[openssl.org #301] Seg Fault with make test openssl 9-6g redhat 7.3 default gcc 2.4. 18 kernel

[[EMAIL PROTECTED] - Tue Oct 8 09:08:37 2002]: > using the config --prefix=/usr --openssldir=/usr/local/ssl -threads command. > I do a sucessfull make > I then run make test and get a segmentation fault. > > Please find attatched the output from a make report. > > I am using openssl 9.6g > Re

Re: [openssl.org #186] Ticket Resolved

On Thu, Oct 10, 2002 at 11:29:16PM +0200, Chris Majewski via RT wrote: > I just went to the RT URL you sent me, and I'm not clear on what > actually happened with my request. At some point someone posted > a question which was never CC'd to me. Also I'm not sure what is the > meaning of

[openssl.org #290] OpenSSL make problems

[[EMAIL PROTECTED] - Tue Sep 24 10:23:50 2002]: > Hi, > I am trying to install openssl on AIX using gcc > > GCC version - 2.95.3 20010315 (release) > AIX version - 4.3.2.0 > OpenSSL version - 0.9.7-dev > > The output of config -t is attached. > The make is not sucessful. The following is the e

[openssl.org #289] [Fwd: Bug#161359: openssl_0.9.6e-1_i386.deb reports wrong version]

[[EMAIL PROTECTED] - Thu Sep 19 12:11:15 2002]: ljaenicke@lutz:~$ dpkg -l openssl Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Installed/Config-files/Unpacked/Failed-config/Half-installed |/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad) ||/ Name

Re: [openssl.org #288] session reuse: getting "old session cipher not returned" errors

On Wed, Sep 18, 2002 at 09:09:41AM +0200, Steve Haslam via RT wrote: > > On Wed, Sep 18, 2002 at 02:58:53AM +0100, Steve Haslam wrote: > > So, according to ssldump, the "cipherSuite" entry in the ServerHello is the > > same the second time round. Is it a problem that the client seems to be in >

Re: [openssl.org #278] Open SSL Install Question

On Thu, Sep 12, 2002 at 07:45:19PM +0200, M Manzo via RT wrote: > Thanks for your earlier response. I have one last question. I have an > application that requires me to install OpenSSL V0.9.1C or higher. I'm > currently using Red hat 7.3, which comes preinstalled with a limited version > of O

Re: [openssl.org #284] openssl 'make' problems

On Thu, Sep 12, 2002 at 05:01:32PM +0200, [EMAIL PROTECTED] wrote: > I am having the following problems on an HP-UX 11.0 box, when installing > openssl. > making all in crypto... > cc -I. -I../include -DTHREADS -D_REENTRANT -DDSO_DL -DCFLAG=+z > -D_REENTR > ANT +O3 +Optrs_strongly_typed +

[openssl.org #280] error msg making openssl

[[EMAIL PROTECTED] - Wed Sep 11 10:46:32 2002]: > I'm sorry I can't understand what you mean. > > Is what you mean that I > need to reinstall GCC on higher version ? > > Before I make openssl, I > tried to install GCC on higher version. > But it didn't work.(It also > had problem when making..

[openssl.org #280] error msg making openssl

[[EMAIL PROTECTED] - Wed Sep 11 09:48:53 2002]: > I sent e-mail in English before. > Anyway I'm sending it again. You sent as: Content-Type: text/plain; charset="ks_c_5601-1987" Content-Transfer-Encoding: base64 This character set is not well supported by several mail clients (and by

[openssl.org #278] Open SSL Install Question

[[EMAIL PROTECTED] - Wed Sep 11 09:20:08 2002]: > I was installing Open SSL on my Linux 7.3 system and seen the >following > message at the end of the "make test" step. Does this mean the >./config > and make steps were unsuccessful? Any information you can provide >would be > hel

Re: [openssl.org #279] Solaris 2.8 issue w/ fopen in openssl-0.9.6g/crypto/bio/bss_file.c

On Wed, Sep 11, 2002 at 09:21:09AM +0200, Craig Kaes via RT wrote: > OPEN_MAX, the max # of fds allowable to me is honored by fopen and on > BSD and Gnu this value tracks ulimit values. On Solaris, tho, it > appears hard coded. To wit: > > [craigk:~/tmp/fopen]$ cat foo.c > #include > #inclu

Re: [openssl.org #277] COMP_zlib Problem

On Mon, Sep 09, 2002 at 10:43:51AM -0500, Kenneth R. Robinette wrote: > If one calls COMP_METHOD *comp = COMP_zlib(), the first time this > call is made, a valid COMP_METHOD is returned, and the comp->type is > set correctly. However, if you make the call a second time, a valid > COMP_METHOD

Re: [openssl.org #276] How to get session id for external session cache in openssl

On Tue, Sep 10, 2002 at 08:52:42AM +0200, Leif Thuresson via RT wrote: > > I want to implement an external session cache with openssl > but I can't find a function that will give me the session id when > storing a new session in the cache. > According to the man pages the get-session-callback us

[openssl.org #263] Apparently Missing "OpenSSL_add_all_algorithms" in 0.9.7-beta3

[[EMAIL PROTECTED] - Sun Sep 1 19:01:48 2002]: > In compiling MySql-4.0.2-alpha, I get the following error messages > related to OpenSSL shown below. > > Using STRINGS to check the differences between OpenSSL-0.9.6a and > OpenSSL-0.9.7-beta3 shows "OpenSSL_add_all_algorithms" in 0.9.6a but >

[openssl.org #268] Very minor documentation patch

[[EMAIL PROTECTED] - Wed Sep 4 21:15:50 2002]: ... > The comments above say "URI", but the example shows "URL". Thanks, fixed. Best regards, __ OpenSSL Project http://www.openssl.org Development

Re: [openssl.org #270] API: certificate chain handling incomplete

On Thu, Sep 05, 2002 at 09:36:09AM +0200, Tom Wu via RT wrote: > > I noticed that that the functions SSL_CTX_use_certificate_file and > SSL_CTX_use_certificate_chain_file are available for use with an SSL_CTX > *, yet there is no "chain" version available to set with an SSL *, only > SSL_use_

Re: [openssl.org #242] man page questions

On Thu, Aug 22, 2002 at 09:08:11AM +0200, Lance Zhang via RT wrote: > I installed openssl-0.9.6g on my Soloris machine. > I typed in 'man BIO_write' and I got 'No manual entry > for BIO_write.' I had to type in 'man BIO_read' to see > the man page for BIO_write. And it took me quite a > while t

[openssl.org #214] Regarding query on OPENSSL

[[EMAIL PROTECTED] - Mon Aug 12 17:59:26 2002]: > This mail is regarding CERT-23 that was reported recently. > > As per the CERT, to fix the reported vulnerabilities, either we > should > upgrade to version Openssl09.6.e or apply the patch from version > Openssl0.9.6d. Yes. >

[openssl.org #202] Help

[[EMAIL PROTECTED] - Thu Aug 8 09:43:45 2002]: > I'm trying to install open-ssh 34p1 on an Aix server, running 4.3.3.. > I compiled openssh 0.9.6d and zlib 1.1.4. on the server , and also >created > the a bff pancake using the contrib/aix/buildbff.sh script. > I can't start sshd either ins

[openssl.org #212] SSL_CTX_flush_sessions() must be called before SSL_CTX_free().

[jaenicke - Tue Aug 13 15:16:11 2002]: > On Mon, Aug 12, 2002 at 06:44:26PM +0200, Geoff Thorpe via RT wrote: > > I think it's unlikely, but I'd guess off the top of my head that > > something like the following would be less risky; > > > > if (a->sessions != NULL) > >

[openssl.org #200] wrong URL for rt in README for 0.9.7-beta3

[[EMAIL PROTECTED] - Tue Aug 6 17:38:38 2002]: > > nexus@thune[4:34pm]src/openssl/openssl-0.9.7-beta3(539) grep rt2.html README > (http://www.openssl.org/rt2.html) by mail to: > > > should be org/support/rt2 Thanks, fixed. Lutz

Re: [openssl.org #225] OpenSSL Security Advisory (30 July 2002), recompiling application s using OpenSSL, enhancement request

On Thu, Aug 15, 2002 at 04:01:57PM +0200, [EMAIL PROTECTED] wrote: > I have read your OpenSSL Security Advisory (30 July 2002), where there is > the recommendation to upgrade to OpenSSL 0.9.6e for those using 0.9.6d and > earlier. > > We are using OpenSSL version 0.9.6a-9 and OpenSSH version 2.9

[openssl.org #219] des_encrypt1 and solaris

[[EMAIL PROTECTED] - Tue Aug 13 15:43:45 2002]: > Hi There > > I was wondering if there is any current workaround or > any proposed date when the issue with des_encrypt1 > will be fixed. The problem has been fixed in the upcoming 0.9.7 release. There will not be a fix for 0.9.6x, as it might b

Re: [openssl.org #212] SSL_CTX_flush_sessions() must be called before SSL_CTX_free().

On Mon, Aug 12, 2002 at 06:44:26PM +0200, Geoff Thorpe via RT wrote: > yup, I fixed some similar things in [RSA|DSA|]_free() functions a > while ago. Those cases were more clear-cut though, because the > structures in question had virtual-function tables ("methods") with > finish() handlers (dest

Re: [openssl.org #171] packaging problems in 0.9.6e

On Thu, Aug 01, 2002 at 12:24:46PM +0200, Richard Levitte via RT wrote: > > [jaenicke - Tue Jul 30 22:25:20 2002]: > > > [[EMAIL PROTECTED] - Tue Jul 30 18:49:55 2002]: > > > > > Some of the files in the 0.9.6e tarball have restrictive > permissions > > > which prevent building and installing

[openssl.org #182] 0.9.7 engine inclusion of the IBM ICA engine

[guest - Wed Jul 31 17:55:47 2002]: > I opened this RT yesterday, but can't find it in the DB now. Geoff > Thorpe pointed out that the original patch did not use the proper error > definition. I'll have a new patch today that I'll attach to this item > that corrects this issue... I have merg

[openssl.org #179] openssl-0.9.6e under HP-UX 10.20

[[EMAIL PROTECTED] - Wed Jul 31 09:35:46 2002]: > When I type ./config under HP-UX 10.20 I get the message > > ./config[398]: test: Specify a parameter with this command. > > The problem occurs with version 0.9.6e, not with earlier versions. This problem is due to the handling of gcc-3.1 supp

Re: [openssl.org #172] 0.9.7-beta3: evp.h and compatibility defines break crypt()

On Tue, Jul 30, 2002 at 10:38:43PM +0200, Richard Levitte - VMS Whacker via RT wrote: > > In message <[EMAIL PROTECTED]> on Tue, 30 Jul 2002 19:36:18 >+0200 (METDST), "Lutz Jaenicke via RT" <[EMAIL PROTECTED]> said: > > rt> Shall we disable the crypt()

[openssl.org #171] packaging problems in 0.9.6e

[[EMAIL PROTECTED] - Tue Jul 30 18:49:55 2002]: > Some of the files in the 0.9.6e tarball have restrictive permissions > which prevent building and installing as different non-privileged > users. > > -rw--- openssl/openssl 23853 Jul 30 11:06 2002 openssl- > 0.9.6e/Makefile.ssl > lrwx--

[openssl.org #172] 0.9.7-beta3: evp.h and compatibility defines break crypt()

Due to the re-inclusion of all ciphers from evp.h, the des.h header file with the compatibility define of "crypt()" is included. If a system header file defines crypt() itself, for HP-UX this is sys/unistd.h, it must fail if included only after evp.h (or one of the other header files includinge

Re: [openssl.org #170] OpenSSLDie not exported in Win32

On Tue, Jul 30, 2002 at 04:10:45PM +0200, Richard Levitte - VMS Whacker via RT wrote: > > In message <[EMAIL PROTECTED]> on Tue, 30 Jul 2002 >15:56:30 +0200 (CEST), Richard Levitte - VMS Whacker <[EMAIL PROTECTED]> said: > > levitte> In message <[EMAIL PROTECTED]> on Tue, 30 Jul 2002 >15:26:3

Re: [openssl.org #170] OpenSSLDie not exported in Win32

On Tue, Jul 30, 2002 at 03:26:34PM +0200, Jeffrey Altman via RT wrote: > > Need to add it to the exports list. I just had a look into this thing. Ben designed the "die()" function such that it uses "cryptlib.h", which is not exported. Thus the macro "die()" and the underlying OpenSSLDie() func

[openssl.org #169] 0.9.7-b3 compile error on Win32

[[EMAIL PROTECTED] - Tue Jul 30 15:23:37 2002]: > ssl\s3_srver.c (1591) error: pms_length is not a member of > evp_cipher_st > > I believe the correct reference is > > if (enc_pms.length > sizeof pms) > > instead of > > if (enc.pms_length > sizeof pms) Thanks, fixed. Lutz ___

Re: [openssl.org #168] Ticket Resolved

On Mon, Jul 29, 2002 at 05:41:20PM +0200, Jim Beasley via RT wrote: > The syntax I am using for the Verify follows: > > openssl verify -CApath /etc/httpd/ssl.crt -CAfile > /etc/httpd/ssl.crt/ca-bundle.crt -purpose sslserver -verbose > ssl.crt/server.crt Yes, and it is working fine, isn't it?

Re: [openssl.org #168] Ticket Resolved

On Mon, Jul 29, 2002 at 05:00:21PM +0200, Jim Beasley via RT wrote: > I read all the material you suggested and get the following error when I run > verify with the -issuer_checks: > > error 29 at 0 depth lookup:subject issuer mismatch > > without the -issuer_checks, there is no error. So yo

[openssl.org #167] 0.9.7 latest snapshot...minor bug in apps\x509.c

[[EMAIL PROTECTED] - Thu Jul 25 10:22:23 2002]: > Lines 918-919: > >if (pk->type == EVP_PKEY_DSA) > digest=EVP_dss1(); > > ..should be: > > #ifndef OPENSSL_NO_DSA >if (pk->type == EVP_PKEY_DSA) > digest=EVP_dss1(); > #endif > > ...otherwise you get "unresolved externa

[openssl.org #168] Error: signed certificate in certificate chain ???

[[EMAIL PROTECTED] - Mon Jul 29 14:43:40 2002]: > Could you please help this frustrated developer with an indication of > what I am doing wrong. I have been trying to configure Apache on the > Suse Linux platform and am seeing this error: > > verify error:num19:self signed certificate in certif

[openssl.org #162] SSL_shutdown return 0 in case of SSLv3_client_method

[[EMAIL PROTECTED] - Tue Jul 23 15:07:51 2002]: > The problem is that SSL_shutdown() returns "0" with SSL_get_error() == > "SSL_ERROR_SYSCALL" in both cases. The first "0" is ok. The second "0" is not ok, it may indicate, that the peer closed the connection but did not send back the "close" mes

[openssl.org #160] openssl-0.9.7-beta2 install problem

[[EMAIL PROTECTED] - Sun Jul 21 21:58:06 2002]: > Your environment assumes something called 'pod2man'. > > installing man1/CA.pl.1 > ./pod2mantest: pod2man: not found > sh: pod2man: not found > *** Error code 1 This problem should already been fixed. Please try a recent snapshot and report, wh

[openssl.org #141] Error while writing zero-length string

[[EMAIL PROTECTED] - Fri Jul 19 11:04:22 2002]: > On Fri, Jul 19, 2002 at 10:39:21AM +0200, Martin Sjögren via RT wrote: > > A warning in the man pages for SSL_write (and probably SSL_read too) > > would a good start for this. > > I agree. Actually it should be quite easy to change OpenSSL so

Re: [openssl.org #141] Error while writing zero-length string

On Fri, Jul 19, 2002 at 10:39:21AM +0200, Martin Sjögren via RT wrote: > tor 2002-07-18 klockan 13.04 skrev Bodo Moeller via RT: > > > SSL_read() and SSL_write() are not really meant to be called with zero > > length. The return value cannot be larger than zero when this is > > done, so SSL_get

[openssl.org #146] make test fails in RC4 on Mac OS X

[[EMAIL PROTECTED] - Sun Jul 14 16:41:36 2002]: > I haven't investigated why yet but maybe it's already a known problem. > > Mark. > > OpenSSL self-test report: > > OpenSSL version: 0.9.6d > Last change: Fix crypto/asn1/a_sign.c so that 'parameters' is > omitte... > OS (uname): Da

Re: [openssl.org #145] PHP failure compile with --openssl : e_os.h don't exist in OpenSSL-0.9.7b under Solaris 2.7

On Sat, Jul 13, 2002 at 05:00:15PM +0200, Michel Mac Wing via RT wrote: > It was a bug of PHP ... > I have informed them about this and a this problem has been corrected in the latest >CVS. > > See this for more information : > http://bugs.php.net/bug.php?id=18295 Hmm. So it seems, that they w

Re: [openssl.org #145] PHP failure compile with --openssl : e_os.h don't exist in OpenSSL-0.9.7b under Solaris 2.7

On Fri, Jul 12, 2002 at 05:55:20PM +0200, Michel Mac Wing via RT wrote: > Thanks for the latest answer. > Ok, but what is your solution to compile PHP with OpenSSL (0.9.6d ?) without the >error (conflict ?) below : > > Solaris 2.7 > PHP4.2.1 or latest CVS > OpenSSL 0.9.6d I don't know for what

[openssl.org #143] pod2mantest gives wrong return value

[guest - Fri Jul 12 08:04:57 2002]: > During make install on a Solaris 2.6 with Perl 5.005_002 pod2mantest > is > called via `cd ../../util; ./pod2mantest ignore` > It complains "MultilineTest failed" and returns util/pod2man.pl > > This path does not work at this place. It should be > ../../u

[openssl.org #142] (no subject)

[[EMAIL PROTECTED] - Thu Jul 11 15:25:40 2002]: > I get error messages when I tryed to compile the latest version of > openssl. > I attach a logfile of make... The error messages indicate, that there is something odd with your gcc setup. It seems, that the assembler used cannot correctly handle

[openssl.org #127] AES draft cipher suites

[jaenicke - Wed Jul 10 08:50:56 2002]: > [bodo - Thu Jul 4 10:34:15 2002]: > > > However, it would still be a good idea to create a "NONE" cipher suite > > group alias because it is useful in the other scenarios given in the > > problem description. > > I have already worked in the cipher se

[openssl.org #127] AES draft cipher suites

[bodo - Thu Jul 4 10:34:15 2002]: > However, it would still be a good idea to create a "NONE" cipher suite > group alias because it is useful in the other scenarios given in the > problem description. I have already worked in the cipher selection routines yesterday with respect to PR#130. I wi

[openssl.org #130] openssl ciphers is broken?

Ciphers with eNULL encryption (read this: without encryption) were not covered by the bitmask for the strength classes (eNULL was not considered to be a class at all). Therefore they fell through the selection roster. That it seemed to work in some cases was just by coincidence. I have now extend

[openssl.org #135] Complie Error with OpenSSL 0.9.6 on HP-UX 10.20

[[EMAIL PROTECTED] - Wed Jul 3 16:58:21 2002]: ... The latest version of the 0.9.6 series is 0.9.6d. Does this problem still appear with this version? (HP-UX 10.20 is my build platform...) Best regards, Lutz __ OpenSSL

Re: [openssl.org #47] Re: [openssl.org #121] make test failure on mac os x

On Thu, Jun 27, 2002 at 08:35:19PM +0200, Jonathan Louie via RT wrote: > > sorry about the duplicate, the install readme didn't indicate where i > could check for open bugs. i've found it now :) perhaps the readme > should be updated? Ok, I have added the information about RT to the README an

[openssl.org #120] fyi -- /dev/random for Solaris -- Free Symptoms and Resolutions Article 27606

[[EMAIL PROTECTED] - Wed Jun 26 19:28:22 2002]: > official word from Sun about /dev/random support in Solaris9, > Solaris8, > and prior support. -GA > > http://sunsolve.sun.com/pub- > cgi/retrieve.pl?doc=fsrdb/27606&zone_32=SUNWski > cgi/retrieve.pl?doc=fsrdb%2F2

[openssl.org #121] make test failure on mac os x

[[EMAIL PROTECTED] - Thu Jun 27 08:43:17 2002]: > output of make report follows. i removed the -O3 flag from > Makefile.ssl and make test still fails as follows. ... > ./rc4test > error calculating RC4 > output: 75 b7 19 80 82 e0 c5 ef 00 > expect: 75 b7 87 80 99 e0 c5 96 00 > error calculating

[openssl.org #122] s_server "no shared cipher" error

[[EMAIL PROTECTED] - Thu Jun 27 08:46:49 2002]: > When I try to set up an SSL connection between two invocations of > the openssl command, I get a "no shared cipher" error. Since I can > set up SSL connections to web servers, I suspect that the problem is > with the openssl implementing the ser

[openssl.org #118] How to implement OPENssl on AS 400

[[EMAIL PROTECTED] - Tue Jun 25 20:51:20 2002]: > Hello friend, > I am working for IBM server technology group(U.S.) I am trying to implement > open ssl on AS400. I know it works on unix,windows,vms etc platforms but > can anybody suggest me howe to implement it on AS 400 which is IBM iseries >

Re: [openssl.org #114] openssl shared:

On Sun, Jun 23, 2002 at 04:44:07PM +0200, R.DuFresne via RT wrote: > uname -a > Linux darkstar 2.0.35 #4 Mon Dec 14 18:18:57 CST 1998 i586 unknown > > > config shared no-threads > make > make test > > works fine for openssl-engine-0.9.6b/ > > works fine for openssl-0.9.7-beta2/ > > Fails m

[openssl.org #110] Re: MDC2 inconsistancy

Ticket closed, as the problem is not reproducable with OpenSSL source. It rather seems to be a redhat problem. Best regards, __ OpenSSL Project http://www.openssl.org Development Mailing List

[openssl.org #108] Need Help

The handling of PKCS12 et al is explained in Steve Henson's excellent FAQ: http://www.drh-consultancy.demon.co.uk/pkcs12faq.html Best regards, Lutz __ OpenSSL Project http://www.openssl.org

Re: [openssl.org #104] Make fails with undefined reference

On Mon, Jun 17, 2002 at 07:43:18PM +0200, [EMAIL PROTECTED] via RT wrote: > redhat linux never upgraded libraries are rpm's glibc-2.1.92-14 and >glibc-devel-2.1.92-14. it's redhat 7.0. I think sysconf is . Some other >headers are in /usr/i386-glibc21-linux/include, and since I'm not much of

[openssl.org #1] Testing...

Testing... -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus __ OpenSSL Project

[openssl.org #96] bug in config script (gcc 3.1)

Ok, I have finally changed the gcc-recognition in config to use the -dumpversion flag. Case closed :-) Best regards, Lutz __ OpenSSL Project http://www.openssl.org Development Mailing Lis

[openssl.org #97] About 0.9.6a(b) and des_encrypt1()

[[EMAIL PROTECTED] - Fri Jun 14 22:02:06 2002]: > On Fri, 14 Jun 2002, Lutz Jaenicke via RT wrote: > > >There will not be another release of 0.9.6 before 0.9.7 will be out. > >We still maintain the 0.9.6 tree, because we anticipate that due to > >incompatible changes

Re: [openssl.org #97] About 0.9.6a(b) and des_encrypt1()

On Fri, Jun 14, 2002 at 08:34:06PM +0200, Jani Taskinen via RT wrote: > On Fri, 14 Jun 2002, Lutz Jaenicke via RT wrote: > >This problem has been resolved for 0.9.7... > > Great. > > >Is it worthwile to make a small adjustment for 0.9.6e (in case it will > >b

[openssl.org #96] bug in config script (gcc 3.1)

Different solutions have been proposed and I am not sure whether the currently checked in version will finally work. I am not sure for how long -dumpversion was supported (at least since 1994 as was reported) and I strongly consider to use -dumpversion. Richard: you seem to have a beta version

[openssl.org #89] missing prototypes for functions

Ok, I have now finished applying the patches including the changed prototypes for ASN1 using the DECLARE macro. Please test the next snapshot (or beta2, which will probably be built on Sunday evening). Best regards, Lutz _

[openssl.org #97] About 0.9.6a(b) and des_encrypt1()

[[EMAIL PROTECTED] - Fri Jun 14 12:02:20 2002]: > > >From CHANGES: > > *) Rename 'des_encrypt' to 'des_encrypt1'. This avoids the clashes > with des_encrypt() defined on some operating systems, like Solaris > and UnixWare. > [Richard Levitte] > > > Ju

[openssl.org #89] missing prototypes for functions

Ok, I have checked in your changes with some minor adjustments. Best regards, Lutz __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED]

[openssl.org #80] [Lutz.Jaenicke@aet.TU-Cottbus.DE: Re: Naina announce (was: [ANNOUNCE] OpenSSL 0.9.1 beta 1 released)]

[jaenicke - Mon Jun 10 17:42:40 2002]: > I have made some further modifications: I did not like the direct use > of > 2 23 42 for SET (even though correct of course) but wanted to build > the > tree from the root. > While doing this I noted, that the CCITT has long since been renamed > to ITU-T.

[openssl.org #95] SSL_CTX_set_client_cert_cb error ?

[guest - Thu Jun 13 10:52:54 2002]: > if this callback is > called only once, how can we assure TLS compliance ? I thought that it >should be possible > to react to a servers request by dynamically choosing from the list of >acceptable CA's > it attaches ? The certificate (and private k

[openssl.org #96] bug in config script (gcc 3.1)

[[EMAIL PROTECTED] - Thu Jun 13 08:34:54 2002]: > The "config" script needs to use "gcc -dumpversion" > instead of "gcc --version" to determine the gcc version. > gcc-3.1 outputs a bunch of text with "--version", but > just the number with "-dumpversion", which also works for > gcc-2.95. Sounds

[openssl.org #82] `NID_uniqueIdentifier' undeclared (first use in this function)

As already pointed out in additional emails in openssl-dev: * the change will stay in place, thus NID_x500UniqueIdentifier will be the macro to use starting with OpenSSL 0.9.7 * I have not activated the "original" meaning of uniqueIdentifier and it will not be done before 0.9.8 in order to pr

[openssl.org #95] SSL_CTX_set_client_cert_cb error ?

The manual page about SSL_CTX_set_client_cert_cb was simply wrong. What in hell did I smoke when writing it? Or was it simply too late at night?? Anyway, I have just checked in a new version: If a certificate was already set, the client_cert_cb will never be called. Once it is called and returns

[openssl.org #94] build Problems

[[EMAIL PROTECTED] - Tue Jun 11 19:53:21 2002]: > Hello, > I'm getting the following error when I try and build openssh-0.9.6d > while running the make command: > > cc -I.. -I../.. -I../../include -KPIC -DTHREADS -D_REENTRANT > -DDSO_DLFCN > -DHAVE_DLFCN_H -xtarget=ultra -xarch=v8plus -xO

[openssl.org #88] Encrypted alert 25.

Sorry, my explanation went into the wrong bucket :-( Here again: I have tried to access the host (and the specific URL) mentioned with the openssl s_client command line tool. I could not see anything strange. After the data (how useful is it?) is transferred, the client sends a close notify ale

[openssl.org #73] make failing under MAC OS X (darwin)

[[EMAIL PROTECTED] - Tue Jun 4 19:09:40 2002]: > cc -o openssl -DMONOLITH -I../include -fPIC -DTHREADS -D_REENTRANT -O3 > -D_DARWIN -DB_ENDIAN openssl.o verify.o asn1pars.o req.o dgst.o dh.o > dhparam.o enc.o passwd.o gendh.o errstr.o ca.o pkcs7.o crl2p7.o crl.o > rsa.o rsautl.o dsa.o dsaparam.

[openssl.org #92] Prototypes SSL_write() & SSL_read() problem in openssl/ssl.h for 64-bit applications

[[EMAIL PROTECTED] - Tue Jun 11 09:11:38 2002]: > I believe that this last parameter needs to be of type size_t. The problem is not solved by changing the calls to SSL_read() and SSL_write(). These functions call internal functions which again call other internal functions and so on. All of th

Re: [openssl.org #80] [Lutz.Jaenicke@aet.TU-Cottbus.DE: Re: Naina announce (was: [ANNOUNCE] OpenSSL 0.9.1 beta 1 released)]

On Wed, Jun 05, 2002 at 09:33:25AM +0200, Vadim Fedukovich via RT wrote: > patch to add SET-specific objects is attached. It's rather large, > still it would let to build Naina without modifying openssl code. I have made some further modifications: I did not like the direct use of 2 23 42 for SE

[openssl.org #90] Empty fragments sent to prevent CBC known IV attack breaks compatibility

The change introduced in OpenSSL 0.9.6d to prevent attacks on CBC ciphers with known IVs seems to break compatibility. Several discussions on the list and discussions I had in private email indicate, that compatibility problems arise from this change. It should be discussed, whether there is an

Re: [openssl.org #82] `NID_uniqueIdentifier' undeclared (first use in this function)

On Thu, Jun 06, 2002 at 12:39:50PM +0300, Mike Pechkin wrote: > On Thu, Jun 06, 2002 at 09:46:28AM +0200, Lutz Jaenicke via RT wrote: > > > > Also, markus@ created this temp patch: > > > +@@ -102,6 +104,13 @@ > > > + !ERROR This module requires OpenSS

Re: [openssl.org #82] `NID_uniqueIdentifier' undeclared (first use in this function)

On Thu, Jun 06, 2002 at 11:27:11AM +0300, Mike Pechkin wrote: > On Thu, Jun 06, 2002 at 09:46:28AM +0200, Lutz Jaenicke via RT wrote: > > > > For instance, mod_ssl 2.8.8-1.3.24 use workaround: > > > #ifndef NID_uniqueIdentifier > > > #define NID_uniqueIdenti

[openssl.org #82] `NID_uniqueIdentifier' undeclared (first use in this function)

[[EMAIL PROTECTED] - Thu Jun 6 08:55:05 2002]: > On Wed, Jun 05, 2002 at 03:10:58PM +0200, Lutz Jaenicke via RT wrote: > > > > [[EMAIL PROTECTED] - Wed Jun 5 14:48:52 2002]: > > > > > ck_ssl.c: In function k_tn_tls_negotiate': > > > ck_ssl.c:3232:

[openssl.org #83] Pseudonym

Thanks, the new OID has been added for 0.9.7 and later. Best regards, Lutz __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automa

[openssl.org #82] `NID_uniqueIdentifier' undeclared (first use in this function)

[[EMAIL PROTECTED] - Wed Jun 5 14:48:52 2002]: > ck_ssl.c: In function k_tn_tls_negotiate': > ck_ssl.c:3232: ID_uniqueIdentifier' undeclared (first use in this > function) > ck_ssl.c:3232: (Each undeclared identifier is reported only once > ck_ssl.c:3232: for each function it appears in.) > c

[openssl.org #72] [Fwd: Bug#135297: Typo in SSL_CTX_set_cert_store(3ssl)]

Thanks, fixed. Lutz __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECT

[openssl.org #30] util/pod2man.pl incorrectly processes manual pages

[levitte - Thu May 30 08:55:23 2002]: > I just realised that the only reason we have utils/pod2man.pl was to > make it simple for sites that had older versions that didn't process > the L<...|...> construct properly. > > It seems to me that we could simply remove utils/pod2man.pl and have > Mak

[openssl.org #59] 0.9.7 EVP manual pages incomplete

The manual pages about the EVP wrapper do not reflect the complete history. Example: EVP_DigestInit.pod contains the function EVP_MD_CTX_init and a HISTORY section, but it does not mention, that the function was only added in 0.9.7. As especially the EVP interface has been significantly enhanced

[openssl.org #53] RE: Certificate

You may want to look into the details of the certificate and make sure, that the required trust settings are activated. It is not enough to simply have the certificate, but you also have to trust it. If this doesn't help, please ask this question on the openssl-users list. Best regards,

[openssl.org #54] Compilation error m68k-next-openstep4

Obviously in enginetest.c the strdup() -> BUF_strdup() migration was forgotten. I'll assign this to Richard, who takes care of the 0.9.6-engine branch. Best regards, Lutz __ OpenSSL Project

[openssl.org #40] util/cygwin.sh has wrong permissions

Thanks, I have fixed it in the repository. Best regards, Lutz __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Mana

[openssl.org #45] make test failed

Thanks, ticket closed, Lutz __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAI

[openssl.org #30] util/pod2man.pl incorreclty processes manual pages (was: SSL_shutdown.3 makewhatis failure under IRIX)

[[EMAIL PROTECTED] - Mon May 13 10:12:44 2002]: > Yes, this was from http://www.openssl.org/source/openssl-0.9.6c.tar.gz The problem is not in the actual manual pages. The manual pages are in POD format and are converted to the .man format using the util/pod2man.pl script. pod2man is also avail

[openssl.org #38] doc bug in doc/apps/x509.pod

Thanks, I have fixed the problem. I have found the missing =over 4 directly before the =back. Best regards, Lutz __ OpenSSL Project http://www.openssl.org Development Mailing List

[openssl.org #37] Server-Client (SSL & nonSSL)

[[EMAIL PROTECTED] - Wed May 15 13:25:14 2002]: > Hi! > > i use Your project in my Client-Server project. > For example, my Server calls BIO functions to use opened socket > for handshaking , after that init_ssl_connection and everything works fine. > But what will happen if i'll try to use cli

[openssl.org #29] -Wl,-Bsymbolic in 0.9.6d broke shared builds

[[EMAIL PROTECTED] - Sun May 12 22:48:56 2002]: > JFYI, when updating our package from 0.9.6c to 0.9.6d I've noticed > that the new shared libcrypto library doesn't work anymore. The > openssl(1) binary wouldn't recognize any of the block ciphers. I > tracked this down to the addition of -Wl,-

[openssl.org #26] 64 bit Suse Linux on PowerPC

Thanks. I have added a corresponding entry into "config". Please check out a new snapshot for correct behaviour. Best regards, Lutz __ OpenSSL Project http://www.openssl.org Development M

[openssl.org #26] 64 bit Suse Linux on PowerPC

[[EMAIL PROTECTED] - Thu May 9 22:13:32 2002]: > I am trying to compile on a 64 bit Suse sles7 powerpc system. > the error message indicates > > -m486 > > is an invalid compiler parameter. Anyone know the parameters I need to give > ./config to > get it to work for 64 bit Suse on a powerpc???

[openssl.org #18] missing semicolon in Makefile.org

I have added the missing ";" for 0.9.7-dev and -dev. We had no reports for 0.9.6d-beta1, even though the problem seems to be in it, too. I however don't want to break that version just minutes before it is released. Best regards, Lutz _

[openssl.org #16] openssl-engine-0.9.6d-beta1 crypto/Makefile.ssl patch

[[EMAIL PROTECTED] - Wed May 1 12:20:35 2002]: > ! echo " #define DATE \"`date`\""; \ > ! echo " #define DATE \"`LC_TIME=C date`\""; \ Is anybody aware of a platform on which this would cause trouble? Best regards, Lutz

[openssl.org #17] enahancement request - support intel icc for building

[[EMAIL PROTECTED] - Wed May 1 20:09:16 2002]: > I we compile with intel icc using intels math library libimf.a, it would > probably boost performance a lot. > > Intel's compiler version 6.0 is available for non commercial use. Hmm. Should not be too difficult to create a new entry for "Conf

<    1   2   3