On Thu, Feb 21, 2002, Bodo Moeller wrote:
On Wed, Feb 20, 2002 at 10:18:55AM -0800, D. K. Smetters wrote:
One comment made when I proposed the patch was that this functionality
is currently almost entirely unused. Therefore changing the expected
prototype is not likely to affect that
On Sun, Jun 16, 2002, OpenSSL Project wrote:
Small typo:
OpenSSL STATUS Last modified at
__ $Date: 2002/06/16 11:33:59 $
DEVELOPMENT STATE
o OpenSSL 0.9.8: Under development...
o OpenSSL 0.9.7-beta1:
On Tue, Jul 30, 2002, Lutz Jaenicke wrote:
OpenSSL version 0.9.6e released
Can someone please sign the distribution? Or at least include
the MD5 checksum in a PGP signed announcement?
There was an openssl-0.9.6d.tar.gz.asc but:
Requesting
On Tue, Jul 30, 2002, Claus Assmann wrote:
On Tue, Jul 30, 2002, Lutz Jaenicke wrote:
OpenSSL version 0.9.6e released
Can someone please sign the distribution? Or at least include
the MD5 checksum in a PGP signed announcement?
Sorry for the noise, I finally found openssl
On Fri, Aug 09, 2002, Richard Levitte - VMS Whacker wrote:
-BEGIN PGP SIGNED MESSAGE-
OpenSSL version 0.9.6g released
o openssl-0.9.6g.tar.gz [normal]
MD5 checksum: 515ed54165a55df83f4eb4e4e9078d3f
Just a very minor nit (since the announcement contains all the
0.9.7-Beta4 compiled fine on this machine, 0.9.7 does not.
+ ./config --openssldir=/home/ca/OpenBSD --prefix=/home/ca/OpenBSD
Operating system: i386-whatever-openbsd
Configuring for OpenBSD-i386
IsWindows=0
CC=gcc
CFLAG =-DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_NO_KRB5 -DL_ENDIAN
FYI: in apps:
"passwd.c", line 326: operands have incompatible types:
pointer to const char ":" pointer to uchar
"passwd.c", line 332: operands have incompatible types:
pointer to uchar ":" pointer to const char
./config -t
WARNING! Detected WorkShop C 5.0. Do make sure you
(0.9.5 compiled find on this system)
OpenSSL self-test report:
OpenSSL version: 0.9.5a-beta1
Last change: des_quad_cksum() byte order bug fix
Options: --openssldir=/usr/ca/FreeBSD --prefix=/usr/ca/FreeBSD
OS (uname): FreeBSD 3.2-RELEASE FreeBSD 3.2-RELEASE #0:
OS
t like -x. In 0.9.5 there is no -x in that
line. How can I solve this problem? Do I have to edit the Makefiles?
Claus Assmann schrieb:
(0.9.5 compiled find on this system)
OpenSSL self-test report:
OpenSSL version: 0.9.5a-beta1
Last change: des_quad_cksum() byte order b
There's a problem with the macro name 'Free' on AIX:
"/usr/include/net/radix.h", line 177.9: 1506-213 (S) Macro name
Free cannot be redefined.
"/usr/include/net/radix.h", line 177.9: 1506-358 (I) "Free" is
defined on line 2 58 of
openssl/work/src/include/openssl/crypto.h.
System information:
On Wed, Apr 26, 2000, Richard Levitte - VMS Whacker wrote:
From: Claus Assmann [EMAIL PROTECTED]
ca+ssl There's a problem with the macro name 'Free' on AIX:
ca+ssl
ca+ssl "/usr/include/net/radix.h", line 177.9: 1506-213 (S) Macro name
ca+ssl Free cannot be redefined.
Whi
On Wed, Apr 26, 2000, Richard Levitte - VMS Whacker wrote:
[macro Free on AIX 4.3: Free cannot be redefined.]
Thanks. BTW, just to clarify, did that happen when you compiled
OpenSSL or did it happen when you compiled another program that
includes OpenSSL header files?
It happens when I
Hi! At least some "good" news: I found the bug. Here's the problem
description again:
(starttls to connect to mail.stalker.com, using OpenSSL 0.9.5a)
! According to the SSL/TLS standard, the first 2 bytes of that secret
! should be the protocol version. Since CgatePro insists on TLSv0 (aka
!
Attached is a patch for the problem reported earlier. Please let
me know whether the patch is ok.
(starttls to connect to mail.stalker.com, using OpenSSL 0.9.5a)
! According to the SSL/TLS standard, the first 2 bytes of that secret
! should be the protocol version. Since CgatePro insists
[Note: this isn't important for me as OpenBSD comes with OpenSSL,
I was just curious whether this would work.]
OpenBSD 3.2/x86:
$ ./config no-asm
Operating system: i386-whatever-openbsd
Configuring for BSD-x86
Configuring for BSD-x86
no-asm [option] OPENSSL_NO_ASM
no-gmp
On Wed, Jun 22, 2005, Andy Polyakov wrote:
OpenBSD 3.2/x86:
$ ./config no-asm
It doesn't disable asm:
This is apparently a bug in ./Configure (it's not OpenBSD specific, as
it's reproducible everywhere, shall be fixed).
Thanks!
dx86-out.s:2376: Error: Unimplemented segment type
On Fri, Sep 29, 2006, Martin Kraemer wrote:
Am I the only user who observes this problem?
No. I've applied a similar patch locally. It would be nice to have
it in the next release.
__
OpenSSL Project
On Fri, Sep 29, 2006, Brad House wrote:
time to it... Personally I'd prefer something truly cross-platform like
CMake. It would actually allow a Windows x64 fips build (which is
cmake isn't exactly native on the platforms where I compile
OpenSSL. Currently OpenSSL builts out of the box on
On Wed, Sep 13, 2000, Theodore Hope wrote:
I think to needed "-lcompat option" on some *BSD* system.
Perhaps the OpenSSL team could incorporate thel ogic
to include "-lcompat" as part of the 'config' in the next
beta release? Thanks,
Why do you want to use old stuff? Just make sure
On Mon, Sep 11, 2000, Richard Levitte - VMS Whacker wrote:
From: Claus Assmann [EMAIL PROTECTED]
ca+openssl OpenSSL 0.9.6-beta1 doesn't compile "out of the box" on OpenBSD
ca+openssl 2.7; it fails when linking in apps because speed.c uses:
Is there a standard macro to odenti
On Sun, Sep 24, 2000, Richard Levitte wrote:
o ftp://ftp.openssl.org/source/
o openssl-0.9.6.tar.gz [normal]
The signatures aren't accessible
-rw--- Sep 24 16:37 openssl-0.9.6.tar.gz.asc
-rw--- Sep 24 16:37 openssl-engine-0.9.6.tar.gz.asc
On Sat, Jan 06, 2001, Richard Levitte - VMS Whacker wrote:
That would be a good idea, I think. Personally, I'd say
/etc/.egd-socket rather than /etc/egd-socket. This removes some
possibilities for "accidents" as well. Yes, this is security by
obscurity...
Please don't use /etc, it's for
FreeBSD has a problem with the new bctest (tested on 3.2 and 4.3-Beta2)
running bc
(standard_in) 6: illegal character: O
(standard_in) 6: syntax error
(standard_in) 5: illegal character: O
(standard_in) 5: syntax error
verify
On Thu, Mar 25, 2010, Bodo Moeller wrote:
Record of death vulnerability in OpenSSL 0.9.8f through 0.9.8m
No, it's not a mistake -- it's code elsewhere that no longer
tolerates the coarse logic we are changing in the patch, which has
been around forever.
Could you please elaborate?
I'm
[sent to rt before, but didn't see it back on the list, so here's
an abbreviated version]
OS: SunOS 5.10
Compiler: SunStudio
As requested on the mailing lists I downloaded
openssl-1.0.1-stable-SNAP-20111209
and tried to compile it on various OS.
It failed on SunOS 5.10 when using Sun's compiler:
On Mon, Dec 12, 2011, Andy Polyakov via RT wrote:
OS: SunOS 5.10
Assembler:
modexp512-x86_64.s, line 433 : Syntax error
Please verify http://cvs.openssl.org/chngview?cn=21836.
Thanks, that fixes the error.
__
OpenSSL 1.0.1-beta3 23 Feb 2012
make make test
succeeded on:
platform: solaris64-x86_64-cc
options: bn(64,64) rc4(16x,int) des(idx,cisc,16,int) idea(int) blowfish(idx)
compiler: cc -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -fast
-xarch=amd64 -xstrconst -Xa -DL_ENDIAN
I'm getting a crash in sha1_block_data_order_ssse3() but currently
I don't know how to debug this further as I'm not very familiar
with the internals... Any suggestions for tracking this down are
appreciated, e.g., is it something in the application or in OpenSSL?
The problem is 100% reproducible
On Sun, Dec 15, 2013, Dimitry Andric wrote:
Program received signal SIGBUS, Bus error.
sha1_block_data_order_ssse3 () at sha1-x86_64.s:1328
1328movdqa %xmm0,0(%rsp)
rsp0x800736048 0x800736048
This is most likely a stack alignment problem. The movdqa
On Tue, Dec 17, 2013, Florian Weimer wrote:
Current language: auto; currently asm
(gdb) p $rsp
$15 = (void *) 0x8007360a0
Actually, it doesn'ton function entry, %rsp must be congruent 8 modulo 16.
Thanks for the clarification, I misunderstood 16-byte stack alignment.
The problem seems to
On Mon, Apr 14, 2014, Tom Swirly via RT wrote:
We'd like to make sure that the libraries we're linking to are up-to-date.
Take a look at the postfix code: tls_check_version().
__
OpenSSL Project
While playing around with the DANE suppport in OpenSSL 1.1 I noticed
that the TLS handshake will fail if I specify an empty name:
SSL_dane_enable(ssl, "")
(AFAICT no name is needed for DANE-TA(2) RRs).
This can also be reproduced using
openssl s_client -servername "" ...
The error I'm getting
On Sat, Jan 16, 2016, Viktor Dukhovni wrote:
> On Sat, Jan 16, 2016 at 04:30:26AM -0800, Claus Assmann wrote:
> > SSL_dane_enable() may be called before the SSL handshake is
> > initiated with L<SSL_connect(3)> to enable DANE for that connection.
> > "may&q
On Sat, Jan 16, 2016, Viktor Dukhovni wrote:
> > Please try the two attached patches.
> Better version of the first patch.
Those solve the problem for me.
Thanks!
___
openssl-dev mailing list
To unsubscribe:
commit 7253fd550c768979ecd3df8f4dbbedd6e9dd76b0
diff --git a/crypto/conf/conf_lib.c b/crypto/conf/conf_lib.c
+/*
+ * These routines call the C malloc/free, to avoid intermixing with
+ * OpenSSL function pointers before the library is initialized.
+ */
+OPENSSL_INIT_SETTINGS
On Wed, Jan 20, 2016, Erik Forsberg wrote:
> seems util/clean-depend.pl is now broken if using Solaris cc compiler.
Just a confirmation that this isn't specific to that setup:
the same happens on OpenBSD (e.g., 5.3) with gcc.
> I get gazillions of 'Use of uninitialized variable in ' when
On Thu, Jan 21, 2016, Salz, Rich wrote:
> --- a/util/clean-depend.pl
> -while() {
> -my ($dummy, $file,$deps)=/^((.*):)? (.*)$/;
> +while(my $line = ) {
> +while ($line =~ /\\$/) { chop($line); chop($line); $line .= ; }
> +my ($dummy, $file,$deps)=$line =~ m/^((.*):)? (.*)$/;
Not for
On Thu, Jan 21, 2016, Salz, Rich wrote:
> Try this patch do util/domd
...
> else
> ${MAKEDEPEND} -D OPENSSL_DOING_MAKEDEPEND $@ && \
> -${PERL} $TOP/util/clean-depend.pl < Makefile > Makefile.new
> +sed -e 's# /\(\\.\|[^ ]\)*##g' -e '/: *$/d' -e '/^\(#.*\| *\)$/d' \
> +
Hmm, something is wrong with this new approach (or just on my machine?)
Several targets have been removed from Makefile and hence broke it:
--- crypto/Makefile-Thu Jan 21 08:48:08 2016
+++ crypto/Makefile Thu Jan 21 08:48:14 2016
@@ -1,4 +1,3 @@
-# Generated from Makefile.in, do not edit
SSL_get0_dane_authority() returns -1 on a reused TLS session
in my test program.
Is that
- expected?
- a problem with my test program?
- an error in SSL_get0_dane_authority()?
___
openssl-dev mailing list
To unsubscribe:
On Fri, Jan 22, 2016, Viktor Dukhovni wrote:
> > On Jan 22, 2016, at 7:35 PM, Claus Assmann wrote:
> > SSL_get0_dane_authority() returns -1 on a reused TLS session
> > in my test program.
> It is expected, but probably should be documented.
Thanks; is there any chance to
On Tue, May 10, 2016, Viktor Dukhovni wrote:
[looks like there are at least three different threads now?
hence I made the Subject a bit more generic.]
> > 34371851688:error:21075075:PKCS7 routines:PKCS7_verify:certificate verify
> > error:pk7_smime.c:328:Verify error:certificate has expired
>
make test fails on OpenBSD and FreeBSD (8.4):
CMS => PKCS#7 compatibility tests
signed content DER format, RSA key: verify error
*** Error 1 in test (Makefile:330 'test_cms')
more cms.err
Verification failure
34371851688:error:21075075:PKCS7 routines:PKCS7_verify:certificate verify
On Thu, Aug 04, 2016, Richard Levitte wrote:
> I suppose this depends on what shell is being used. I've attached a
/bin/ksh
> fix (apply with 'patch -p1 < unix-Makefile.tmpl.patch'), would you
> mind trying it out?
That works (I made those changes by hand to Makefile before).
--
openssl-dev
Happens on OpenBSD and Linux (similar error message):
*** Installing manpages
usage: tr [-cs] string1 string2
tr [-c] -d string1
tr [-c] -s string1
tr [-c] -ds string1 string2
Seems [A-Z] etc needs to be quoted, e.g.,
tr '[a-z]' '[A-Z]'
There are several places like this
Seems there are 4 functions, so don't explicitly mention the number:
diff --git a/doc/ssl/SSL_CTX_set_min_proto_version.pod
b/doc/ssl/SSL_CTX_set_min_proto_version.pod
index 8878514..3e9fe80 100644
--- a/doc/ssl/SSL_CTX_set_min_proto_version.pod
+++ b/doc/ssl/SSL_CTX_set_min_proto_version.pod
@@
On Mon, Jan 09, 2017, Leonard den Ottolander wrote:
> If one wants to indent directives space is normally inserted before the
> hash sign. I don't remember ever seeing directives being indented by
> adding white space between the hash sign and the directive.
Then you didn't look at source code
diff --git a/doc/ssl/SSL_CTX_set_info_callback.pod
b/doc/ssl/SSL_CTX_set_info_callback.pod
index 0b4affd..e1e96a9 100644
--- a/doc/ssl/SSL_CTX_set_info_callback.pod
+++ b/doc/ssl/SSL_CTX_set_info_callback.pod
@@ -20,7 +20,7 @@ SSL_CTX_set_info_callback() sets the Bcallback function,
that can be
based on spell(1) output.
diff --git a/doc/ssl/SSL_CONF_CTX_set_ssl_ctx.pod
b/doc/ssl/SSL_CONF_CTX_set_ssl_ctx.pod
index 4fc8f06..2049a53 100644
--- a/doc/ssl/SSL_CONF_CTX_set_ssl_ctx.pod
+++ b/doc/ssl/SSL_CONF_CTX_set_ssl_ctx.pod
@@ -14,12 +14,12 @@ SSL_CONF_CTX_set_ssl_ctx,
diff --git a/doc/ssl/SSL_CTX_dane_enable.pod b/doc/ssl/SSL_CTX_dane_enable.pod
index 66eb1b3..29fc4db 100644
--- a/doc/ssl/SSL_CTX_dane_enable.pod
+++ b/doc/ssl/SSL_CTX_dane_enable.pod
@@ -40,7 +40,7 @@ SSL_CTX_dane_mtype_set() may then be called zero or more
times to
to adjust the supported
The example uses "s" in some places instead of "ssl":
diff --git a/doc/ssl/SSL_CTX_dane_enable.pod b/doc/ssl/SSL_CTX_dane_enable.pod
index c3c203e..21788ad 100644
--- a/doc/ssl/SSL_CTX_dane_enable.pod
+++ b/doc/ssl/SSL_CTX_dane_enable.pod
@@ -210,9 +210,9 @@ the lifetime of the SSL connection.
diff --git a/doc/crypto/X509_LOOKUP_hash_dir.pod
b/doc/crypto/X509_LOOKUP_hash_dir.pod
index 680a9fd..7a5d684 100644
--- a/doc/crypto/X509_LOOKUP_hash_dir.pod
+++ b/doc/crypto/X509_LOOKUP_hash_dir.pod
@@ -24,7 +24,7 @@ lookup methods
B and B are two certificate
lookup methods to use with B,
Not sure whether this patch is right, but AFAICT SSL_get_session()
does not return a "Pointer to an SSL".
diff --git a/doc/ssl/SSL_get_session.pod b/doc/ssl/SSL_get_session.pod
index d360e8a..d8aa705 100644
--- a/doc/ssl/SSL_get_session.pod
+++ b/doc/ssl/SSL_get_session.pod
@@ -58,7 +58,7 @@ The
More spelling errors, and the text about "is sequentual number"
should probably be rewritten.
diff --git a/doc/crypto/X509_LOOKUP_hash_dir.pod
b/doc/crypto/X509_LOOKUP_hash_dir.pod
index 680a9fd..fab28b6 100644
--- a/doc/crypto/X509_LOOKUP_hash_dir.pod
+++ b/doc/crypto/X509_LOOKUP_hash_dir.pod
54 matches
Mail list logo