do not use any variable, structure named "sun"
When compiling on any SunOS/Solaris platform, preprocessor replaces it with 1
This fragment in crypto/bio/bio_lcl.h breaks all Solaris builds using cc
union bio_addr_st {
struct sockaddr sa;
# ifdef AF_INET6
struct sockaddr_in6 sin6;
# endif
Linking on Solaris is broken
configuration was basically identical to solaris64-x86_64-cc
but looks like a generic failure in Makefile.shared
the -z argument is malformed on Solaris platforms.
LD_LIBRARY_PATH=.: cc -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_THREADS
-DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -D
There's (still) a curious (but non-fatal) error message from
somewhere in the VMS configure procedure:
ALP $ @config
Configuring OpenSSL version 1.1.0-pre3 (0x0x1013L)
no-crypto-mdebug [default] OPENSSL_NO_CRYPTO_MDEBUG (skip dir)
[...]
Configuring for vms-alpha
%DCL-W-MAXPARM, too man
On Mon, Feb 15, 2016, The Doctor wrote:
> Just tested this on the old BSD/OS machine
>
> works with openssl 1.0.2X
>
> Openssl 1.1.X issues
>
> cipher.h in openssl 1.1 needs to read
>
> struct sshcipher;
> struct sshcipher_ctx {
> int plaintext;
> int encrypt;
>
In message <20160216.023940.1344061857137837940.levi...@openssl.org> on Tue, 16
Feb 2016 02:39:40 +0100 (CET), Richard Levitte said:
levitte> In message on Mon, 15 Feb 2016 17:04:58
-0800, "Erik Forsberg" said:
levitte>
levitte> erik> Latest pre3 release doesnt build CFLAGS correctly, notice
In message <56c27dc0.3030...@oracle.com> on Tue, 16 Feb 2016 01:39:12 +,
Jeremy Farrell said:
jeremy.farrell> Thanks Richard - it was just a thought, and clearly not a very
helpful
jeremy.farrell> one. The rest of the proposal looks like a good improvement to
me.
Quite all right. It answ
In message on Mon, 15 Feb 2016 17:04:58 -0800,
"Erik Forsberg" said:
erik> Latest pre3 release doesnt build CFLAGS correctly, noticed it when doing a
erik> 64-bit build and the -m64 cc argument was never passed down to cc, failing
erik> particularly when trying to assemble 64-bit code in 32-bi
On 15/02/2016 23:16, Richard Levitte wrote:
In message <20160215.185953.117619649162395329.levi...@openssl.org> on Mon, 15 Feb
2016 18:59:53 +0100 (CET), Richard Levitte said:
levitte> In message <56c210e7.5080...@oracle.com> on Mon, 15 Feb 2016 17:54:47 +,
Jeremy Farrell said:
levitte>
Latest pre3 release doesnt build CFLAGS correctly, noticed it when doing a
64-bit build and the -m64 cc argument was never passed down to cc, failing
particularly when trying to assemble 64-bit code in 32-bit default mode.
See attached make.log
I used a standard configuration
perl Configure sol
On Mon, 15 Feb 2016, The Doctor wrote:
> Just tested this on the old BSD/OS machine
>
> works with openssl 1.0.2X
>
> Openssl 1.1.X issues
Thanks for testing.
OpenSSH won't work with OpenSSL until someone ports it and writes
compat shims to make it work with both OpenSSL 1.0.x and 1.1.x. The
1.1
In message on Mon, 15 Feb 2016 16:06:20 -0800,
"Erik Forsberg" said:
erik> I certainly was under the impression it was needed.
erik> Every .conf file had an admonition to update TABLE at the top -:)
erik> A quick test confirms that you dont need it anymore though.
erik> Which is
>-- Original Message --
>
>In message on Mon, 15 Feb 2016 15:40:40 -0800,
>"Erik Forsberg" said:
>
>erik>
>erik> >-- Original Message --
>erik> >
>erik> >In message <6a2kg6vygf80...@srv.efca.com> on Mon, 15 Feb 2016 15:02:52
>-0800, "Erik Forsberg" said:
>erik> >
>erik> >erik> Sure, attached
You know, you're entirely right. That's a flaw and needs correction.
Thanks for the notification.
Cheers,
Richard
In message on Mon, 15 Feb 2016 15:43:28 -0800,
"Erik Forsberg" said:
erik> I was talking about CRYPTO_set_mem_functions()
erik>
erik> It doesnt do anything, just saving some poi
In message on Mon, 15 Feb 2016 15:40:40 -0800,
"Erik Forsberg" said:
erik>
erik> >-- Original Message --
erik> >
erik> >In message <6a2kg6vygf80...@srv.efca.com> on Mon, 15 Feb 2016 15:02:52
-0800, "Erik Forsberg" said:
erik> >
erik> >erik> Sure, attached.
erik> >erik> However, dont think an
I was talking about CRYPTO_set_mem_functions()
It doesnt do anything, just saving some pointers that are never
used for anything. So a big NO-OP, seems like a TODO implementation ?
>-- Original Message --
>
>In message <0v59rc3djidy...@srv.efca.com> on Mon, 15 Feb 2016 15:15:28 -0800,
>"Erik For
>-- Original Message --
>
>In message <6a2kg6vygf80...@srv.efca.com> on Mon, 15 Feb 2016 15:02:52 -0800,
>"Erik Forsberg" said:
>
>erik> Sure, attached.
>erik> However, dont think anything wrong with it, I did notice the changes
>erik> and aligned. The question is more how do I incorporate my cu
In message <0v59rc3djidy...@srv.efca.com> on Mon, 15 Feb 2016 15:15:28 -0800,
"Erik Forsberg" said:
erik>
erik> just started do the 1.1 updates needed in my own software, in the past I
had
erik> use the 1.0.2 memory allocation hooks to link into my own mem leak tester.
erik>
erik> 1.1 has rew
In message <6a2kg6vygf80...@srv.efca.com> on Mon, 15 Feb 2016 15:02:52 -0800,
"Erik Forsberg" said:
erik> Sure, attached.
erik> However, dont think anything wrong with it, I did notice the changes
erik> and aligned. The question is more how do I incorporate my custom conf
file into
erik> the bu
In message <20160215.185953.117619649162395329.levi...@openssl.org> on Mon, 15
Feb 2016 18:59:53 +0100 (CET), Richard Levitte said:
levitte> In message <56c210e7.5080...@oracle.com> on Mon, 15 Feb 2016 17:54:47
+, Jeremy Farrell said:
levitte>
levitte> jeremy.farrell> It sounds good, exce
just started do the 1.1 updates needed in my own software, in the past I had
use the 1.0.2 memory allocation hooks to link into my own mem leak tester.
1.1 has reworked this, by what I read in the past, sounded like I could still
get value out of if, but today when I looked at CRYPTO_set_mem_func
On 14/02/16 00:11, Michel wrote:
> Hi Matt,
>
> Thanks for your quick answer.
> I applied your patch and it fixes the leaks found in the simple test
> program.
>
> However, a more complex one, still report [other] leaks.
>
> Below is a new log if you can have a look at them.
> I will investiga
Sure, attached.
However, dont think anything wrong with it, I did notice the changes
and aligned. The question is more how do I incorporate my custom conf file into
the build system. Copying this conf file into Configrations and running
make -f Makefile.in TABLE
results in this
+ cp ../20-efca.con
In message on Mon, 15 Feb 2016 14:30:48 -0800,
"Erik Forsberg" said:
erik>
erik> OK, now I'm confused, in pre2 I started using personal .conf
erik> files with my specific build configuration, that no longer works in pre3
erik>
erik> If I do the same as before, I copied my conf file into Confi
OK, now I'm confused, in pre2 I started using personal .conf
files with my specific build configuration, that no longer works in pre3
If I do the same as before, I copied my conf file into Configurations
subdirectory then ran make -f Makefile.in TABLE to generate a new TABLE
file containing my co
On 15/02/16 21:50, Jouni Malinen wrote:
> On Mon, Feb 15, 2016 at 09:34:33PM +, Matt Caswell wrote:
>> On 15/02/16 21:25, Jouni Malinen wrote:
>>> Is this change in OpenSSL behavior expected? Is it not allowed to call
>>> EVP_cleanup() and then re-initialize OpenSSL digests with
>>> SSL_libra
On Mon, Feb 15, 2016 at 09:34:33PM +, Matt Caswell wrote:
> On 15/02/16 21:25, Jouni Malinen wrote:
> > Is this change in OpenSSL behavior expected? Is it not allowed to call
> > EVP_cleanup() and then re-initialize OpenSSL digests with
> > SSL_library_init()?
>
> Correct, you cannot reinit on
On 15/02/16 21:25, Jouni Malinen wrote:
> On Mon, Feb 15, 2016 at 10:52:27PM +0200, Jouni Malinen wrote:
>> On Mon, Feb 15, 2016 at 07:04:20PM +, OpenSSL wrote:
>>>OpenSSL version 1.1.0 pre release 3 (alpha)
>
>> It looks like something in pre release 3 has changed behavior in a way
>> t
On Mon, Feb 15, 2016 at 10:52:27PM +0200, Jouni Malinen wrote:
> On Mon, Feb 15, 2016 at 07:04:20PM +, OpenSSL wrote:
> >OpenSSL version 1.1.0 pre release 3 (alpha)
> It looks like something in pre release 3 has changed behavior in a way
> that results in SSL_CTX_new(SSLv23_method()) faili
On 15/02/16 20:52, Jouni Malinen wrote:
> On Mon, Feb 15, 2016 at 07:04:20PM +, OpenSSL wrote:
>>OpenSSL version 1.1.0 pre release 3 (alpha)
>>
>>OpenSSL 1.1.0 is currently in alpha. OpenSSL 1.1.0 pre release 3 has now
>>been made available. For details of changes and known issues
On Mon, Feb 15, 2016 at 07:04:20PM +, OpenSSL wrote:
>OpenSSL version 1.1.0 pre release 3 (alpha)
>
>OpenSSL 1.1.0 is currently in alpha. OpenSSL 1.1.0 pre release 3 has now
>been made available. For details of changes and known issues see the
>release notes at:
>
> ht
Sorry this has taken me so long to respond to. Just as you suspected adding
.weak makes the build of “big” OpenSSL work just fine. I assume that
bn_mul_mont_fpu is something that in all likelihood won’t change since .weak
will tell the linker to use the first definition of bn_mul_mont_fpu whic
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL version 1.1.0 pre release 3 (alpha)
===
OpenSSL - The Open Source toolkit for SSL/TLS
http://www.openssl.org/
OpenSSL 1.1.0 is currently in alpha. OpenSSL 1.1.0 pre release 3 has now
Just tested this on the old BSD/OS machine
works with openssl 1.0.2X
Openssl 1.1.X issues
cipher.h in openssl 1.1 needs to read
struct sshcipher;
struct sshcipher_ctx {
int plaintext;
int encrypt;
struct evp_cipher_ctx_st *evp;
struct chachapoly_ctx cp
In message <56c210e7.5080...@oracle.com> on Mon, 15 Feb 2016 17:54:47 +,
Jeremy Farrell said:
jeremy.farrell>
jeremy.farrell>
jeremy.farrell> On 15/02/2016 12:29, Richard Levitte wrote:
jeremy.farrell> > In message <20160215122509.ga15...@calimero.vinschen.de> on
Mon, 15
jeremy.farrell> >
On 15/02/2016 12:29, Richard Levitte wrote:
In message <20160215122509.ga15...@calimero.vinschen.de> on Mon, 15 Feb 2016 13:25:09
+0100, Corinna Vinschen said:
vinschen> On Feb 15 13:03, Richard Levitte wrote:
vinschen> > So here is what I'm thinking...
vinschen> >
vinschen> > - engines in 1
On Friday 12 February 2016 15:36:36 Viktor Dukhovni wrote:
> > On Feb 12, 2016, at 3:15 PM, Salz, Rich wrote:
> >
> > So is RC4 and we don't see that as HIGH. HIGH implies strength, not
> > MTI-ness.
> Now let's not make stuff up:
>
> http://tools.ietf.org/html/rfc5246#section-9
>
> 9. Mandato
The patch sends a SSLRequest packet and checks
for a S in response. Useful for checking certificate
validity of a PostgreSQL server.
https://github.com/openssl/openssl/pull/683
--
Valentin
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4308
Please log in as guest with password
I have just pushed to github some code that I have been working on to
implement a feature I have called "pipelining". This is still WIP,
although is fairly well advanced. I am keen to hear any feedback. You
can see the PR here:
https://github.com/openssl/openssl/pull/682
The idea is that some engi
In message <20160215122509.ga15...@calimero.vinschen.de> on Mon, 15 Feb 2016
13:25:09 +0100, Corinna Vinschen said:
vinschen> On Feb 15 13:03, Richard Levitte wrote:
vinschen> > So here is what I'm thinking...
vinschen> >
vinschen> > - engines in 1.1 should be named FOO.{suffix} (for an engine
On Feb 15 13:03, Richard Levitte wrote:
> So here is what I'm thinking...
>
> - engines in 1.1 should be named FOO.{suffix} (for an engine FOO and
> whatever suffix is conventional on the platform at hand, be it .so,
> .dll, .sl, .dylib...)
> - the OpenSSL DSO module should be changed to have
In message <20160215113936.ga9...@calimero.vinschen.de> on Mon, 15 Feb 2016
12:39:36 +0100, Corinna Vinschen said:
vinschen> On Feb 15 12:11, Richard Levitte wrote:
vinschen> > Hi Corinna,
vinschen> >
vinschen> > In message <20160215105045.ga7...@calimero.vinschen.de> on Mon, 15
Feb 2016 11:50
On Feb 15 12:11, Richard Levitte wrote:
> Hi Corinna,
>
> In message <20160215105045.ga7...@calimero.vinschen.de> on Mon, 15 Feb 2016
> 11:50:45 +0100, Corinna Vinschen said:
>
> vinschen> > Cygwin: cygcapi.dll
> vinschen>
> vinschen> I can't speak for Mingw, but on Cygwin the modules are ca
Hi,
enc:
- typo in -base64 option
- missing help opt text
ocsp/req/rsautl/s_client:
- missing help opt text
Created the following pull request with the changes.
https://github.com/openssl/openssl/pull/681
Thanks,
Mohan
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4306
Pl
Hi Corinna,
In message <20160215105045.ga7...@calimero.vinschen.de> on Mon, 15 Feb 2016
11:50:45 +0100, Corinna Vinschen said:
vinschen> > Cygwin: cygcapi.dll
vinschen>
vinschen> I can't speak for Mingw, but on Cygwin the modules are called
libFOO.so,
vinschen> e.g.
vinschen>
vinschen> /
Hi Richard,
On Feb 15 01:11, Richard Levitte wrote:
> Hi,
>
> I've got a question to the Cygwin / Mingw community, regarding the
> naming of dynamic engines.
>
> >From looking at Makefile.shared et al, the engines get the same kind
> of prefixes as a standard shared library (but without the acco
Possibly the best fix is to simply not specify the library prefix or suffix.i.e. -engine capiAnd let OS/build specific code sort out the rest. You still have .so and .sl on different variants of HP/UX for example.Next best, specify the complete library name in all cases - and I'll concede, best an
46 matches
Mail list logo