On 09.12.2009 19:16, Dr. Stephen Henson wrote:
OpenSSL CVS Repository
http://cvs.openssl.org/
Server: cvs.openssl.org Name: Dr. Stephen Henson
Root: /v/openssl/cvs
Resend, because it's not fixed yet.
Regards,
Rainer
On 09.12.2009 19:16, Dr. Stephen Henson wrote:
OpenSSL CVS Repository
http://cvs.openssl.org/
Server: cvs.openssl.org Name: Dr.
On 14.09.2011 17:27, Ladar Levison wrote:
On 9/13/2011 10:57 AM, Zaccone, Warren wrote:
There is also appears to be a critical issue. the config command
removed /dev/null. ON next reboot this causes Solaris 10 to be
unable to boot up.
# pwd
# ls -l /dev/null
lrwxrwxrwx 1 root root
the config script contains
414 # Only set CC if not supplied already
415 if [ -z $CROSS_COMPILE$CC ]; then
416GCCVER=`sh -c gcc -dumpversion 2/dev/null`
In our case we do set CC, but we do not cross compile. Since CC is
set, the -z test fails and consequently the GCCVER variable
Two compiler warnings (gcc 4.1.2) during compilation:
sparcv9cap.c: In function 'OPENSSL_cpuid_setup':
sparcv9cap.c:173: warning: unused variable 'sig'
It seems the line
173 int sig;
could simply be dropped.
apps.c: In function 'set_ext_copy':
apps.c:1306:
On 04.01.2012 03:16, Tim Rice wrote:
Some things came up attempting to build on OpenServer 5
.
gcc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include -fPIC
-DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DDSO_DLFCN -DHAVE_DLFCN_H -O3
-fomit-frame-pointer -DOPENSSL_BN_ASM_PART_WORDS
On 12.01.2012 15:54, Andy Polyakov wrote:
In addition one assembler warning (Solaris Sparc):
/usr/ccs/bin/as: sha512-sparcv9.s, line 676: warning: v8+ ABI
violation: illegal use of %i or %l register as rs1 in brnz,a instruction
What version is it? Solaris and assembler (as -V)?
% as -V
as:
On 13.01.2012 10:23, Andy Polyakov wrote:
I'll see how to work around the warning...
Great, thank's a lot. Happy to retest.
http://cvs.openssl.org/chngview?cn=22016.
I applied the change to the current 1.0.1 snapshot. The warning is gone
now, make test doesn't show any regression.
On 13.08.2012 18:10, Andy Polyakov wrote:
OpenSSL CVS Repository
http://cvs.openssl.org/
Server: cvs.openssl.org Name: Andy Polyakov
Root: /v/openssl/cvs Email:
This bug about an incompatibility of cms-test.pl with old Perl versions
has been fixed in 2011 for trunk by Andy (thanks!), but not been
backported to any release branch. I verified it today for 1.0.1 on
Solaris 8. It would be nice if the simple change could be applied to at
least some of the
One correction to self: no problem for 1.0.1, which had been fixed in
commit 8ca7d124304502158fba780eed293c4e3c5c1c71 Fixed Windows
compilation failure.
But 1.0.0 and 0.9.8 lack tha addition.
__
OpenSSL Project
When trying to build 1.0.2 beta 2 on Solaris I noticed, that the fix for
#3271 was incomplete. The same problem happened in 3 Makefiles for beta1
but only one was fixed for beta2.
The two files still broken are engines/Makefile and
engines/ccgost/Makefile. The solution applied to the top
Anyone? I created a pull request to make fixing easier:
https://github.com/openssl/openssl/pull/171
Thanks,
Rainer
Am 20.08.2014 um 20:46 schrieb Rainer Jung:
When trying to build 1.0.2 beta 2 on Solaris I noticed, that the fix for
#3271 was incomplete. The same problem happened in 3
Am 18.09.2014 um 20:03 schrieb Salz, Rich:
The default time comes from the gettimeofday() system call (see def_time_cb in
ts_rsp_sign.c).
I don't see any openssl bug here.
It does, but I agree with the OP: the *textual formatting* of the
fractional second in ./crypto/ts/ts_rsp_sign.c is
Am 19.09.2014 um 11:25 schrieb Rainer Jung:
Am 18.09.2014 um 20:03 schrieb Salz, Rich:
The default time comes from the gettimeofday() system call (see
def_time_cb in ts_rsp_sign.c).
I don't see any openssl bug here.
It does, but I agree with the OP: the *textual formatting* of the
fractional
Am 20.11.2014 um 23:35 schrieb Kurt Roeckx:
- Log -
commit e138d289a5639f166c2d1b62c421cbd9cb7b35f2
Author: Kurt Roeckx k...@roeckx.be
Date: Thu Nov 20 23:34:52 2014 +0100
Add a RewriteCond for each rule
As far as I
Am 21.11.2014 um 18:21 schrieb Rainer Jung:
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule openssl-(1\.\d\.\d|fips).*) old/$2/openssl-$1 [L]
Ahem, I forgot one opening (:
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule openssl-((1\.\d\.\d|fips).*) old/$2/openssl-$1 [L
Am 11.02.2015 um 20:30 schrieb Andy Polyakov:
The branch master has been updated
via dda8199922f9d52087d2c41b22a61eb4f9671385 (commit)
via c79e17731f462d6d42b917027a7085c0f59a2214 (commit)
from b7c9187b32a14b5b4a850161aed5c044d2130d5a (commit)
- Log
Am 12.02.2015 um 12:00 schrieb Andy Polyakov:
diff --git a/crypto/evp/c_allc.c b/crypto/evp/c_allc.c
index 174a419..7ae36d7 100644
--- a/crypto/evp/c_allc.c
+++ b/crypto/evp/c_allc.c
@@ -245,5 +245,8 @@ void OpenSSL_add_all_ciphers(void)
EVP_add_cipher(EVP_camellia_256_ofb());
Hello everyone,
I sent a mail to r...@openssl.org 3 days ago, subject OpenSSL 1.0.2 make
test bus error in evp_test (Solaris 10 Sparc, sun4u).
The mail didn't create a new ticket in RT, nor was it forwarded to the
dev list.
Should I resend or simply be more patient?
Thanks and regards,
Am 30.03.2015 um 09:51 schrieb John Denker via RT:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Contrast the following two examples:
#1:
time : | openssl s_client -connect www.openssl.org:443 /dev/null
real0m0.545s
user0m0.000s
sys 0m0.000s
#2:
time : | openssl s_client -quiet
Am 30.03.2015 um 10:27 schrieb Rainer Jung:
So this probably works as designed and when just running
openssl s_client -connect www.openssl.org:443
Oups, I meant:
openssl s_client -quiet -connect www.openssl.org:443
you shouldn't notice CPU hogging. Why -ign_eof is set as a side effect
Am 10.02.2015 um 21:30 schrieb Matt Caswell:
On 10/02/15 19:23, Rainer Jung wrote:
Hello everyone,
I sent a mail to r...@openssl.org 3 days ago, subject OpenSSL 1.0.2 make
test bus error in evp_test (Solaris 10 Sparc, sun4u).
The mail didn't create a new ticket in RT, nor was it forwarded
Am 24.02.2015 um 22:14 schrieb Andy Polyakov:
Basically I just want to say good analysis and confirm that yes,
everything points at compiler bug. I also don't sent this to rt, but to
openssl-dev, in order to prevent case reopen.
Looking at disassembly around CRYPTO_ccm128_decrypt+532 (decimal
Am 10.04.2015 um 18:28 schrieb Viktor Dukhovni:
The branch master has been updated
via 34b0a927ab5c9232bcf864d524a9bf2558411700 (commit)
from e71cecd551f1d8beca20681184d94f7000a5e333 (commit)
- Log -
commit
Am 09.06.2015 um 18:43 schrieb Bill Cox:
On Tue, Jun 9, 2015 at 9:38 AM, Salz, Rich rs...@akamai.com
mailto:rs...@akamai.com wrote:
Zooko only asked for supporting Blake2 as an MD5 replacement, but he's
being too modest. I can't stress enough how important the speed of Blake2
The
Am 22.06.2015 um 21:49 schrieb Rich Salz:
The branch master has been updated
via 75ba5c58c6b3b3326a6c3198100830afa120e7c3 (commit)
from 389ebcecae2575188a4ff9566389ce694352be43 (commit)
- Log -
commit
The release notes mentioned and linked in all of the four release
announcements still contain stale text:
https://www.openssl.org/news/openssl-1.0.2-notes.html
https://www.openssl.org/news/openssl-1.0.1-notes.html
https://www.openssl.org/news/openssl-1.0.0-notes.html
Am 22.05.2015 um 18:32 schrieb Nayna Jain:
Ok, I think this is what I didn't know. I was using openssl 1.0.1g client.
I still didn't have openssl 1.0.2 .
If it were trivial I think showing the temp key size would be a welcome
backport to 1.0.1 before the next release. It is very useful in
Am 12.11.2015 um 22:20 schrieb Andy Polyakov via RT:
Hi,
I just found out that building with at least with the French
locale the AVX code is missing. The problem is this code in
crypto/sha/asm/sha1-x86_64.pl:
if (`$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
Hi,
the list of downloadable files on http://openssl.org/source/ contains
pre1 *and* pre2 files for 1.1. Furthermore pre1 is listed above pre2.
IMHO pre2 is what people should test and pre1 is no longer entitled to
be listed on that page. So I suggest to remove pre1 from the list.
I don't
Am 08.02.2016 um 13:34 schrieb Matt Caswell:
On 08/02/16 12:11, Rainer Jung wrote:
I'm adding support for OpenSSL 1.1.0 to the Apache web server.
I struggle to migrate the renegotiation code in the case wehere we want
the client to send a client cert. The current code works like explained
I'm adding support for OpenSSL 1.1.0 to the Apache web server.
I struggle to migrate the renegotiation code in the case wehere we want
the client to send a client cert. The current code works like explained in
http://www.linuxjournal.com/node/5487/print
After using SSL_set_verify() it
The constant SSL_R_HTTP_REQUEST is still defined, but I can't find code
that sets it and practical experiments indicate it is no longer set.
In Apache land we use it to detect "HTTP spoken on HTTPS port". OpenSSL
1.0.2 has code in ssl23_get_client_hello() that checks read bytes
against
Hi there,
reading the last advisory again, I noticed, that there's one logical
inconsistency.
First:
OpenSSL before 1.0.2f will reuse the key if:
...
- Static DH ciphersuites are used. The key is part of the certificate
and so it will always reuse it. This is only supported in 1.0.2.
and
Am 03.02.2016 um 00:30 schrieb Kurt Roeckx:
On Tue, Feb 02, 2016 at 10:34:32PM +0100, Rainer Jung wrote:
Hi there,
reading the last advisory again, I noticed, that there's one logical
inconsistency.
First:
OpenSSL before 1.0.2f will reuse the key if:
...
- Static DH ciphersuites are used
Am 17.02.2016 um 19:51 schrieb Salz, Rich:
*header = c;
+header++;
Header isn't used after that assignment. How does this line change anything?
The call to load_iv() that occurs next, has as its first argument
header_pp which is a pointer to header:
char **header_pp =
Am 08.02.2016 um 15:26 schrieb Matt Caswell:
On 08/02/16 13:45, Tomas Mraz wrote:
On Po, 2016-02-08 at 12:34 +, Matt Caswell wrote:
On 08/02/16 12:11, Rainer Jung wrote:
Renegotiation isn't entirely within the control of the server. A
server
can request that a renegotiation takes place
Am 18.03.2016 um 17:49 schrieb Richard Levitte via RT:
Vid Fre, 18 Mar 2016 kl. 16.34.05, skrev rainer.j...@kippdata.de:
I had the same problem. /bin/sh on Solaris does not understand the "-
nt"
operator used in the definition of the "depend" target in the top-
level
Makefile, e.g. in line
if
Am 13.03.2016 um 14:34 schrieb Richard Moore:
I'm currently testing the new release by trying to port Qt to use it
(with the compatibility stuff disabled). Here are the first problems
I've hit:
How do we get the certificate serial number? We were doing
x509->cert_info->serialNumber to get it as
Am 13.03.2016 um 23:42 schrieb Richard Moore:
By the way, the serial number accessors are missing from the docs too or
is that just a problem with the website?
Fixed by Steve today as
https://github.com/openssl/openssl/commit/bae26b582e6cbff4bce5edc46907e6f331bc19e5.
Regards,
Rainer
--
Am 09.03.2016 um 22:53 schrieb Richard Levitte:
The branch master has been updated
via 64b9d84bfd0da0305a1df9b97ffbdc3898f59e62 (commit)
from 2b8fa1d56cd3a41d666994a1b2ed9df0f5e5d1ec (commit)
- Log -
commit
Am 18.03.2016 um 19:33 schrieb Richard Levitte via RT:
Vid Fre, 18 Mar 2016 kl. 18.07.31, skrev rainer.j...@kippdata.de:
Am 18.03.2016 um 17:49 schrieb Richard Levitte via RT:
Vid Fre, 18 Mar 2016 kl. 16.34.05, skrev rainer.j...@kippdata.de:
I had the same problem. /bin/sh on Solaris does not
Hi Richard,
Am 19.03.2016 um 12:49 schrieb Richard Levitte via RT:
So I'm wondering, what happens if you apply the attached patch?
Works like a charm, tested on Solaris 10 Sparc doing a 32bit build and a
64bit build. The intermediate ".s" (lower case) file no longer gets
generated and
I had the same problem. /bin/sh on Solaris does not understand the "-nt"
operator used in the definition of the "depend" target in the top-level
Makefile, e.g. in line
if [ Makefile -nt Makefile ] ...
and elsewhere.
From "man test" on Solaris:
...
file1 -nt file2 True if file1
Am 20.03.2016 um 15:07 schrieb Kiyoshi KANAZAWA via RT:
With patch for #,
% mkdir /tmp/install_check
% ./config --prefix=/tmp/install_check
:
Configured for solaris64-x86_64-gcc.
% make
(passed)
% make test
(passed)
% make install
:
install openssl.pc ->
Am 20.03.2016 um 16:46 schrieb Kiyoshi KANAZAWA via RT:
Hello,
Yes, ENGINES in the top level Makefile is empty.
22: LIBS=libcrypto.a libssl.a
23: SHLIBS=
24: ENGINES=
25: PROGRAMS=apps/openssl
OK, that explains the error, because the install_engines target then
contains
file:251: recipe for target 'install_engines' failed
make: *** [install_engines] Error 2
Regards,
--- Kiyoshi <yoi_no_myou...@yahoo.co.jp>
- Original Message -
From: Rainer Jung via RT <r...@openssl.org>
To: yoi_no_myou...@yahoo.co.jp
Cc: openssl-dev@openssl.org
Date:
Am 03.03.2016 um 18:51 schrieb Erik Forsberg:
I have been having 32-bit only test failures from test_ca
for quite a while now on Solaris 10 (1.1.pre), Finally figured
out what is wrong.
I build both 32-bit and 64-bit libraries.
My /usr/local/bin/perl is always 64-bit,
used to be required for
OpenSSl 1.1.0 pre 3 on Solaris 10 Sparc using GCC 4.9.3 but Solaris
linker and assembler
% /usr/ccs/bin/as -V
/usr/ccs/bin/as: SunOS 5.10 118683-08 Patch 07/05/2012
% /usr/ccs/bin/ld -V
ld: Software Generation Utilities - Solaris Link Editors: 5.10-1.497
When linking other software against
Am 10.05.2016 um 21:54 schrieb Richard Levitte via RT:
I understand this part. What I'm questioning is the need to set PERL to
"/usr/bin/env perl" to begin with. It's practically not different at all from
setting it to just "perl", all this does is that any time the environment
variable PERL is
Am 10.05.2016 um 15:29 schrieb Richard Levitte via RT:
On Tue May 10 13:18:22 2016, matt wrote:
Makefile.in doesn't exist any more. Ping Richard Levitte - does
anything need
to be done for the new build system?
The run_tests.pl line in Configurations/unix-Makefile.tmpl would still need
that
I get a core dump during test execution for 1.1.0-pre5. Test is
test/recipes/70-test_sslskewith0p.t, platform is Solaris 10 Sparc.
The crash happens in BN_num_bits() (crypto/bn/bn_lib.c:211), because it
is called with a NULL argument, which is then dereferenced.
The call comes from
The change
https://github.com/openssl/openssl/commit/5384d1e4ebd58f31a06b2f5d1f6c4b28f63d72ed
introduced a typo in the last line of file crypto/camellia/build.info.
Fix is:
--- crypto/camellia/build.info 2016-03-16 19:18:09.0 +0100
+++ crypto/camellia/build.info 2016-04-19
Output during "make install":
Cannot find "BIO_gets" in podpath: cannot find suitable replacement
path, cannot resolve link
Cannot find "BIO_callback_ctrl" in podpath: cannot find suitable
replacement path, cannot resolve link
Cannot find "DSA_SIG_new3)" in podpath: cannot find suitable
When building OpenSSL 1.1.0 pre 5 or pre 6 on Sparc I get:
/usr/ccs/bin/as: "crypto/ec/ecp_nistz256-sparcv9.s", line 4811: warning:
stack alignment problem; second operand is not a multiple of 8
/usr/ccs/bin/as: "crypto/ec/ecp_nistz256-sparcv9.s", line 5063: warning:
stack alignment problem;
The following change introduced build problems:
Am 25.04.2016 um 11:51 schrieb Andy Polyakov:
The branch master has been updated
via 299ccadcdb99001c618d188fb243c1c86a1c (commit)
from a82a9f71ad0149380a680cae4c0cc693e6324679 (commit)
- Log
The below change doesn't work, because "can_load" must be used differently.
When running on SLES 11 which contains perl 1.10.0 (and thus no
TAP::Harness module), run_tests.pl gives:
Can't locate object method "new" via package "TAP::Harness" (perhaps you
forgot to load "TAP::Harness"?) at
Verified, still open: explicitely checked for 1.0.1-beta2 and 1.0.0g,
code in trunk is the same. 0.9.8 doesn't contain the problematic parts.
The define _POSIX_C_SOURCE 2 was added in
http://cvs.openssl.org/chngview?cn=14636
and slightly improved in
http://cvs.openssl.org/chngview?cn=18152
Sparc assembler warning
/usr/ccs/bin/as: sha512-sparcv9.s, line 676: warning: v8+ ABI
violation: illegal use of %i or %l register as rs1 in brnz,a instruction
on Solaris.
Fixed in trunk, please backport
http://cvs.openssl.org/chngview?cn=22016
to 1.0.1 and 1.0.0.
Regards,
Rainer
Warning when building 1.0.1-beta2:
Use of uninitialized value $output in pattern match (m//) at
asm/md5-x86_64.pl line 115.
Code looks like:
111 my $flavour = shift;
112 my $output = shift;
113 if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
114
115 my $win64=0; $win64=1 if
Fixed today for trunk and 1.0.1, still open for 1.0.0.
See
http://cvs.openssl.org/chngview?cn=22117
and
http://cvs.openssl.org/chngview?cn=22118
Also tracked as PR 2717:
http://rt.openssl.org/Ticket/Display.html?id=2717
Not yet backported to 1.0.0.
Regards,
Rainer
File test/testssl in branches 0.9.8 and 1.0.0 contains the line
if [ $protocol == SSLv3 ] ; then
for 1.0.1, 1.0.2 and master it is:
if [ $protocol = SSLv3 ] ; then
The script is executed by /bin/sh and the == syntax is not supported
for all basic shells, e.g. not on Solaris. Other
Change
http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b3ef742cbbc1c8bf0e33dca60f08c65031647b07
broke make install on Solaris. Error message:
/bin/sh: !: not found
The new syntax
- if [ $(PLATFORM) != Cygwin ]; then \
+ if ! expr $(PLATFORM) : Cygwin /dev/null; then \
introduced
File ssl/s3_pkt.c uses INT_MAX since May 19th. This macro is defined in
limits.h which is not included in s3_pkt.c.
Some platforms have INT_MAX defined even without the include - like
Linux - others not - like Solaris.
Similar files like e.g. ssl/s3_both.c already include limits.h.
The problem
Commit 989d87cb1a174a951efd829ff6b2f68a322f9df8 for 1.0.1 was shortly
after improved by commit dac3654e2d89d43807e7b8e4b9da86ae1d33fe2b. It
changed s-s3-wnum INT_MAX to s-s3-wnum = INT_MAX (lower or
equals instead of lower than).
The backports to 1.0.0 and 0.9.8 only contained the first commit,
Am 30.03.2015 um 09:51 schrieb John Denker via RT:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Contrast the following two examples:
#1:
time : | openssl s_client -connect www.openssl.org:443 /dev/null
real0m0.545s
user0m0.000s
sys 0m0.000s
#2:
time : | openssl
2nd attempt. First sent on Feb 7th.
I get a failure for 1.0.2 running make test on Solaris 10.
It might be related to #3688, but I don't think so.
Mine is a sun4u machine, so neither T2 nor T4.
Compilation done with gcc 4.9.1 with v9 target.
Failure is a bus error in evp_test.
gdb shows the
File doc/crypto/d2i_ECPKParameters.pod starts with
=pod
=head1 NAME
d2i_ECPKParameters, i2d_ECPKParameters, d2i_ECPKParameters_bio,
i2d_ECPKParameters_bio, d2i_ECPKParameters_fp,
i2d_ECPKParameters_fp(fp,x), ECPKParameters_print,
ECPKParameters_print_fp - Functions for decoding and encoding
The script test/testssl uses the local keywork in test_cipher() since
commit
https://github.com/openssl/openssl/commit/e8356e32aed70d139eae2d05aeaeb160509262aa
(master, merged at least to 1.0.1 and 1.0.2).
This keyword is non-POSIX but the script is supposed to be run with
/bin/sh. E.g. on
Some build configurations for gcc on Sparc use the outdated gcc switch -mv8.
The switch was deprecated at least back for gcc 2.95.2 in October 1999
([1][2]). GCC 4 does no longer support the -mv8 switch but instead now
you have to use the switch that was already preferred for version
2.95.2:
Am 12.11.2015 um 22:20 schrieb Andy Polyakov via RT:
> Hi,
>
>> I just found out that building with at least with the French
>> locale the AVX code is missing. The problem is this code in
>> crypto/sha/asm/sha1-x86_64.pl:
>> if (`$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
>>
Trying to build OpenSSL 1.1.0-pre1 on Solaris 10 Sparc I got the
opportunity to get some insight in the perl requirements especially for
running the new OpenSSL test suite. Solaris 10 Sparc comes with perl
5.8.4 which suffices to build OpenSSL, but not for running the test suite.
Current Docs
OpenSSL 1.1.0 Pre 1
Platform: Sparc Solaris 10
Compiler: GCC 4.9.3
Warnings:
e_des.c: In function 'des_init_key':
e_des.c:239:29: warning: assignment from incompatible pointer type
dat->stream.cbc = enc ? des_t4_cbc_encrypt :
des_t4_cbc_decrypt;
^
Building 1.1.0-pre2 on Solaris Sparc I get compilation errors, e.g.
e_des.c: In function 'des_init_key':
e_des.c:250:23: error: dereferencing pointer to incomplete type
int mode = ctx->cipher->flags & EVP_CIPH_MODE;
The following patch fixes them:
Index: crypto/evp/e_camellia.c
---
OpenSSL 1.1.0 produces the error
SSL_CTX_set_mode.pod:101: Unknown command paragraph "=="
during "make install".
It looks like line 101 is indeed an unintended addition introduced by
https://github.com/openssl/openssl/commit/bc8857bf70f5428bc2f0d26162ed59e3abb11fb1
The error does
Using OpenSSL 1.1.0pre2 I see renegotiation problems between s_client
and s_server (but also in Apache mod_ssl).
First starting:
s_server -cert server.crt -key server.pem -accept 8443 -debug -state
Using default temp DH parameters
ACCEPT
Now starting
s_client -connect localhost:8443
Hi there,
I built OpenSSL 1.1.0-pre3 with
PERL="/usr/bin/env perl"
This has the nice effect, that any generated perl artefact that itself
uses perl via the "#!" notation contains
#!/usr/bin/env perl
and not the perl path to which "/usr/bin/env perl" resolves during build
time on the
Change
https://github.com/openssl/openssl/commit/33a6d5a0e565e08758bcb6af456ec657c3a7a76a
introduced a bug in crypto/pem/pem_lib.c function
PEM_get_EVP_CIPHER_INFO(). One line was removed that is actually needed.
The following patch fixes it:
--- crypto/pem/pem_lib.c 2016-02-15
Am 17.02.2016 um 19:51 schrieb Salz, Rich:
>
>>*header = c;
>> +header++;
>
> Header isn't used after that assignment. How does this line change anything?
The call to load_iv() that occurs next, has as its first argument
header_pp which is a pointer to header:
char **header_pp =
Running the Apache test suite for Apache 2.4 with OpenSSL 1.1.0
adjustments, I get
error:14180044:SSL
routines:tls_post_process_client_key_exchange:internal error
The error is triggered in tls_post_process_client_key_exchange() file
ssl/statem/statem_srvr.c which checks
Hi there,
please find attached a patch proposal to reintroduce the HTTP-on-HTTPS
detection for OpenSSL 1.1.0. The feature is present until 1.0.2, but
although the error codes are still in the 1.1.0 header files, the
detection is gone.
Comments welcome!
Regards,
Rainer
--
Ticket here:
Am 18.03.2016 um 17:49 schrieb Richard Levitte via RT:
> Vid Fre, 18 Mar 2016 kl. 16.34.05, skrev rainer.j...@kippdata.de:
>> I had the same problem. /bin/sh on Solaris does not understand the "-
>> nt"
>> operator used in the definition of the "depend" target in the top-
>> level
>> Makefile,
Errors during make install:
Cannot find "EXAMPLES" in podpath: cannot find suitable replacement
path, cannot resolve link
Cannot find "X509_STORE_set_default_paths" in podpath: cannot find
suitable replacement path, cannot resolve link
Cannot find "SSL_pending()" in podpath: cannot find
The following line in Configurations/unix-Makefile.tmpl is non
standards-conforming and breaks using Solaris sed:
...
sed -e ':a;{N;s/\n/ /;ba}' | \
...
The man page tells me, Solaris sed mandatory needs a newline before the
closing "}". The above construct throws errors when
Hi Richard,
Am 19.03.2016 um 12:49 schrieb Richard Levitte via RT:
> So I'm wondering, what happens if you apply the attached patch?
Works like a charm, tested on Solaris 10 Sparc doing a 32bit build and a
64bit build. The intermediate ".s" (lower case) file no longer gets
generated and
Works here. No more "-nt" error, no warnings or other STDERR output.
Tested on Solaris 10 Sparc using GCC doing a 32 bit build and another 64
bit build. Builds succeed, tests pass.
Am 19.03.2016 um 12:34 schrieb Richard Levitte via RT:
> Fixed in commit 243a98d4a03a411dfe6db727dbf90adbfa2e7474.
Am 18.03.2016 um 19:33 schrieb Richard Levitte via RT:
> Vid Fre, 18 Mar 2016 kl. 18.07.31, skrev rainer.j...@kippdata.de:
>> Am 18.03.2016 um 17:49 schrieb Richard Levitte via RT:
>>> Vid Fre, 18 Mar 2016 kl. 16.34.05, skrev rainer.j...@kippdata.de:
I had the same problem. /bin/sh on Solaris
When building OpenSSL 1.1.0 pre4 on Solaris Sparc for 64 Bits I get an
error, because before building crypto/bn/sparcv8plus.o first generates
crypto/bn/asm/sparcv8plus.s from crypto/bn/asm/sparcv8plus.S with the
following command
gcc -E crypto/bn/asm/sparcv8plus.S >
Am 20.03.2016 um 15:07 schrieb Kiyoshi KANAZAWA via RT:
> With patch for #,
>
>
> % mkdir /tmp/install_check
> % ./config --prefix=/tmp/install_check
>
> :
> Configured for solaris64-x86_64-gcc.
>
> % make
> (passed)
>
> % make test
> (passed)
>
> % make install
> :
> install
Am 20.03.2016 um 16:46 schrieb Kiyoshi KANAZAWA via RT:
> Hello,
>
> Yes, ENGINES in the top level Makefile is empty.
>
> 22: LIBS=libcrypto.a libssl.a
> 23: SHLIBS=
> 24: ENGINES=
> 25: PROGRAMS=apps/openssl
OK, that explains the error, because the install_engines target then
I had the same problem. /bin/sh on Solaris does not understand the "-nt"
operator used in the definition of the "depend" target in the top-level
Makefile, e.g. in line
if [ Makefile -nt Makefile ] ...
and elsewhere.
From "man test" on Solaris:
...
file1 -nt file2 True if file1
Installing engines
> XENGINES=X
> /bin/sh: syntax error at line 2: `;' unexpected
> Makefile:251: recipe for target 'install_engines' failed
> make: *** [install_engines] Error 2
>
>
>
> Regards,
>
> --- Kiyoshi <yoi_no_myou...@yahoo.co.jp>
>
>
>
> ---
The change
https://github.com/openssl/openssl/commit/5384d1e4ebd58f31a06b2f5d1f6c4b28f63d72ed
introduced a typo in the last line of file crypto/camellia/build.info.
The fix is:
--- crypto/camellia/build.info2016-03-16 19:18:09.0 +0100
+++ crypto/camellia/build.info2016-04-19
Am 10.05.2016 um 21:54 schrieb Richard Levitte via RT:
> I understand this part. What I'm questioning is the need to set PERL to
> "/usr/bin/env perl" to begin with. It's practically not different at all from
> setting it to just "perl", all this does is that any time the environment
> variable
Am 10.05.2016 um 15:29 schrieb Richard Levitte via RT:
> On Tue May 10 13:18:22 2016, matt wrote:
>> Makefile.in doesn't exist any more. Ping Richard Levitte - does
>> anything need
>> to be done for the new build system?
>
> The run_tests.pl line in Configurations/unix-Makefile.tmpl would still
96 matches
Mail list logo