[openssl-dev] [openssl.org #4567] Configure does not honor CFLAGS

Cool. That closes this ticket. BTW, you're right, we don't honor a CFLAGS env var. We never did. We take the cflags on the configuration command line. Cheers, Richard On Tue Jun 14 07:35:11 2016, noloa...@gmail.com wrote: > On Tue, Jun 14, 2016 at 3:33 AM, Richard Levitte via RT >

[openssl-dev] [openssl.org #4567] Configure does not honor CFLAGS

Is this enough to satisfy you? ./config -DNDEBUG -g3 -O0 On Tue Jun 14 07:24:31 2016, noloa...@gmail.com wrote: > Working from latest sources. I'm trying to build a "debug" > configuration with both -DNDEBUG (I don't want asserts firing) and -g3 > (I want the symbolic constants). > > $ ./config

[openssl-dev] [openssl.org #2388] out-of-date comment for renegotiation handling

Fixed in commit e7653f3bab. Closing ticket. Matt -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=2388 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl.org #4567] Configure does not honor CFLAGS

On Tue, Jun 14, 2016 at 3:33 AM, Richard Levitte via RT wrote: > Is this enough to satisfy you? > > ./config -DNDEBUG -g3 -O0 Yes, that would be good. no-asm and no-omit-frame-pointer on x86 may be good choices, too. Jeff > On Tue Jun 14 07:24:31 2016, noloa...@gmail.com

Re: [openssl-dev] [openssl.org #4567] Configure does not honor CFLAGS

On Tue, Jun 14, 2016 at 3:43 AM, Richard Levitte via RT wrote: > Cool. That closes this ticket. Thank you very much. > BTW, you're right, we don't honor a CFLAGS env var. We never did. We take the > cflags on the configuration command line. There's always hope. Its eternal

[openssl-dev] [openssl.org #4567] Configure does not honor CFLAGS

Working from latest sources. I'm trying to build a "debug" configuration with both -DNDEBUG (I don't want asserts firing) and -g3 (I want the symbolic constants). $ ./config no-asm -g3 -O0 -fno-omit-frame-pointer Operating system: i86pc-whatever-solaris2 Configuring for solaris64-x86_64-gcc

[openssl-dev] [openssl.org #4571] SegFault when OBJ_create is called from multiple threads (despite setting up locking_function)

No, these routines are not guaranteed to be thread-safe. Sorry. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4571 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #4568] Enhancement request: Capability vector accessor function for arm and ppc

For arm and ppc, define functions corresponding to unsigned long *OPENSSL_ia32cap(), returning a pointer to the capability vector, or NULL on an unsuitable architecture: unsigned int *OPENSSL_armcap_loc(); unsigned int *OPENSSL_ppccap_loc(); Otherwise, an extern declaration of OPENSSL_armcap_P

[openssl-dev] [openssl.org #4571] SegFault when OBJ_create is called from multiple threads (despite setting up locking_function)

Hi, I may, or may not, stumbled upon an issue with OpenSSL multihreading when calling OBJ_create to define a new extension. Briefly, calling below code from several threads at once - despite setting up of locking functions - may cause segmentation fault due to supposedly double free/corruption.

[openssl-dev] [openssl.org #4562] Possible bug in OPENSSL_config - ignore input parameter

Documentation fixed in 1.0.2 (commit dd8a1f2).Also fix in master (commit cda3ae5), which also renamed the variables from config_file to appname, etc., in the source code. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4562 Please log in as guest with password guest if prompted --

[openssl-dev] [openssl.org #4569] Enhancement request: Macros for x86 capability bits

For x86, define macros for capability bits (like for arm and pcc), according to https://www.openssl.org/docs/manmaster/crypto/OPENSSL_ia32cap.html: #define X86_TSCNT (1UL << 4 ) #define X86_CLFLUSH(1UL << 19) #define X86_RC4PATH(1UL << 20) #define X86_MMX(1UL << 23) #define

Re: [openssl-dev] [openssl.org #3699] Resolved: openssl-1.0.2, fips sparc multiply defined _sparcv9_vis1_instrument_bus, _sparcv9_vis1_instrument_bus2

Will this change be merged into the latest 1.0.2 and/or 1.1.0 branches? -Original Message- From: Rich Salz via RT [mailto:r...@openssl.org] Sent: Monday, June 13, 2016 3:27 PM To: Stuart Kemp Subject: [openssl.org #3699] Resolved: openssl-1.0.2, fips sparc

[openssl-dev] [openssl.org #4570] Enhancement request: Configuration option no-hw-aes

Define a configuration option no-hw-aes. No aes processor instruction should be compiled if one of the configuration options no-hw or no-hw-aes is given. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4570 Please log in as guest with password guest if prompted -- openssl-dev

Re: [openssl-dev] [openssl.org #4568] Enhancement request: Capability vector accessor function for arm and ppc

Doesn't it make more sense to have a single API that returns the platform-specific flags? -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4568 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe:

Re: [openssl-dev] [openssl.org #4571] SegFault when OBJ_create is called from multiple threads (despite setting up locking_function)

That's fine with me, though, it might bite someone in the future. Is there any documentation or site listing which funcs would be thread-safe? (if this is offtopic, please let me know, and we'll simply end the thread) On Tue, Jun 14, 2016 at 6:44 PM, Rich Salz via RT wrote: >

[openssl-dev] [openssl.org #3699] openssl-1.0.2, fips sparc multiply defined _sparcv9_vis1_instrument_bus, _sparcv9_vis1_instrument_bus2

It will be in 1.0.2 shortly. It's not relevant for 1.1 which doesn't support FIPS. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=3699 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe:

Re: [openssl-dev] [openssl.org #4571] SegFault when OBJ_create is called from multiple threads (despite setting up locking_function)

> That's fine with me, though, it might bite someone in the future. Is there any > documentation or site listing which funcs would be thread-safe? (if this is > offtopic, please let me know, and we'll simply end the thread) Please take it to openssl-dev mailing list. It's a good discussion to

Re: [openssl-dev] [openssl.org #3699] openssl-1.0.2, fips sparc multiply defined _sparcv9_vis1_instrument_bus, _sparcv9_vis1_instrument_bus2

> It will be in 1.0.2 shortly. Applied to 1.0.2. > It's not relevant for 1.1 which doesn't support FIPS. Because current 2.x version of FIPS module won't be supported with 1.1, so that solution in 1.1 would have to be different. -- Ticket here:

[openssl-dev] [openssl.org #4507] Bugs due to missing error handling

fixed some time ago. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4507 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #4572] SSL_set_bio and friends

I recently made some changes around BoringSSL's SSL_set_bio, etc. which you all might be interested in. The BIO management has two weird behaviors right now: 1. The existence of bbio is leaked in the public API when it should be an implementation detail. (Otherwise you're stuck with it for DTLS

[openssl-dev] [openssl.org #4223] fix request for OpenSSL (not version specific)

TANDEM is not a supported platform. Sorry. You could make up a dummy file, like in /usr/local/include/sys, and add that -I flag. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4223 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe:

[openssl-dev] [openssl.org #4259] Bug: Apparent memory leak in kssl.c

Seems to have been fixed some time ago. thanks. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4259 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #4546] bug: misleading docs for EVP_*{Cipher, Encrypt, Decrypt}Final() functions in release branch

commit 95fb422 pushed to 1.0.2 thanks! -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4546 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #4349] Pull request for bilinear pairings

See the PR for all information; don't need a duplicate ticket now. (Esp since this is post-1.1) -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4349 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe:

[openssl-dev] [openssl.org #4205] Improve the default TLS session ticket key

We don't need an RT ticket that matches a GH issue or PR. Especially for post-1.1 things :) -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4205 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe:

[openssl-dev] [openssl.org #4038] SSLv2 session reuse is broken on the 1.0.2 branch

SSLv2 is not supported any more. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4038 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #3897] request: add BLAKE2 hash function (let's kill md5sum!)

done. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=3897 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #3898] Bug fix: missing line from trunk crypto/comp/comp_lcl.h

fixed awhile ago, thanks. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=3898 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl.org #4223] fix request for OpenSSL (not version specific)

Rich, thank you for your reply. We have a workaround, so we'll just continue using it. Best Regards, Cleve Watson From: Rich Salz via RT To: Cleveland Watson/Dallas/IBM@IBMUS Cc: openssl-dev@openssl.org Date: 06/14/2016 03:31 PM Subject:[openssl.org

[openssl-dev] [openssl.org #4573] BUG -- Documentation issue with RAND_add in rand.pod

The doc/crypto/rand.pod file incorrectly documents the prototype for the RAND_add function. The last argument is a double not an int. It is correctly documented in the doc/crypto/RAND_add.pod file. Fix attached. Pauli -- Oracle Dr Paul Dale | Cryptographer | Network Security &

[openssl-dev] [openssl.org #4038] SSLv2 session reuse is broken on the 1.0.2 branch

On Tue Jun 14 20:42:36 2016, rsalz wrote: > SSLv2 is not supported any more. Uyes it is on the 1.0.2 branch? It is off by default though. Matt -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4038 Please log in as guest with password guest if prompted -- openssl-dev