> I.e., between compiler non-C11 atomic intrinsics, C11 intrinsics, OS atomic
> function libraries, and portable open-source atomics libraries, we can cover
> almost all the bases.
Agreed.
> We have a surfeit of options, not a dearth of them. I don't think lack of
> atomics primitives is
On Tue, Dec 15, 2015 at 01:24:12PM +0100, Florian Weimer wrote:
> * Nico Williams:
>
> > On Tue, Dec 08, 2015 at 11:19:32AM +0100, Florian Weimer wrote:
> >> > Maybe http://trac.mpich.org/projects/openpa/ would fit the bill?
> >>
> >> It seems to have trouble to keep up with new architectures.
>
Hello OpennSSL Experts,
Someone please share the steps to build FIPS enabled openssl for Solaris 64
bit sparc machine.
Actually, I have successfully built it on Linux platform. But on Solaris i
have tried many steps using gcc and solaris sun studio compilers but i
could not able succeed. also i'm
On Tue, Dec 15, 2015 at 09:57:32AM -0600, Benjamin Kaduk wrote:
> On 12/15/2015 06:43 AM, Kurt Roeckx wrote:
> > On Tue, Dec 15, 2015 at 01:24:12PM +0100, Florian Weimer wrote:
> >> Using C++11.
> > I think this is a relevant article:
> >
It appears that openssl verify refuses to deal with self-signed
certificates? Is it the expected/intended behavior? I can easily imagine
circumstances when a user would be happy with a “partial” validation, i.e.
with validating as much as practically possible – like consistency,
correctness of the
On Tue, Dec 15, 2015 at 09:57:32AM -0600, Benjamin Kaduk wrote:
> On 12/15/2015 06:43 AM, Kurt Roeckx wrote:
> > On Tue, Dec 15, 2015 at 01:24:12PM +0100, Florian Weimer wrote:
> >> * Nico Williams:
> >> Not on Windows.
> >>
> >>> What's the alternative anyways?
> >> Using C++11.
> > I think this
On Tue, Dec 15, 2015 at 06:15:32PM +, Salz, Rich wrote:
> > I.e., between compiler non-C11 atomic intrinsics, C11 intrinsics, OS atomic
> > function libraries, and portable open-source atomics libraries, we can cover
> > almost all the bases.
>
> Agreed.
Thanks. This is helpful. I now
On Tue, Dec 15, 2015 at 07:54:35PM +0100, Kurt Roeckx wrote:
> Also, if you want to use atomics we really want the C11 / C++11
> memory model which prevents certain important optimazations.
Right, because compilers can reorder some operations. But we've been
living with this pre-C11 for decades.
* Nico Williams:
> On Tue, Dec 08, 2015 at 11:19:32AM +0100, Florian Weimer wrote:
>> > Maybe http://trac.mpich.org/projects/openpa/ would fit the bill?
>>
>> It seems to have trouble to keep up with new architectures.
>
> New architectures are not really a problem because between a) decent
>
This feature is now available in master (1.1.0). Closing this ticket.
Matt
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
On Tue, Dec 15, 2015 at 08:04:45PM +, Blumenthal, Uri - 0553 - MITLL wrote:
> It appears that openssl verify refuses to deal with self-signed
> certificates?
You mean the command-line utility?
$ openssl x509 -in rootcert.pem -subject -issuer
subject= CN = Root CA
issuer= CN =
>>If I want to “partially” verify a certificate via the command-line
>>utility
>> - e.g. when I don’t have the issuing certificate at hand, is there a way
>> to tell openssl tool to go just as far as it can *without* climbing up
>>the
>> cert chain? I understand and agree that it significantly
Hi,
I experienced some features of the OpenSSL API regarding elliptic
curves that I find quite unusual and I want to ask whether that's
intended.
It's regarding these functions to set curve coordinates:
EC_POINT_set_affine_coordinates_GFp
EC_POINT_set_compressed_coordinates_GFp
It is possible
I have actually asked a variant on this question in the path, I would rephrase
it as I have a certificate chain which doesn't go all the way back to a
self-signed cert. But I "trust" the highest certificate in the chain that I
have; is there a way of telling openssl that once it hits this
> On Dec 15, 2015, at 5:00 PM, Nounou Dadoun wrote:
>
> I have actually asked a variant on this question in the path, I would
> rephrase it as I have a certificate chain which doesn't go all the way back
> to a self-signed cert. But I "trust" the highest
On 12/15/15, 17:51 , "openssl-dev on behalf of Viktor Dukhovni"
wrote:
>>On Dec 15, 2015, at 5:30 PM, Blumenthal, Uri - 0553 - MITLL
>> wrote:
>>
>>$ openssl verify --help
>> usage: verify [-verbose]
> On Dec 15, 2015, at 5:30 PM, Blumenthal, Uri - 0553 - MITLL
> wrote:
>
> Also, in your next email you mention “openssl verify -partial_chain”.
> Alas, I don’t see this option:
>
> $ openssl version
> OpenSSL 1.0.2e 3 Dec 2015
> $ openssl verify --help
> usage: verify
On Tue, Dec 15, 2015 at 10:56:59PM +, Blumenthal, Uri - 0553 - MITLL wrote:
> $ openssl verify -verbose -CAfile ~/Certs/RabbitMQ_CA.pem -partial_chain
> -purpose sslclient RabbitMQ_Dev.pem
> RabbitMQ_Dev.pem: OK
Well if that CAfile yields a path to a root CA, the "-partial_chain"
option
On 12/15/2015 06:43 AM, Kurt Roeckx wrote:
> On Tue, Dec 15, 2015 at 01:24:12PM +0100, Florian Weimer wrote:
>> * Nico Williams:
>> Not on Windows.
>>
>>> What's the alternative anyways?
>> Using C++11.
> I think this is a relevant article:
>
On Tue, Dec 15, 2015 at 01:24:12PM +0100, Florian Weimer wrote:
> * Nico Williams:
>
> > On Tue, Dec 08, 2015 at 11:19:32AM +0100, Florian Weimer wrote:
> >> > Maybe http://trac.mpich.org/projects/openpa/ would fit the bill?
> >>
> >> It seems to have trouble to keep up with new architectures.
>
Hello OpenSSL team,
I get errors when I build openssl 1.0.2e with -DREF_PRINT -DREF_CHECK
./config -ggdb -DREF_PRINT -DREF_CHECK
make
ec_key.c: In function 'EC_KEY_free':
ec_key.c:115:14: error: called object is not a function or function pointer
REF_PRINT("EC_KEY", r);
^
On 12/15/15, 15:34 , "openssl-dev on behalf of Viktor Dukhovni"
wrote:
>On Tue, Dec 15, 2015 at 08:04:45PM +, Blumenthal, Uri - 0553 - MITLL
>wrote:
>> It appears that openssl verify refuses to deal with self-signed
>>
On 10/06/14 21:48, Jonas Maebe via RT wrote:
> On 13/12/13 11:54, The default queue via RT wrote:
>
>> In attachment you can find 7 patches against git master (generated via git
>> format-patch) to fix a number of memory leaks (in case of failures) and
>> missing NULL pointer checks (generally
Dear Sirs
I have run the open ssl
The first step has executed successfully:
OpenSSL> genrsa 1024 > myID -key.pem
But when attempt to execute the next step which is
req -new -days 365 -key myID -key.pem -out myID -csr.pem
Then the following error appear so Please please advise regarding this
24 matches
Mail list logo