On Mon, 6 Jun 2005, Richard Levitte via RT wrote:
[EMAIL PROTECTED] - Tue May 31 17:03:31 2005]:
There is one problem with beta-3 which also occurred in earler
versions, but which I had overlooked, since no errors were generated.
On DJGPP, install_docs stops after installing
The separate tree was constructed per the instructions in INSTALL
mkdir -p objtree/`uname -s`-`uname -r`-`uname -m`
cd objtree/`uname -s`-`uname -r`-`uname -m`
(cd $OPENSSL_SOURCE; find . -type f) | while read F; do
mkdir -p `dirname $F`
OpenSSL self-test report:
OpenSSL version: 0.9.8-beta2
Last change: Add attribute functions to EVP_PKEY structure. Modify...
Options: enable-threads enable-shared enable-zlib no-gmp no-krb5
no-mdc2 no-rc5 no-zlib-dynamic
OS (uname): SunOS shadow 5.10 Generic_118844-01 i86pc
There is one problem with beta-3 which also occurred in earler
versions, but which I had overlooked, since no errors were generated.
On DJGPP, install_docs stops after installing man1/CA.pl.1. No other
man pages were installed. The rest of the installation went fine. I
believe that this occurs
Hi,
I tested the OpenSSL library (version 0.9.7.g) using the server SSL cache and I
found it's extremely slow when the client and server applications are on
different PC's(4 requests and responses per second). If they are both on the
same computer it can handle about 100 or more.
I use 2
Hi again,
I tested the server application of the previsiuos email calculating the time
interval from the SSl_read to SSL_write and on remote connection it takes almost
100 times more than on local test.
I hope this helps.
Thanks
Thanks very much for replying back Steve, I'd much appreciate whatever
you can do here because we need the 0.9.8 features but also need to be
able to set the CSP name in order for certificates to be imported
correctly into Windows servers.
Thanks,
Evan
On 5/13/05, Stephen Henson via RT [EMAIL
Please find below a patch, with spec reference, against OpenSSL 0.9.7g.
It could be argued that XMLENC spec is wrong in insisting on unpredictable
values for the padding because this allows padding to be used as a
covert channel. However, to deploy interoperable implementations it seems
Hi,
I've created the RT entry above before noticing that I cannot further edit
it, sorry! Here are the relevant details to add:
The function X509_NAME_add_entry has the following bug: When called with
loc == 0 and set == 0, the local variable inc is set using inc =
(set == 0) ? 1 : 0; after
Hi,
an additional bug in the same function, triggered with the same setup:
The loop for incrementing the set value (near the end of the function)
has to increment at index i and not at index i-1.
Regards, Frank
__
OpenSSL
There doesn't seem to be any documentation in the .pod files of the
SSL_CTX_set_default_paths function or of the environment variables
SSL_CERT_FILE and SSL_CERT_DIR which can change the value it
returns. This came up recently in discussion on the wget list. The
wget file retriever does not use
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager [EMAIL PROTECTED]
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager [EMAIL PROTECTED]
We are using Stunnel and stunnel implements openssl, and there is a case
where it loops hard on retrying SSSL_shutdown.
Basically I am wondering if this is a known (fixed?) problem.
On Solaris, truss shows this:
18416: lwp_sigredirect(0, SIGPIPE, 0x) = 0
18416: write(13,
Hi,
Somewhen between 0.9.7 and 0.9.8 (I first noticed it around 6 months ago),
PKCS12 creation was refactored, and the new code left out the pkcs12 -CSP
implementation (the option is still accepted, but does nothing useful). I'm
not sure if this was intentional or not, but I didn't see that
Hi,
unfortuately openssl 0.9.7 apps seem to be broken wrt. EVP_get_digestbyname.
E.g.:
===
openssl dgst -md5
unknown option '-md5'
options are
-c to output the digest with separating colons
..
I have now built the snapshot from 20050105 for mingw. The 0.9.7 stable
code builds and tests fine, with or without FIPS. The 0.9.8 code,
however, fails the test suite at the end of test_ssl. The same error
occurs when built with or without the assembler code. I am not sure
where to go with this.
While NetBSD/amd64 has integrated OpenSSL, there is no support for
those wishing to track the master release (the version in the NetBSD
tree also doesn't take advantage of bn's x86_64-gcc.c optimizations,
which result in a huge performance improvement.
I've enclosed a patch to Configure that
I have tested current source code for the 0.9.8 version and the 0.9.7
version (fips and non-fips) with DJGPP. The attached patches allow
building under DJGPP. In addition to a few substantive fixes, I put in
a number of minor fixes to get rid of gcc warnings when compiled with
-W, such as putting
Platform: OSSL 0.9.7e
Description:
If a X509_NAME structure is modified using X509_NAME_ENTRY_set_data(
X509_NAME_get_entry(..), .. ), the modified bit isn't set, which may cause
a coherency problem.
Reproduction steps:
1) Setup and sign a self-sign certificate.
2) Change that certificate's
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
Our server presents a certificate signed by a self-signed CA certificate.
The self-signed CA certificate is stored in /usr/local/ssl/certs
together with verisign etc. and c_rehash done.
openssl s_client -connect host:port
does not even try to find the CA certificate in the default CApath
Hi,
openssl-0.9.7e does not install on an AIX 5.1 system because of the
following errors:
make fails with
fips_rand.c, line 59.9: 1506-236 (W) Macro name _XOPEN_SOURCE_EXTENDED
has been redefined.
The definition of _XOPEN_SOURCE_EXTENDED in fips/rand/fips_rand.c should
be made conditional i.e
Hi Thomas,
I was just cleaning out the spam, and noticed your message...
My solution to the cobalt Raq3 problem was to ditch the cobalt OS. The
thing is so obsolete as to be virtually unusable anyway. For example, the
new version of GCC won't compile using the existing GCC. And most software
Has anyone encountered this error,
D:\Working\openssl-0.9.7enmake -f ms\ce.mak
Microsoft (R) Program Maintenance Utility Version 6.00.8168.0
Copyright (C) Microsoft Corp 1988-1998. All rights reserved.
Building OpenSSL
clarm.exe /Fotmp32_ARMV4\bss_file.obj -Iinc32 -Itmp32_ARMV4 /W3
i try to make a dgst of a 40Gb file, but when the openssl binary try to
fopen the file, it's fail ..
i think the problem was the fopen, maybe it's dont use the open (2) with
the option O_LARGEFILE..
can you fix it ?
thanks, R.
Hi,
I tried to compile openssl-0.9.7e as usual, however since version e
it fails with:
..
+ gcc -shared -o libfips.so.0.9.7 -Wl,-soname=libfips.so.0.9.7 -Wl,-Bsymbolic
-Wl,--whole-archive libfips.a -Wl,--no-whole-archive -L.
-L/export/scratch/build/root4build/usr/lib -ldl -lc
gcc: libfips.a:
Here goes:
[EMAIL PROTECTED] misc]# ./CA.pl -newreq
Generating a 1024 bit RSA private key
.++
++
writing new private key to 'newreq.pem'
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
-
You are about to be asked to enter
openssl 0.9.7e fails to build under SunOS 4.1.4 because memmove is
missing. This can be fixed by including e_os.h in crypto/aes/aes_cfb.c
and crypto/des/cfb64ede.c.
These two bugs are similar to the one in bug report openssl.org #715
Context diffs appended.
Craig
; on Wed, 27 Oct 2004
22:44:56 +0200 (METDST), [EMAIL PROTECTED] via RT
lt;[EMAIL PROTECTED]gt; said:BRBRrtgt; This may be old news, but
there is a typo in openssl.cnf included withBRrtgt; the latest
version of openssl that will error out the cert creation.BRrtgt;
BRrtgt; line 46 is: BRrtgt; private_key
PROTECTED]
via RT wrote:BRgt; BRgt; lt;divgt;I have had trouble
withamp;nbsp;several versions of RedhatBRgt;
-amp;nbsp;RHEL3,amp;nbsp;Fedora core 1 and 2, and RH9. I had no
issuesBRgt; compiling the package, however when trying
toamp;nbsp;sign the certsBRgt; openssl would error out with this
message:lt
Preceeding the comment line in openssl.cnf with a white space fixed my
troubles. Before making this correction openssl would error out while
signing the certificate. There are no other factors that could have
contributed to this fix as adding the white space was the only thing I
did. I will
This may be old news, but there is a typo in openssl.cnf included with
the latest version of openssl that will error out the cert creation.
line 46 is:
private_key = $dir/private/cakey.pem# The private key
should be:
private_key = $dir/private/cakey.pem # The private key
I have seen
I'm having exactly the same signal 11 problem with my make test. And, I
have the same configuration (Windows 2000, latest Cygwin, and
openssl-0.9.7d). Similarly, configure and compile both worked fine.
Please let me know if you find the solution...
Thanks,
Shawn
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
On Mon, 6 Sep 2004, Doug Kaufman wrote:
On Mon, 6 Sep 2004, Andy Polyakov wrote:
(Gisle Vanem wrote)
To be able to use SSE2 code on a Pentium 4(?) , you need to add
-DOPENSSL_IA32_SSE2 -DOPENSSL_CPUID_OBJ and have an up-to-date
version of as. (v2.13?).
./Configure should
Hi,
I've been working with the BIOs again and I was thinking: wouldn't having
a BIO_FP_BINARY flag fix this problem? Right now, OpenSSL always calls
setmode but wouldn't it be better if it only changed the FILE*'s original
mode when specified? Or would this break something else?...
--Steve
On Mon, 30 Aug 2004, Andy Polyakov wrote:
a comment, just go ahead. What I thought to comment on is following
RAND_poll code.
+#ifdef __DJGPP__
+int RAND_poll(void)
+{
+ long rnd = 0;
+ int i, rnd1 = 0;
+ unsigned char buf[ENTROPY_NEEDED];
+
+ for (i = 0; i
Sirs,
I am getting a message stating to Install Perl 5 when I run config on a
SUN V880, Sun OS 5.9. I have installed Perl 5.6.1, and he is defined to
$PATH at /usr/bin. Any ideas?
Thanks,
David Gott
__
OpenSSL Project
Here is a patch to allow 0.9.8 (snapshot from 20040808) to compile for
mingw without errors or warnings, when compiled using Cygwin and the
-mno-cygwin switch. This is intended to be applied after applying the
patch I submitted for DJGPP (rt #932).
Once again I added the -fno-strict aliasing
Attached is a patch allowing 0.9.8 to compile on DJGPP. The main DJGPP
change is to put in the same RAND_poll code that I submitted for
0.9.7. The other changes are more general.
The changes to Configure involve putting back the information
on excluded algorithms to $flags and $depflags.
Here is a revised patch for DJGPP compatibility on 0.9.7-stable. I
think this takes care of the problem with the patch breaking Makefiles
on other platforms. I also removed the egd code, since it really
didn't work on DJGPP/WATT-32. Revised patch also copied to the US Bureau
of Industry and
The recent code changes with fips created incompatibility with the
DJGPP port of 0.9.7. The attached patch fixes those problems caused
by different path separators (; vs :) and by the differentiation
in handling of binary and text mode files. In addition, 386 was
associated with elf assembly
It has been about 11 months since I last compiled openssl for mingw. I
found several problems when compiling 0.9.7-stable which are addressed
by the attached patch. This is against the 20040725 snapshot.
1. The current version of gcc defaults to using -fstrict-aliasing
with -O2 or greater, but
Hello,
Version:
openssl-0.9.7d
Problem:
Unable to compile OpenSSL with uClibc for an ARM platform.
I had to apply the following patch to the Configure script in order to get it working.
Otherwise it won't find the dlopen and friends:
--- ./Configure 2004-03-12 22:24:44.0 +0100
+++
On June 11, 2004 03:00 am, Jack Lloyd via RT wrote:
Summary: Threaded applications using the AEP engine break badly on
Linux.
I see. The problem seems more about the model used by AEP though. Ie. we
could use CRYPTO_thread_id() instead of getpid() (because unless
CRYPTO_set_id_callback() is
On June 11, 2004 10:34 am, Richard Levitte - VMS Whacker wrote:
rt I see. The problem seems more about the model used by AEP though.
rt Ie. we could use CRYPTO_thread_id() instead of getpid() (because
rt unless CRYPTO_set_id_callback() is called, this devolves into
rt getpid() anyway).
And
Hi i am trying to install open ssl
version
2798433 Mar 17 13:13:26 2004 openssl-0.9.7d.tar.gz (PGP sign) [LATEST]
i am getting below error messages
Great. Thanks!
/Sam
On Tue, 2004-05-11 at 17:24, Matthew Natalier wrote:
This looks like a bug which has already been discussed in the mailing
list, and fixed.
The diff is here:
http://cvs.openssl.org/filediff?f=openssl/crypto/pkcs7/pk7_doit.cv1=1.50.2.8v2=1.50.2.9
Further discussion
output word alignment test 0 1 2 3
fast crypt test
OSSL_LIBPATH=`cd ..; pwd`;
LD_LIBRARY_PATH=$OSSL_LIBPATH:$LD_LIBRARY_PATH; D
YLD_LIBRARY_PATH=$OSSL_LIBPATH:$DYLD_LIBRARY_PATH;
SHLIB_PATH=$OSSL_LIBPATH:$
SHLIB_PATH; LIBPATH=$OSSL_LIBPATH:$LIBPATH; if [ Cygwin = Cygwin ];
then
Type: BUG
Version: 0.97d
Brief: When the password callback fails, a X509_SIG is not released.
When the callback fails, the execution goes to the err label, skipping
the X509_SIG_free(p8). (pem_pkey.c:104)
__
OpenSSL
I found your names on the openssl archives when I searched for info on ttls. The
developer of OpenVPN, which uses OpenSSL, has said OpenVPN will use TTLS in addition
to TLS if OpenSSL uses it. I wanted to see if you could point me at any information on
if/when this would happen.
Thank you,
Type: BUG
OS: WinCE 3.0
Platform: MIPS Pocket PC
Version: 0.97d
Brief: Pocket PC for MIPS doesn't contain/support io.h
Descr: Due to the usual WinCE-Win32 parade of incompatibilities,
BIO_set_fp ends up using an unsupported function, _setmode. This can cause
a compile problem or even a
To stop the PEM_reads from crashing, I've added:
#if _WIN32_WCE 400 defined _MIPS_
# define _setmode( fd, m ) ( -1 )
#endif
under e_os.h:247
# ifdef OPENSSL_SYS_WINCE
#include winsock_extras.h
# endif
The hardware platforms should probably be _MIPS_ OR _SH3_
I agree with closing the issue - I believe the session caching problem
is in mod_ssl
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Geoff Thorpe
via RT
Sent: Wednesday, March 24, 2004 9:45 AM
To: Avery, Ken
Cc: [EMAIL PROTECTED]
Subject: [openssl.org
I apologize for my first rt bug report, it was missing some important
details.
this was the 0.9.7d version of the source tarball.
compilier was gcc.something.really.old.that.vxworks.still.uses compiling for
PPC (if that matters but i don't think it does).
the S_IBLK code section mentioned was
Richard,
Thanks for the email.
Libeay32 linked fine. I got the problems when linking ssleay32. It
complained about 2 unresolved symbols. I ended up copying the
asn1_lib.obj line from the CRYPTOOBJ dependency section and pasting it
into the SSLOBJ dependency section. That seemed to solve the
Richard,
I guess you are right.
I downloaded the latest openSSL (SNAP-20040322) and went through the same
steps as before. I did not have to modify ntdll.mak at all. So disgregard
my previous report about unresolved symbols.
I did have to remove ENGINE_load_gmp from ms\libeay32.def and
OpenSSL Folks,
I want to take a few moments to document a few MS Windows compile issues
with the openssl-SNAP-20040318. I know it is now 2 days old, but I don't
have the heart to download today's snapshot and try it out. Sorry.
My system: Windows XP, Microsoft Visual C++ 2002
What I did:
Type: REQ
OS: WinNT
Version: 0.97c
Brief: A text mode FILE* will result in a binary BIO with BIO_set_fp.
Descr: This seems to make sense since BIO_set_fp also takes in text mode
flags along with the FILE*, but on the PEM_write_xx FILE* fns, there is no
way to set the text flag when passing
Type: BUG
OS: WinNT
Version: 0.97c
Brief: PEM_read_bio_PrivateKey doesn't set the EVP_PKEY pointer when
reading a unencrypted private key.
Descr: When reading an unencrypted private key with:
EVP_PKEY *key = NULL;
PEM_read_bio_PrivateKey( ..., key, ... )
PEM_read_bio_PrivateKey enters the
Attached is a patch to add a -issuerhash command to openssl x509
(against 0.9.7c)
/Sam
--
Sam Meder [EMAIL PROTECTED]
The Globus Alliance - University of Chicago
630-252-1752
__
OpenSSL Project
on SunOS 4.1.4/sparc gcc 2.95.3 -
if [ = hpux-shared -o = darwin-shared ] ; then \
gcc -o destest -I.. -I../include -DOPENSSL_SYSNAME_SUNOS -DOPENSSL_NO_KRB5
-DOPENSSL_NO_ASM -O3 -mv8 -Dssize_t=int destest.o ../libcrypto.a ; \
else \
LD_LIBRARY_PATH=..:$LD_LIBRARY_PATH \
gcc -o
on SunOs 4.1.4/sparc with gcc 2.95.3,
CFLAGS='-O3 -pipe' ./config shared no-asm
making all in test...
make[1]: Entering directory `/sd3/e/ftp/pub/net/openssl-0.9.7c/test'
[...]
if [ = hpux-shared -o = darwin-shared ] ; then \
gcc -o destest -I.. -I../include -DOPENSSL_SYSNAME_SUNOS
OS: HPUX 11.11
SSL: 0.9.7c
in hw_atalla.c if atalla_init goes to err: after a successful DSO_load
then atalla_dso is freed but not reset to 0.
On HPUX 11.11 this can cause problems where later use of atalla_dso
cause a CRYPTO_w_LOCK() to change an aligned RSA pointer to unaligned
Hi!
I have the same problem, do you already have a solution?
If not, and you are interessted: I`d like to work with you on this...
maybe together we will find a solution...
daniel
Daniel Tieber
Software Entwicklung
bit media e-Learning solution
a Siemens Company
Kaerntner Strasse 294, A-8054
Hello,
on AIX 4.2.1 with gcc OpenSSL 0.9.7c fails to link with an undefined
symbol. I used ./Configure using aix-gcc, setting threads and
-D_REENTRANT
making all in apps...
rm -f openssl
if [ = hpux-shared -o = darwin-shared ] ; then gcc -o
openssl -DMONOLITH -I..
i was wondering why `openssl des -e -out file` produces a zero sized
file and exits with 0.
so i straced it:
[...]
write(3, |[EMAIL PROTECTED],..., 32768) = -1 ENOSPC (No space left on device)
read(0, 0\234\224\7F8\201\250F\224(\324+\250~}\347\366\372r\343..., 8192) = 2048
read(0, , 4096)
On Sat, 25 Oct 2003 [EMAIL PROTECTED] wrote:
I'm sorry this has taken so long, but the rt tab on the home page had
escaped my notice, so I didn't know where to send the change. :-)
I'm working on a project that is using X509 certs for custom uses. As a
part of this, I've experimented with
This time with the diff attached.
Take care,
Bill
-- Forwarded message --
Date: Wed, 17 Dec 2003 22:25:47 -0800 (PST)
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Cc: William Studenmund [EMAIL PROTECTED]
Subject: extending openssl config to add X509v3 extension support
On
I first saw the following coding problems when using 0.9.6i, but they are
still there in the current 0.9.7 snapshot. I'm using Microsoft Visual
Studio 6 but these problems are not related to the compiler:
(1) crypto\asn1\a_mbstr.c, function ASN1_mbstring_ncopy() -- local variable
'outlen' is
On Tue, 9 Dec 2003, Andy Polyakov wrote:
appears appropriate under this ABI. But keep in mind that OpenSSL is not
exclusively about Linux and we have to think of a common denominator
oh don't worry -- those ELF ABI calling conventions are used on all x86
unix (and are essentially the same if
On Tue, 9 Dec 2003, Nils Larsch via RT wrote:
Wouldn't it be better to include the call to the run-time detection
function in a global init function (like OpenSSL_add_all_algorithm)
instead of including it in BN_new BN_init ?
yeah that would be better :) assuming everyone has to call that
[note -- i changed the cc to rt because there's something preventing me
from posting to openssl-dev... and rt seems to be one way for me to get my
messages through.]
On Mon, 8 Dec 2003, Andy Polyakov wrote:
details and a patch are available at
http://arctic.org/~dean/crypto/rsa.html
Being
i've added a second patch
http://arctic.org/~dean/crypto/openssl-0.9.8-CVS-bn-sse2-v2.patch -- the
second patch includes run-time detection of SSE2 and selects between two
implementations of bn_mul_add_words so that it can be used in a general
purpose distribution.
this one needs some attention
Hi there,
On December 2, 2003 06:29 pm, Verdon Walker wrote:
Should OpenSSL formalize a mechanism for cleaning up global library
resources? Or is it sufficient to let the OS do that work?
I've got way too much on my plate right now to do anything more than make
a passing comment, but that
Hi,
when i run ./config i get:
Operating system: sun4u-sun-solaris2
./config: test: unknown operator (GCC)
then on running make i get:
making all in crypto...
( echo #ifndef MK1MF_BUILD; \
echo /* auto-generated by crypto/Makefile.ssl for crypto/cversion.c */; \
echo #define CFLAGS \cc
OpenSSL version 0.9.7c
OpSys: SunOS boost 5.8 Generic_108528-15 sun4u sparc SUNW,UltraAX-12
Hi.
The hw_cswift.c(cswift_rand_bytes) has a note in a comment stating that
CryptoSwift
accelerator card can only deal with requests that are even 32 bit (4 byte)
multiplies;
The function AES_cbc_encrypt has a bug when its input and output
parameters are the same which causes it to incorrectly update the IV.
All other OpenSSL ..._cbc_encrypt functions happily accept
input==output, I don't see a valid reason why AES would be the
exception. The attached patch fixes
Feature Request: Would it be please possible in some future OpenSSL
release to use the same name for libssl when converted into a DLL
regardless of the used compiler? MSVC currently calls it ssleay32.dll
while MinGW uses libssl32.dll.
Thank you for consideration.
Perl script Configure does not properly extract child exit value from $?
on line 1485. Proper parsing is to use the upper 8 bits of the 16-bit word
in $?. See the attached SourceForge patch 816713 for a proposed fix.
P.S. An unpleasant side-effect of this bug is that certain
OS's might not
Perl script Configure is not consistent in identifying target MinGW.
Sometimes it uses mingw, sometimes Mingw32. This causes a check on
line 920 to fail even when it should not. See the attached SourceForge
patch 816736 for a proposed fix.
Relevance: 0.9.7c, MinGW
Calling tool dllwrap in ms/mingw32.bat currently creates DLLs out of
static libraries in the current directory, instead of where they belong
(./out). The attached SourceForge patch 816957 for ms/mingw32.bat fixes
the issue by moving the DLLs into the right place
Line 7 of EVP_DigestInit.pod is the file that needs the comma between
EVP_MD_CTX_copy_ex and EVP_MD_CTX_copy
I added it to my own source but you should add it overall. Sorry for
the double posting, but not sure if anyone else has brought this to your
attention.
Jason Czech
SCSU
Also, line 8 of ui.pod needs a comma on the end, I keep finding them.
Also, this is kind of cosmetic and makes it easier, but in des_modes.pod
could you change the spaces in the name (line 5) to underscores? Spaces
break the package making process on Solaris quite quickly.
Thanks!
Jason Czech
, 2003 10:56 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: [openssl.org #709] AutoReply: OpenSSL-0.9.7c on Solaris
In message [EMAIL PROTECTED] on Wed, 1 Oct
2003
16:36:20 +0200 (METDST), [EMAIL PROTECTED] via RT
[EMAIL PROTECTED]
said:
rt Also, line 8 of ui.pod needs a comma
I've tried to create a package for OpenSSL-0.9.7c on Solaris (8 and 9) and have seen a
potential problem with the man page creation. It seems that in the man3 section the
files EVP_MD_CTX_copy and EVP_MD_CTX_copy_ex are created as one file called
EVP_MD_CTX_copy EVP_MD_CTX_copy_ex.3. I
On Sat, 27 Sep 2003, Richard Levitte via RT wrote:
I applied your changes to 0.9.8-dev and 0.9.7-stable. Thank you.
Ticket resolved.
[EMAIL PROTECTED] - Tue Jul 29 09:10:37 2003]:
These are my patches to get openssl s_client working on
MSDOS / djgpp / Watt-32.
The patch was
Hello,
compilation of openssl fails on my system. The output of
make report and make are enclosed below.
Kind regards,
Thomas Wolff
[EMAIL PROTECTED]:~/ein/download/openssl-0.9.7b: make report
Checking compiler...
Running make...
make[1]: Entering directory
Hi
File: Crypto\RSA\rsa_eay.c
Function: RSA_eay_private_decrypt
Line: 430 (blinding = setup_blinding(rsa, ctx);)
The flag 'local_blinding' is set to 1 but the memory is never freed.
TIA
Dror
__
OpenSSL Project
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
In function ssl3_send_certificate_request(), the state
is never switched to SSL3_ST_SW_CERT_REQ_B after
the handshake message is serialized.
It's a fairly minor bug, with a simple fix:
#ifdef NETSCAPE_HANG_BUG
p=(unsigned char *)s-init_buf-data + s-init_num;
/*
In function ssl3_send_client_verify(), the state
is never switched to SSL3_ST_CW_CERT_VRFY_B after
the handshake message is serialized.
It's a fairly minor bug:
*(d++)=SSL3_MT_CERTIFICATE_VERIFY;
l2n3(n,d);
s-init_num=(int)n+4;
Attached three testlog-Outputs
The Hint in INSTALL:
If a test fails, look at the output. There may be reasons for
the failure that isn't a problem in OpenSSL itself (like a missing
or malfunctioning bc).
If it is a problem with OpenSSL itself,
try removing any compiler
It seems that X509_STORE_CTX_init arbitrarily limits the depth of the
cert chain that can be checked to 9 certificates. Is this a bug, feature
(dos prevention?) or just arbitrary?
If it is a feature then it would be nice to provide a API call to modify
the default. I'll send a patch if such a
Hi,
I have found that the grep $$obj allobjs in Makefile.ssl returns more entries
than excepted. I am using 0.9.6j.
For example when processing mem.o the grep will return 2 entries:
./crypto/bio/bss_mem.o and ./crypto/mem.o. That way unexcepted objects may end
in the dynamic library.
The
Hie
I was trying to sign my own certificates after setting up Openssl
on Linux 7.0. I download the latest tar.gz file and I installed everything
without a problem.
The problem arose when I tried ti self sign my certificates
I have attched a text file of the error reported. My you please
Hi!
No patch should be required, not even AIX can be that weird. An
official specification for select() is available at
http://publibn.boulder.ibm.com/doc_link/en_US/a_doc_lib/libs/commtrf1/select.htm
Ok, is it maybe a PEBKAC. But I cannot find an explanation for the
following behavior:
I
Hello!
Since 5.2 AIX supports /dev/random and /dev/urandom. Openssl don't use it
because the select
system call works different on AIX than on linux.
As described in the following URL, the select system call expects the
number
of file describtors as first parameter in AIX. Linux expects the
I created a patch file for openssl 0.9.7a to allow the control of the kerberos
credential cache.
Regards
Markus
__
OpenSSL Project http://www.openssl.org
Development Mailing List
101 - 200 of 314 matches
Mail list logo