RE: the Sun covenant language
The other day I contributed the following questions, but do not yet have an answer. About the particularly following questions, will not there be a person having you instruct it? In addition, where will a pertinence point of ECC Code described in the covenant language be? Will it be the whole openssl/crypto/bn/bn_gf2m.c? --- * In addition, Sun covenants to all licensees who provide a reciprocal * covenant with respect to their own patents if any, not to sue under * current and future patent claims necessarily infringed by the making, * using, practicing, selling, offering for sale and/or otherwise * disposing of the ECC Code as delivered hereunder (or portions thereof), * provided that such covenant shall not apply: * 1) for code that a licensee deletes from the ECC Code; * 2) separates from the ECC Code; or * 3) for infringements caused by: * i) the modification of the ECC Code or * ii) the combination of the ECC Code with other software or * devices where such combination causes the infringement. --- Thanks! Takurou Saitou. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Takurou Saitou Sent: Friday, February 24, 2006 8:14 PM To: openssl-dev@openssl.org Subject: the Sun covenant language Hi, The Sun covenant language is deleted for the following files before, openssl/apps/ecparam.c openssl/apps/speed.c openssl/crypto/bn/bn.h openssl/crypto/bn/bntest.c openssl/crypto/ec/ec.h openssl/crypto/ec/ec2_mult.c openssl/crypto/ec/ec2_smpl.c openssl/crypto/ec/ec_curve.c openssl/crypto/ec/ec_cvt.c openssl/crypto/ec/ec_lcl.h openssl/crypto/ec/ectest.c openssl/crypto/ecdh/ecdh.h openssl/crypto/ecdh/ecdhtest.c openssl/crypto/ecdh/ech_key.c openssl/crypto/ecdh/ech_lib.c openssl/crypto/ecdh/ech_ossl.c openssl/crypto/ecdsa/ecdsatest.c openssl/crypto/engine/tb_ecdh.c openssl/ssl/s3_clnt.c openssl/ssl/s3_lib.c openssl/ssl/s3_srvr.c openssl/ssl/tls1.h (CVS COMMIT MAIL) http://cvs.openssl.org/chngview?cn=8610 the covenant language is not deleted about openssl/crypto/bn/bn_gf2m.c. Will there be the circumstances that cannot delete the covenant language? In addition, where will a pertinence point of ECC Code described in the covenant language be? Will it be the whole openssl/crypto/bn/bn_gf2m.c? --- * In addition, Sun covenants to all licensees who provide a reciprocal * covenant with respect to their own patents if any, not to sue under * current and future patent claims necessarily infringed by the making, * using, practicing, selling, offering for sale and/or otherwise * disposing of the ECC Code as delivered hereunder (or portions thereof), * provided that such covenant shall not apply: * 1) for code that a licensee deletes from the ECC Code; * 2) separates from the ECC Code; or * 3) for infringements caused by: * i) the modification of the ECC Code or * ii) the combination of the ECC Code with other software or * devices where such combination causes the infringement. --- Thanks. Takurou Saitou __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
the Sun covenant language
Hi, The Sun covenant language is deleted for the following files before, openssl/apps/ecparam.c openssl/apps/speed.c openssl/crypto/bn/bn.h openssl/crypto/bn/bntest.c openssl/crypto/ec/ec.h openssl/crypto/ec/ec2_mult.c openssl/crypto/ec/ec2_smpl.c openssl/crypto/ec/ec_curve.c openssl/crypto/ec/ec_cvt.c openssl/crypto/ec/ec_lcl.h openssl/crypto/ec/ectest.c openssl/crypto/ecdh/ecdh.h openssl/crypto/ecdh/ecdhtest.c openssl/crypto/ecdh/ech_key.c openssl/crypto/ecdh/ech_lib.c openssl/crypto/ecdh/ech_ossl.c openssl/crypto/ecdsa/ecdsatest.c openssl/crypto/engine/tb_ecdh.c openssl/ssl/s3_clnt.c openssl/ssl/s3_lib.c openssl/ssl/s3_srvr.c openssl/ssl/tls1.h (CVS COMMIT MAIL) http://cvs.openssl.org/chngview?cn=8610 the covenant language is not deleted about openssl/crypto/bn/bn_gf2m.c. Will there be the circumstances that cannot delete the covenant language? In addition, where will a pertinence point of ECC Code described in the covenant language be? Will it be the whole openssl/crypto/bn/bn_gf2m.c? --- * In addition, Sun covenants to all licensees who provide a reciprocal * covenant with respect to their own patents if any, not to sue under * current and future patent claims necessarily infringed by the making, * using, practicing, selling, offering for sale and/or otherwise * disposing of the ECC Code as delivered hereunder (or portions thereof), * provided that such covenant shall not apply: * 1) for code that a licensee deletes from the ECC Code; * 2) separates from the ECC Code; or * 3) for infringements caused by: * i) the modification of the ECC Code or * ii) the combination of the ECC Code with other software or * devices where such combination causes the infringement. --- Thanks. Takurou Saitou __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: Race condition involving SSL_CTX_new
Hi! There is one point confirmation. May I think the action on the trouble described in the following mail was done with the E-mail of following openssl-cvs (Show with URL)? http://marc.theaimsgroup.com/?l=openssl-cvsm=109870286615557w=2 I use the Openssl0.9.7d in our project. Takurou Saitou. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Arnold Hendriks Sent: Monday, October 25, 2004 7:30 PM To: openssl-dev@openssl.org Subject: Race condition involving SSL_CTX_new Dear list, I've been using the openssl libs for quite some time, and so far they've always worked fine. Recently, I've had to change my code to use different contexts per connection (due to easier key management being available in the SSL_CTX family), and now I'm hitting a race condition when starting the openssl libraries (0.9.7d). Sporadically, the following error appears: SSL:error:140A90A1:SSL routines:SSL_CTX_new:library has no ciphers Scanning through the google archive I saw that this problem was known and that a fix was made, but the fix was incorrect. Firstly, load_ciphers is only called when init_ciphers is set to 1. But the first thing load_ciphers does is setting init_ciphers to 0 - a parallel running call to this code (quite likely on my SMP machine): if (init_ciphers) { CRYPTO_w_lock(CRYPTO_LOCK_SSL); if (init_ciphers) load_ciphers(); CRYPTO_w_unlock(CRYPTO_LOCK_SSL); } will cause the second thread to skip load_ciphers, and thus continue running without having a completed init_ciphers call. Moving the init_ciphers=0; statement to the end of load_ciphers would fix that problem, but would probably open up an even subtler race condition: DCL may not be safe on all platforms without proper memory barriers. It would probably be safer to remove this 'optimization' all together: SSL_CTX_new does a lot of memory allocations already so the cost of hitting one more mutex should be negligible? The following patch should fix the race condition in SSL_CTX_new: diff -ur openssl-0.9.7d-orig/ssl/ssl_ciph.c openssl-0.9.7d/ssl/ssl_ciph.c --- openssl-0.9.7d-orig/ssl/ssl_ciph.c Mon Oct 25 11:53:33 2004 +++ openssl-0.9.7d/ssl/ssl_ciph.c Mon Oct 25 11:55:58 2004 @@ -759,12 +759,9 @@ */ if (rule_str == NULL) return(NULL); - if (init_ciphers) - { - CRYPTO_w_lock(CRYPTO_LOCK_SSL); - if (init_ciphers) load_ciphers(); - CRYPTO_w_unlock(CRYPTO_LOCK_SSL); - } + CRYPTO_w_lock(CRYPTO_LOCK_SSL); + if (init_ciphers) load_ciphers(); + CRYPTO_w_unlock(CRYPTO_LOCK_SSL); /* * To reduce the work to do we only want to process the compiled With this fix, I haven't been able to reproduce the race condition so far. With regards, Arnold Hendriks -- Arnold Hendriks [EMAIL PROTECTED] B-Lex Information Technologies http://www.b-lex.com/ Postbus 545, 7500 AM Enschede, The Netherlands B-Lex: +31 (0)53 4836543 Mobile: +31 (0)6 51710159 MSN: [EMAIL PROTECTED] ICQ: 86313731 __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: [openssl.org #1005] about a result of 'openssl ciphers'
-Original Message- Takurou Saitou wrote: Thank you for the correction. I immediately confirmed operation. When ciphersuite keywords of the same processing group was combined by '+'(The example: kRSA+kEDH) and specified for the command argument, I confirmed a correct result returned. OpenSSL ciphers kRSA+kEDH Error in cipher list 940:error:140A60B9:SSL routines:SSL_CREATE_CIPHER_LIST:no cipher match:ssl_ciph. c:882: error in ciphers However, when ciphersuite keywords of the different processing group was combined by '+'(The example: AES+SHA1) and specified for the command argument, the following execution results were returned. ok, I've committed a fix. Please try a new snapshot. Thank you for the correction. I immediately confirmed operation and confirmed a correct result returned. Thanks. Takurou Saitou. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: [openssl.org #1005] about a result of 'openssl ciphers'
Thank you for the correction. I immediately confirmed operation. When ciphersuite keywords of the same processing group was combined by '+'(The example: kRSA+kEDH) and specified for the command argument, I confirmed a correct result returned. OpenSSL ciphers kRSA+kEDH Error in cipher list 940:error:140A60B9:SSL routines:SSL_CREATE_CIPHER_LIST:no cipher match:ssl_ciph. c:882: error in ciphers However, when ciphersuite keywords of the different processing group was combined by '+'(The example: AES+SHA1) and specified for the command argument, the following execution results were returned. OpenSSL ciphers AES+SHA1 Error in cipher list 940:error:140A60B9:SSL routines:SSL_CREATE_CIPHER_LIST:no cipher match:ssl_ciph. c:882: error in ciphers The following results are output in OpenSSL0.9.7d. OpenSSL ciphers AES+SHA1 ADH-AES256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:ADH-AES128-SHA:D HE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA a degrad has occurred consequentially. Thanks. Takurou Saitou -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Nils Larsch via RT Sent: Thursday, June 09, 2005 7:26 AM To: [EMAIL PROTECTED] Cc: openssl-dev@openssl.org Subject: [openssl.org #1005] about a result of 'openssl ciphers' should be fixed; please try a new snapshot. Thanks, Nils __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
[openssl.org #1005] about a result of 'openssl ciphers'
Hi, In the openssl command option ciphers, when ciphersuite keywords of the same processing group was combined by '+'(The example: kRSA+kEDH) and specified for the command argument, the following execution results were returned. --- [Execution result] opeenssl ciphers -v 'kRSA+kEDH' ADH-AES256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:ADH-AES128-SHA:DHE-RSA-AES 128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:DHE-DSS-RC4-SHA:EXP1024-DHE-DSS-RC4-SHA:EXP1024-RC4- SHA:EXP1024-DHE-DSS-DES-CBC-SHA:EXP1024-DES-CBC-SHA:EXP1024-RC2-CBC-MD5:EXP1024-RC4-MD5:ED H-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC3-SHA:EDH-DS S-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:DES-CBC3-SHA:DES-CBC-SHA:EXP-DES-CBC-SHA:IDEA-CBC-SH A:EXP-RC2-CBC-MD5:RC4-SHA:RC4-MD5:EXP-RC4-MD5:ADH-DES-CBC3-SHA:ADH-DES-CBC-SHA:EXP-ADH-DES -CBC-SHA:ADH-RC4-MD5:EXP-ADH-RC4-MD5:NULL-SHA:NULL-MD5:RC4-64-MD5:DES-CBC3-MD5:DES-CBC-MD5 :IDEA-CBC-MD5:RC2-CBC-MD5:EXP-RC2-CBC-MD5:RC4-MD5:EXP-RC4-MD5 --- When ciphersuite keywords of the key exchange was combined by +, the output result was expected none because there was no ciphersuite with which it met the requirement. Is this correct behavior? Thanks! Takurou Saitou __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]