OpenSSL Usage

2002-03-02 Thread Michele Lim 

Hi,
I don't have much time to do my research and my understanding of SSLTLS is
very limited.  Have some questions to get started on using it.  I am trying
to port SSLTLS under win2k for http connection security.  Please point me
to the right directions so that I may have more focused questions.  I tried
to download one of your .tar files and found many versions of install.exe
and readme files, I don't have time to go over them all.

Thanks,
Michele Lim
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: [PATCH] config mod for crays

2002-03-02 Thread Bodo Moeller 

On Fri, Mar 01, 2002 at 12:22:45PM -0600, Wendy Palm wrote:

 the various architectures available from cray are
 c90, j90, t90, t90IEEE, sv1, ymp and t3e.
 
 t3e runs unicosmk, the rest run unicos.
 
 for openssl, the cray t3e requires different compile options
 than the other machines.  (these are correct in Configure for cray-t3e).
 c90, j90, t90, T90IEEE, sv1 and ymp require the compile options
 current set as cray-t90-cc in Configure.
 
 cray-c90-unicos
 cray-j90-unicos
 cray-t90-unicos
 cray-t90ieee-unicos
 cray-sv1-unicos
 cray-ymp-unicos
 cray-t3e-unicosmk
 
 are all the different possible machine-architecture-os combinations at this time.

Actually the words 'machine' and 'architecture' appear to have a
different (reversed) meaning in 'config': The first usually is what
'uname -m' prints, so for example there's 'sun4u-sun-solaris2'.

 we at cray consider the j90 to be the base machine type for all the unicos
 machines. 

In 'Configure', we have entries 'cray-t90-cc' and 'cray-t3e'.  (Your
'config' patch referrred to 'cray-t90', which does not exist in
'Configure'.)

Given that j90 is considered the base machine type, should the former
configuration be called 'cray-j90-cc' (or simply 'cray-j90') instead?


For the names currently used in 'Configure', the following patch to
'config' (as found in the 0.9.6-stable snaphot) should be OK:

Index: config
===
RCS file: /e/openssl/cvs/openssl/config,v
retrieving revision 1.64.2.18
diff -u -u -r1.64.2.18 config
--- config  2002/02/14 12:29:02 1.64.2.18
+++ config  2002/03/02 15:15:46
@@ -310,6 +310,13 @@
exit 0
;;
 
+*CRAY T3E)
+   echo t3e-cray-unicosmk; exit 0;
+   ;;
+
+*CRAY*)
+   echo t90-cray-unicos; exit 0;
+   ;;
 esac
 
 #
@@ -591,6 +598,8 @@
   mips-sony-newsos4) OUT=newsos4-gcc ;;
   *-*-cygwin_pre1.3) OUT=Cygwin-pre1.3 ;;
   *-*-cygwin) OUT=Cygwin ;;
+  t3e-cray-unicosmk) OUT=cray-t3e ;;
+  t90-cray-unicos) OUT=cray-t90-cc ;;
   *) OUT=`echo $GUESSOS | awk -F- '{print $3}'`;;
 esac
 





-- 
Bodo Möller [EMAIL PROTECTED]
PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html
* TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt
* Tel. +49-6151-16-6628, Fax +49-6151-16-6036
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

DES_INT should be more default than not?

2002-03-02 Thread Richard Levitte - VMS Whacker 

After some discussion with OpenBSD folks, I've been convinced that
DES_INT should be norm rather than not on most platforms, since int is
32 bits most often, at least on 32- and 64-bit architectures.  The
blatant exception that I know of would be DOS, where int is usually a
16-bit quantity, and where DES_LONG should be 'unsigned long' rather
than 'unsigned int'.

As far as I know, DES_LONG is supposed to be a 32-bit quantity.  Have
I gotten this wrong?  If not, I'll make appropriate changes to
Configure, and some problems on some 64-bit architectures may go away.

-- 
Richard Levitte   \ Spannvägen 38, II \ [EMAIL PROTECTED]
Redakteur@Stacken  \ S-168 35  BROMMA  \ T: +46-8-26 52 47
\  SWEDEN   \ or +46-733-72 88 11
Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/
Software Engineer, GemPlus: http://www.gemplus.com/

Unsolicited commercial email is subject to an archival fee of $400.
See http://www.stacken.kth.se/~levitte/mail/ for more info.
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

test/tsid fails [main trunk]!

2002-03-02 Thread Richard Levitte - VMS Whacker 

Configuration: debug-levitte-linux-elf --with-krb5-flavor=MIT

Compilation works well, but tsid fails with a segfault.  A test
through gdb gives the following:

(gdb) run sess_id -in fff.p -inform p -outform d  f.d
Starting program:
/home/levitte/cvswork/dev.openssl.org/openssl/openssl/test/../apps/openssl
sess_id -in fff.p -inform p -outform d  f.d

Program received signal SIGSEGV, Segmentation fault.
0x4012bc00 in free () from /lib/libc.so.6
(gdb) where
#0  0x4012bc00 in free () from /lib/libc.so.6
#1  0x080b7c80 in CRYPTO_free (str=0x81eb9c0) at mem.c:325
#2  0x080b1b00 in d2i_SSL_SESSION (a=0x0, pp=0xb528, length=470)
at ssl_asn1.c:320
#3  0x0811e9b2 in PEM_ASN1_read_bio (d2i=0x80b1560 d2i_SSL_SESSION, 
name=0x818c8c9 SSL SESSION PARAMETERS, bp=0x81eb0f0, x=0x0,
cb=0, u=0x0)
at pem_oth.c:80
#4  0x0808003a in load_sess_id (infile=0xbd86 fff.p, format=3)
at sess_id.c:304
#5  0x0807fbea in sess_id_main (argc=0, argv=0xbc44) at
#sess_id.c:164
#6  0x0804e067 in do_cmd (prog=0x81e93c0, argc=7, argv=0xbc28)
at openssl.c:383
#7  0x0804dcd4 in main (Argc=7, Argv=0xbc28) at openssl.c:304
#8  0x400d66cf in __libc_start_main () from /lib/libc.so.6


I'll see if I can analyse it during the next week.

-- 
Richard Levitte   \ Spannvägen 38, II \ [EMAIL PROTECTED]
Redakteur@Stacken  \ S-168 35  BROMMA  \ T: +46-8-26 52 47
\  SWEDEN   \ or +46-733-72 88 11
Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/
Software Engineer, GemPlus: http://www.gemplus.com/

Unsolicited commercial email is subject to an archival fee of $400.
See http://www.stacken.kth.se/~levitte/mail/ for more info.
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: test/tsid fails [main trunk]!

2002-03-02 Thread Richard Levitte - VMS Whacker 

From: Richard Levitte - VMS Whacker [EMAIL PROTECTED]

levitte Configuration: debug-levitte-linux-elf --with-krb5-flavor=MIT
levitte 
levitte Compilation works well, but tsid fails with a segfault.  A test
levitte through gdb gives the following:

Note that the same test in the 0.9.7-stable branch works with no
problems...  Therefore this is not a showstopper.

-- 
Richard Levitte   \ Spannvägen 38, II \ [EMAIL PROTECTED]
Redakteur@Stacken  \ S-168 35  BROMMA  \ T: +46-8-26 52 47
\  SWEDEN   \ or +46-733-72 88 11
Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/
Software Engineer, GemPlus: http://www.gemplus.com/

Unsolicited commercial email is subject to an archival fee of $400.
See http://www.stacken.kth.se/~levitte/mail/ for more info.
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]