matthias.st.pie...@ncp-e.com wrote: > > According to our records, your request has been resolved. If you have > > any > > further questions or concerns, please respond to this message. > > Thanks a lot for finally adding the patch. Since our software is not > ready for

Re: [openssl-dev] Still seeing this in openssl-SNAP-20160221 Re: Openssl SNAP 20160220 issues

Hi, If you send me these two files, I'll see if I can figure out what's going on: configdata.pm Makefile Cheers Richard On February 21, 2016 3:09:19 PM GMT+01:00, The Doctor wrote: >On Sat, Feb 20, 2016 at 06:47:22AM -0700, The Doctor wrote: >> Major shop stopper

[openssl-dev] [openssl.org #4407] avoid double-free in callers to OCSP_parse_url

https://github.com/openssl/openssl/pull/837 This patch sets the path, port, and host parameters to NULL after they are freed in OCSP_parse_url, before they are returned to the caller, so the caller won't try to free them again. Thanks, Jim -- Ticket here:

Re: [openssl-dev] [openssl.org #3676] Resolved: [PATCH] Export ASN1 templates for DH and ECDH groups

> According to our records, your request has been resolved. If you have any > further questions or concerns, please respond to this message. Thanks a lot for finally adding the patch. Since our software is not ready for version 1.1 yet, I can't try it directly with the master, but I will

Re: [openssl-dev] [openssl-commits] [openssl] master update

Am 09.03.2016 um 22:53 schrieb Richard Levitte: The branch master has been updated via 64b9d84bfd0da0305a1df9b97ffbdc3898f59e62 (commit) from 2b8fa1d56cd3a41d666994a1b2ed9df0f5e5d1ec (commit) - Log - commit

Re: [openssl-dev] [openssl.org #4406] Linaro and ARM/64/AARCH64: fatal error: arm_arch.h: No such file or directory

In message on Wed, 09 Mar 2016 22:39:57 +, "noloa...@gmail.com via RT" said: rt> Working from Master: rt> rt> $ git reset --hard HEAD rt> HEAD is now at 64b9d84 When grepping something starting with a rt>

[openssl-dev] [openssl.org #4406] Linaro and ARM/64/AARCH64: fatal error: arm_arch.h: No such file or directory

Working from Master: $ git reset --hard HEAD HEAD is now at 64b9d84 When grepping something starting with a dash, remember to use -e $ git pull Already up-to-date. And then: $ ./config ... $ make depend && make clean && make ... gcc -DDSO_DLFCN -DHAVE_DLFCN_H

Re: [openssl-dev] [openssl.org #4398] BUG / 1.0.2g breaks CURL extension

On Tue, Mar 8, 2016 at 8:43 AM, Thomas Brunnthaler via RT wrote: > CURL not working since upgrade to 1.0.2g on windows. I use PHP 5.2.17 VC6 > x86 TS. Error Message: OS cannot load %1 or so. > Is it possible to release an out-of-band update for this fix? Many folks are

Re: [openssl-dev] [openssl.org #4398] BUG / 1.0.2g breaks CURL extension

On Tue, Mar 8, 2016 at 8:43 AM, Thomas Brunnthaler via RT wrote: > CURL not working since upgrade to 1.0.2g on windows. I use PHP 5.2.17 VC6 > x86 TS. Error Message: OS cannot load %1 or so. > Is it possible to release an out-of-band update for this fix? Many folks are

Re: [openssl-dev] Errors when loading an OpenSSL RSA Engine

In message <1457543989853-64500.p...@n7.nabble.com> on Wed, 9 Mar 2016 10:19:49 -0700 (MST), danigrosu said: dni.grosu> Richard Levitte - VMS wrote dni.grosu> > Exactly how did it fail? It's a bit hard to diagnose unless you show dni.grosu> > us what you were told... I

Re: [openssl-dev] Errors when loading an OpenSSL RSA Engine

On 3/9/16, 12:57 , "openssl-dev on behalf of danigrosu" wrote: >In git version, if I comment the block... I found that was not necessary. But autotools setup did not work (see my previous post in this thread). Perhaps Richard

Re: [openssl-dev] [openssl.org #4355] OpenSSL 1.0.2 branch fails to build with MSVC

On Sun, Feb 28, 2016 at 02:33:34PM +, Simon Richter via RT wrote: > Hi, > > I just got this from our Jenkins instance that follows OpenSSL 1.0.2: That should have been fixed some time ago, but it seems your mail only got here today. Kurt -- Ticket here:

Re: [openssl-dev] [openssl.org #4276] AutoReply: Possible bug - ts -verify -digest, error:ts_rsp_verify.c:291:

TS is not a high priority for the OpenSSL team. A month is not a long time. We are busy right now working on the next release. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4276 Please log in as guest with password guest if prompted -- openssl-dev mailing list To

[openssl-dev] [openssl.org #4355] OpenSSL 1.0.2 branch fails to build with MSVC

Hi, I just got this from our Jenkins instance that follows OpenSSL 1.0.2: Simon Forwarded Message Subject: Build failed in Jenkins: windows-openssl-msvc » x86,windows #283 Date: Sat, 27 Feb 2016 23:42:52 +0100 (CET) See

[openssl-dev] Still seeing this in openssl-SNAP-20160221 Re: Openssl SNAP 20160220 issues

On Sat, Feb 20, 2016 at 06:47:22AM -0700, The Doctor wrote: > Major shop stopper > > ../test/recipes/30-test_pbelu.t ... > 1..1 > ./pbelutest: can't load library 'ssl.so.1.1' > not ok 1 - running pbelutest > > # Failed test 'running pbelutest' > # at

Re: [openssl-dev] [openssl.org #4276] AutoReply: Possible bug - ts -verify -digest, error:ts_rsp_verify.c:291:

Hello Openssl, is there any update? Do you need more information? Thank you Cheers Mario Scalabrino Untitled Document *Certify Doc * *MARIO SCALABRINO * Founder & CEO (+34) 680 128 282 mario.scalabr...@andifyou.com

Re: [openssl-dev] [openssl.org #4276] AutoReply: Possible bug - ts -verify -digest, error:ts_rsp_verify.c:291:

Hello Openssl, can you please tell me something? I don't understand if anybody reads this email. Almost a month has passed. Mario Scalabrino Untitled Document On 17/02/2016 14:49, Mario Scalabrino wrote: > Hello Openssl, > > is there any update? Do you need more information? > > Thank you > >

[openssl-dev] [openssl.org #4405] 1.1.0 compile failure with no-comp

When trying to compile 1.1.0 with no-comp no-shared flags current master fails with the following error on linux: ./libcrypto.so: undefined reference to `COMP_zlib_cleanup' collect2: error: ld returned 1 exit status And perhaps a more instructive one on OS X: Undefined symbols for

Re: [openssl-dev] Errors when loading an OpenSSL RSA Engine

In git version, if I comment the block / if (id && strcmp(id, engine_id)) { fprintf(stderr, "MD5 engine called with the unexpected id %s\n", id); fprintf(stderr, "The expected id is %s\n", engine_id); goto end; }/ ... then I type /$ gcc -fPIC -o rfc1321/md5c.o -c rfc1321/md5c.c $

Re: [openssl-dev] Errors when loading an OpenSSL RSA Engine

Blumenthal, Uri - 0553 - MITLL wrote > You probably want to post (a) the modifications you made to > autotools-whatever, and (b) the resulting compile and link commands. The answer of this question (asked by

[openssl-dev] [openssl.org #4404] [PATCH] Missing Sanity Check for OPENSSL_strdup() in OpenSSL-1.1 pre-4

Hello All, In reviewing code in directory 'crypto/conf', file 'conf_mod.c', there is a call to OPENSSL_strdup() which is not checked for a return value of NULL, indicating failure. The patch file below adds the test, and releases the previously allocated memory assigned to 'tmod': ---

[openssl-dev] [openssl.org #4403] [PATCH] prevent OPENSSL_realloc() from clobbering old pointer value on failure in OpenSSL-1.1 pre-4

Hello All, In reviewing code in directory 'crypto/modes', file 'ocb128.c', there is a call to OPENSSL_realloc() which has the potential to clobber the old value of variable 'ctx->l', if the call returns NULL. The patch file below uses a void *tmp_ptr to prevent this from occuring: ---

[openssl-dev] [openssl.org #4402] [PATCH] Missing Sanity Check for BN_new in 'apps/prime.c' for OpenSSL-1.1 pre4

Hello All, In reviewing code in directory 'apps', file 'prime.c', there is a call to BN_new() which is not checked for a return value of NULL, indicating failure. The patch file below should address/correct this issue: --- prime.c.orig2016-03-08 16:13:24.841500061 -0800 +++ prime.c

Re: [openssl-dev] [openssl.org #4401] [PATCH] plug potential memory leak(s) in OpenSSL 1.1 pre 4 in 'ec_lib.c'

Geez, What did I start here (egad) :) Bill On Wed, Mar 9, 2016 at 5:03 AM, Salz, Rich via RT wrote: > > No, you got that right, NULL being 'safe' to free varies with OS. > > Except we mandate ANSI C which means it's portable :) > > -- > Ticket here:

[openssl-dev] [openssl.org #3676] [PATCH] Export ASN1 templates for DH and ECDH groups

done in master with commit 60b350a3ef9620866a43358ecd1874c6fc482d9c thanks! -- Rich Salz, OpenSSL dev team; rs...@openssl.org -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=3676 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe:

Re: [openssl-dev] Running against BoringSSL's SSL test suite

On Wed, Mar 9, 2016 at 5:07 AM Kanaka Kotamarthy wrote: > Hi > > I am even testing OpenSSL with BoringSSL's test cases using > Openssl-1.1.0-pre2. Trying to find out reasons of OpenSSL's failures > for particular cases. > > DTLS 1.0 session resumption has some thing wrong.

Re: [openssl-dev] Record of configuration parameters?

I like very much what you suggested! Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network.   Original Message   From: Salz, Rich Sent: Wednesday, March 9, 2016 12:02 To: openssl-dev@openssl.org Reply To: openssl-dev@openssl.org Subject: Re: [openssl-dev] Record of

Re: [openssl-dev] Record of configuration parameters?

> You mean like this? > > ./Configure reconf Yes, but folks are used to seeing it echoed into the config.status file :) -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] Record of configuration parameters?

In message <346b821754c54c6a860aca3b49d5f...@usma1ex-dag1mb1.msg.corp.akamai.com> on Wed, 9 Mar 2016 16:38:40 +, "Salz, Rich" said: rsalz> > In the master branch, the best is to look in configdata.pm. rsalz> > perlargv => [ "linux-x86_64", "-Wa,--noexecstack" ],

Re: [openssl-dev] Record of configuration parameters?

> In the master branch, the best is to look in configdata.pm. > perlargv => [ "linux-x86_64", "-Wa,--noexecstack" ], Perhaps configdata.pm should have a comment like "# configured with ...args... At the top, to make it stand out? Or maybe even the command line to reproduce the

Re: [openssl-dev] Errors when loading an OpenSSL RSA Engine

In message <1457534732287-64483.p...@n7.nabble.com> on Wed, 9 Mar 2016 07:45:32 -0700 (MST), danigrosu said: dni.grosu> dni.grosu> danigrosu wrote dni.grosu> I'm just trying to implement an RSA engine and I thought that this dni.grosu> would be a good start.

Re: [openssl-dev] Errors when loading an OpenSSL RSA Engine

> Relating to the MD5 Engine, I tryed to build the git version > manually with these > commands: > $ gcc -fPIC -o rfc1321/md5c.o -c rfc1321/md5c.c > $ gcc -fPIC -o md5-engine.o -c e_md5.c > $ gcc -shared -o md5-engine.so -lcrypto md5-engine.o

[openssl-dev] [openssl.org #4186] [Patch] DSA_dup() function missing in master

DSAparams_dup() meets the need, closing ticket. -- Rich Salz, OpenSSL dev team; rs...@openssl.org -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4186 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe:

Re: [openssl-dev] Record of configuration parameters?

In message on Wed, 9 Mar 2016 15:58:45 +, "Blumenthal, Uri - 0553 - MITLL" said: uri> Say, one configures an openssl build with parameters: uri> uri> ./Configure darwin-whatever —prefix=/whereever enable-this enable-that uri> …etc uri> uri>

[openssl-dev] Record of configuration parameters?

Say, one configures an openssl build with parameters: ./Configure darwin-whatever —prefix=/whereever enable-this enable-that …etc My question is – if after the fact I need to check what parameters exactly were passed to the configuration command, how can I do it? With “normal” autotools, there’s

Re: [openssl-dev] Errors when loading an OpenSSL RSA Engine

danigrosu wrote > I'm just trying to implement an RSA engine and I thought that this would > be a good start. > I tryed successfully the > MD5 Engine > > > written by Richard Levitte and my next

Re: [openssl-dev] [openssl.org #4401] [PATCH] plug potential memory leak(s) in OpenSSL 1.1 pre 4 in 'ec_lib.c'

> No, you got that right, NULL being 'safe' to free varies with OS. Except we mandate ANSI C which means it's portable :) -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4401 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe:

Re: [openssl-dev] Running against BoringSSL's SSL test suite

Hi I am even testing OpenSSL with BoringSSL's test cases using Openssl-1.1.0-pre2. Trying to find out reasons of OpenSSL's failures for particular cases. DTLS 1.0 session resumption has some thing wrong. If s_server started with -dtls and s_client -dtls1 -reconnect , session resumption is not

Re: [openssl-dev] [openssl.org #4401] [PATCH] plug potential memory leak(s) in OpenSSL 1.1 pre 4 in 'ec_lib.c'

On 9 March 2016 at 05:30, Peter Waltenberg wrote: > No, you got that right, NULL being 'safe' to free varies with OS. > > ​It shouldn't if you're programming in C, from the standard (C89): The free function causes the space pointed to by ptr to be deallocated, that is, made

Re: [openssl-dev] [openssl.org #4401] [PATCH] plug potential memory leak(s) in OpenSSL 1.1 pre 4 in 'ec_lib.c'

On 9 March 2016 at 05:30, Peter Waltenberg wrote: > No, you got that right, NULL being 'safe' to free varies with OS. > > ​It shouldn't if you're programming in C, from the standard (C89): The free function causes the space pointed to by ptr to be deallocated, that is, made

Re: [openssl-dev] Errors when loading an OpenSSL RSA Engine

So we are stuck with this error? Since we are using OpenSSL 1.0.1, I think we can handle it. Dani Grosu On 8 March 2016 at 17:03, danigrosu [via OpenSSL] < ml-node+s6102n64449...@n7.nabble.com> wrote: > Blumenthal, Uri - 0553 - MITLL wrote > Could you please confirm that you’re doing this on