ctive? -unknown Beware
> https://mindspring.com
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
tps://wiki.openssl.org/index.php/OpenSSL_3.0 ("unable to connect")
>
> The urls above do not seem to work. Is this a consequence with the
> recent release withdrawal?
>
> The main web page, www.openssl.org, seems to work as normal.
>
> -James M
>
--
Ric
ng any bells with anyone? Again, apologies if this is answered
> elsewhere - I *did* spend some time in Google but couldn't find anything that
> seemed relevant.
>
> Thanks in advance for any advice.
>
> Cheers!
>
> -- David --
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
hout the
> global system? Or is there a general (all system) fix for this?
> Another problem is Python 3.10.6 requires a OpenSSL 1.1.1 or
> newer. Can I link my Python virtual machine to the openssl virtual
> machine? Your comments are appreciated.
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
> all work well.
>
> https://github.com/openssl/openssl/blob/b19fcc66d382357617744690dc3363947de2cb6f/doc/man3/OSSL_PROVIDER.pod
>
> So, copying legacy.so and adding an environment variable can be an option.
> Before going with the option, I want to confirm whether inc
Before, ASN1_TIME),
> ASN1_SIMPLE(TPM_PARTIAL_CERT_VALIDITY, notAfter, ASN1_TIME),
> } ASN1_SEQUENCE_END(TPM_PARTIAL_CERT_VALIDITY)<<<< line 97 is here
>
> certifyx509.c:97: warning: no previous prototype for
> 'TPM_PARTIAL_CERT_VALIDITY_it'
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
led by default because it doesn't add
any security."
I'm sure this can be debated, but that's at least an explanation.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
ws 10, with Visual Studio 2017 and 2019. It is released under the
> Apache-2.0 license.
>
> Any feedback is welcome, please send it to me or open an issue on GitHub.
>
> Best regards,
> Reinier
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
have access to
> nmake.exe.
>
> !IF "$(DESTDIR)" != ""
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
this, as we can probably assume that it's a corporate
filter that automagically adds those.
And oh boy! openssl-users having almost 3000 subscribers, that's
quite a lot of people to chase down and ensure they have destroyed all
copies, I tell ya! "Good luck" is probably an appropriate response
On Tue, 22 Jun 2021 21:58:30 +0200,
Michael Richardson wrote:
>
> Richard Levitte wrote:
> >> But, having both "libssl-dev" and "libssl3-dev" installed at the same
> >> time is going to be a problem.
>
> > Not really.
" and "libcrypto3". Yeah, maybe that's uncool,
> but it may be pragmatic.
It's not at all pragmatic, let alone not at all cool, seeing that
libssl3 isn't ours. I hope you understand this at this point.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
nc. and its Affiliates that is confidential and/or proprietary for the sole
> use of the intended
> recipient. Any review, disclosure, reliance or distribution by others or
> forwarding without
> express permission is strictly prohibited. If you are not the intended
> recipie
t;EVP_PKEY_decrypt".
I believe that one of these functions would help you:
EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_pkey(OSSL_LIB_CTX *libctx,
EVP_PKEY *pkey, const char *propquery);
Cheers,
Richard
--
Richar
Hmmm, I have never seen that (apart from in one of my own development branches,
but that never reached the main source).
If you want anyone to look into it, it would be a good idea to show us what
your configuration is. The output from this command is recommended:
perl configdata.pm -d
>36:d=4 hl=2 l= 9 cons: SEQUENCE
>38:d=5 hl=2 l= 3 prim: OBJECT:countryName
>
> From https://tools.ietf.org/html/rfc5280#section-4.1.1.2, It isn't clear
> if NULL parameters
> can be completely omitted or if it should still have N
ca
> Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist
> rising!
> Look at Psalms 14 and 53 on Atheism https://www.empire.kred/ROOTNK?t=94a1f39b
>
> Born 29 Jan 1969 Redhill, Surrey, UK
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
n't see that any of us will protest if someone chooses to
chip in and add such support, at least in our providers [*]
-
[*] in other words, PR welcome... I believe that the RSA-PSS work
can be a good enough template that RSA-OAEP key support doesn't
have to be too hard to do.
Cheers,
9) and Australia (25 Dec 2019 to 9 Jan 2020):
>
> [1] https://tdtemcerts.wordpress.com/
>
> [2] https://tdtemcerts.blogspot.sg/
>
> [3] https://www.scribd.com/user/270125049/Teo-En-Ming
>
> -END EMAIL SIGNATURE-
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
o resolve this , Might I have missed something during configure &
> compilation ??
> fwiw: have given "./configure gcc" & same was given when we had
> upgraded to 1.0.2 from
> previous versions long ago.
>
> Thanks,
> Prud.
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
he
normal object files that are used to build up libraries and
applications, and are produced in OpenSSL before 1.1.0 as well.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
s soon as possible.
> > To report a bug, open an issue on GitHub:
> >
> > https://github.com/openssl/openssl/issues
> >
> > Please check the release notes and mailing lists to avoid duplicate
> > reports of known issues. (Of course, the source is also avai
Fixed!
On Sat, 04 Jul 2020 23:35:28 +0200,
Richard Levitte wrote:
>
> Hmmm... I can see issues over IPv4 from my laptop, but it works
> flawlessly over iPv6, as well as from the VMS machines I've access to
> (over IPv4). Not sure what's going on there.
>
> The Doctor, woul
been stablility issues lately?
> >
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
nfiguration.
We do produce alongside static libraries alongside the DLLs since
1.1.1: libcrypto_static.lib.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
o Code, the Shining Light openssl
> build and the openssl crate.
>
> Does anyone have experience getting this to link?
>
> Environment variables?
> cargo.toml
> anything else?
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
On Thu, 18 Jun 2020 09:25:43 +0200,
Hal Murray wrote:
>
> In the context of making things go fast/clean, do I need a reset? If so, why?
No. I sent another message where I pointed out that I made a mistake
when saying so.
--
Richard Levitte levi...@openssl.org
OpenSSL P
hat engine doesn't implement it. In other words,
you do have this situation in 1.1.1 as well, just less obviously.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
On Thu, 18 Jun 2020 08:27:13 +0200,
Richard Levitte wrote:
>
> I think 16k was enough to demonstrate that the timing difference
> becomes more marginal the larger the amount of data to encrypt in the
> same session is.
>
> This makes me think that we might want to rethink t
16384 16 25462 25.462 581f7b133ad6f3697f33c3f836fdb6e6
> EVP_MAC with Preload cipher and key
> AES-128 16 16384 16 24567 24.567 581f7b133ad6f3697f33c3f836fdb6e6
>
>
>
> --
> These are my opinions. I hate spam.
>
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
16170 0.170 475ac1c053379e7dbd4ce80b87d2178e
> AES-192 24 48 16182 0.182 c906422bfe0963de6df50e022b4aa7d4
> AES-256 32 48 16196 0.196 991f4017858de97515260dd9ae440b06
>
>
>
> --
> These are my opinions. I hate spam.
>
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
e set of functions EVP_DigestSign*.
Attached is the diff of your program, rewritten to use that.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
===File /tmp/pkey.c.diff
--- /home/levitte/tmp/pk
ent in EVP_MAC_xxx?
>
> ---
>
> I found the params stuff, but that's new in 3.0.0
> How do I do it in 1.1.1 or earlier?
In 1.1.1 and earlier, there is a different idea, using EVP_PKEY
routines to "sign" with a MAC. We have a EVP_PKEY to EVP_MAC bridge
in 3.0.0 to bridge the
p with a BIO
method that supports whatever file API that UWP supports.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
example:
perl Configure VC-WIN64I no-asm
Also, just in case you made a mistake and are running on a regular
x86_64 CPU (Intel or AMD, doesn't matter), you should use the config
target 'VC-WIN64A' instead of 'VC-WIN64I'.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
any
> OpenSSL 3.0 sanctionned, EVP_PKEY-based way to crypt using a private
> key and decrypt using a public key?
Yes, see above. Those functions have been around for a while, I think
you can start playing with them in any current OpenSSL version.
Cheers,
Richard
--
Richard Levitte
and
> specify the same
> order as the TC1, but if you're curious you can chase them down by looking up
> IANA's list of media
> types and searching for "application/pkix-pkipath".
>
> -Kyle H
>
> On Fri, May 22, 2020, 00:55 Richard Levitte wrote:
>
> Generally
>
> The Question) How do I get all the certs in the .der file?
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
becomes
part of libcrypto, in an inaccessible state (in other words, you still
have to "load" it).
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
remember if it was
discussed in particular... it might simply be an omission.
All that being said, DH_bits() was undeprecated yesterday. See
https://github.com/openssl/openssl/pull/11669
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
ithm you are trying to use isn't available in
> >> > the loaded providers. Since you should be getting the default provider
> >> > loaded automatically it could be because some legacy algorithms were
> >> > moved to the legacy provider (MD2, MD4, MDC2, RMD160, CAST5, BF
> >> > (Blowfish), IDEA, SEED, RC2, RC4, RC5 and DES (but not 3DES)). If you're
> >> > using something from that list then that would explain it.
> >>
> >> Can we add the legacy provider, via configuration, or via code?
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
ssl-3/include/openssl/safestack.h:135:29: note: expanded
> from macro 'DEFINE_STACK_OF'
> # define DEFINE_STACK_OF(t) SKM_DEFINE_STACK_OF(t, t, t)
> ^
> /Users/ur20980/openssl-3/include/openssl/safestack.h:84:21: note: expanded
> from macro 'SKM_DEFINE_STACK_OF'
> return (t2 *)OPENSSL_sk_pop((OPENSSL_STACK *)sk); \
> ^
> fatal error: too many errors emitted, stopping now [-ferror-limit=]
>
> --
> Regards,
> Uri
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
.h before ssl.h. Is this intentional or a bug?
>
> It's easy enough for me to fix this in my source code, but other
> packages that rely upon openssl break with "ssl.h is unusable" errors
> due of this change (OpenLDAP is one such example).
>
> Norm Green
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
terns there
with the attribute 'export-ignore'. Those are files that don't make
it into the tarball.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
3_config.pod says to append the numeric, as in
>
> email.1 = steve@here
>
> email.2 = steve@there
>
> I believe the second form is correct. Can anyone confirm?
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
le for RV64 from an x86 machine.
>
> On Mon, Mar 9, 2020 at 3:12 PM Scott Neugroschl wrote:
>
>
>
> Is the “no-asm” configuration option still supported?
>
>
>
> From: openssl-users On Behalf Of
> Kristin Barber
> Sent:
o tries this will have to be
prepared for it to take a while to get into the main source.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
irectly?
>
> Many thanks,
> Eran
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
rnational This is doctor@@nl2k.ab.ca Ici
> doctor@@nl2k.ab.ca
> Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist
> rising!
> https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism
> Merry Christmas 2019 and Happy New Year
gt; MD5(stdin)= 61a08703a6a4c774cad650afaedd9c10
>
> $ echo "shoot" | openssl3 dgst -md5 -engine emd5
>
> engine "emd5" set.
>
> Error setting digest
>
> C0:05:98:0C:01:00:00:00:error:digital envelope
> routines:EVP_DigestInit_ex:initialization
t.o:(cipher_overhead)
> cc: error: linker command failed with exit code 1 (use -v to see invocation)
> *** Error 1 in . (Makefile:8181 'test/cipher_overhead_test')
> *** Error 1 in [[path removed]]/openssl-1.1.1d (Makefile:174 'all')
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
For C compilers that can't generate makefile dependency files, we have
makedepend as a fallback.
Cheers
Richard
shiva kumar skrev: (24 oktober 2019 20:41:28 CEST)
>what is the use of makedepend in openssl 1.1.1?
>openssl 1.1.1 can build without makepend then what's the use of
>makedepend?
>is
the
right move. However, if your applications do deal with threads,
directly or indirectly, disabling threads in libcrypto is of course a
bad move.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
2b supported in openssl-dgst (latest OpenSSL release)?
No, sorry. It has been added for upcoming OpenSSL 3.0, though.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
On Tue, 08 Oct 2019 14:59:23 +0200,
Richard Levitte wrote:
>
> On Mon, 07 Oct 2019 21:55:50 +0200,
> Dan Heinz wrote:
> >
> > >The no-dso is silently not valid in 1.1.1c. That option didn't work
> > >right, so it was unusable in practice anyway. However, som
6_64)
>
> What did I miss?
You don't happen to have edited some Configurations/*.conf and added
that name already? I'm otherwise unsure for the moment.
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
rary
> will require anyone using our library to link libld. I’d like to avoid this
> if possible, and it
> seems we could with the 1.0.2 branch.
>
> Am I missing something here?
>
> Thanks in advance!
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
(i.e. actually check if there's any pending
input or output).
Simply put, the zlib BIO filter doesn't behave correctly in this
regard. Corrective PR here: https://github.com/openssl/openssl/pull/9876
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
e/openssl-1.1.0l.tar.gz.sha256 -- OK
>
> https://www.openssl.org/source/openssl-1.1.1d.tar.gz.sha256 -- BAD
>
> https://www.openssl.org/source/openssl-fips-2.0.16.tar.gz.sha256 -- OK
>
> https://www.openssl.org/source/openssl-fips-ecp-2.0.16.tar.gz.sha256 -- OK
>
> --
g based on that. I haven't looked at the
> response headers though.
>
> (Personally, I always check the signature and don't bother with the posted
> hashes.)
>
> --
> Michael Wojcik
> Distinguished Engineer, Micro Focus
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
like the best immediate hack to me.
"hack" would be the operative word here. While it's true that this
would fulfill the objective, I frankly wouldn't like to see such a
cert.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
This bug was found a couple of days after 1.1.1b was released. The fix us found
in commit dbb1340314fcec37662d79720e6566fdd5a232e8
The best thing you can do is to update your source to 1.1.1c, which has this
fix and more.
Cheers
Richard
Michael Wojcik skrev: (2 augusti 2019 16:00:59
CEST)
/3481 )
On Fri, 26 Jul 2019 11:44:01 +0200,
HORIZONT, Armin Stauber wrote:
>
>
> Hi,
>
> is there any plan or any current work to provide an engine for Cryptography
> API: Next Generation
> (CNG) e.g. by porting the existing capi engine?
>
> Regards,
>
>
I did some server maintenance this morning, and that may have interrupted
today's snapshot production.
I don't intend to fix it. A new snapshot should appear tomorrow.
Cheers
Richard
The Doctor skrev: (26 juli 2019 12:23:15 CEST)
>What happened? I do not see any.
--
Richard by mobile
ion_conf. All library configuration lines appear in the
default section at the start of the configuration file.
"the default section" is key.
So the "openssl_conf = openssl_init" line must be early in the config
file. The order of the different named sections doesn
7) || !EVP_PKEY_set1_RSA(PKey, rsa))
>
> But Now "e" variable is not set in 'rsa', So how to set "e" inside rsa? Pls
> suggest me
> corresponding API
>
> Thanks and Regards,
>
> SWAMY J S
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
A very simple answer would be to have 'no-shared' as a configuration option.
That does mean that no shared libraries will be built, and that might not be
satisfactory.
Any, for the question "what would happen?" is that any program or module that
get this change will be linked with the static
I'd suggest reading the files called 'README' and 'INSTALL' as a start.
Cheers
Richard
"Lewis, Michael L" skrev: (11 juni 2019 18:55:48
CEST)
>Hi,
>
>I'm trying to build OpenSSL for windows (openssl-1.1.1c), I do the
>following steps:
>
>
>1. cd into open ssl directory.
>
>2. Run:
o openssl and getting a strange build error:
>
> make[1]: *** No rule to make target 'crypto/bn/crypto/include.o', needed by
> 'libcrypto.a'. Stop.
>
> Any common ideas on what to look for (e.g., missing header file, wrong
> INCLUDE settings in
> build.info, etc) ?
>
&g
e that we don't use any more
Remove Itanium assembler for RC4 and MD5 (assembler versions of old and
weak algorithms for an old chip)
Standardize apps/rehash copyright comment; approved by Timo
Put dual-copyright notice on mkcert
Reviewed-by: Richard Levitte
(Merged from
any attachments are believed to be free of any
> virus or other
> defect that might affect any computer system into which it is received and
> opened, it is the
> responsibility of the recipient to ensure that it is virus free and no
> responsibility is accepted
> by Toshiba Software India Pvt. Ltd, for any loss or damage arising in any way
> from its use.
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
to generate one (a
single top Makefile).
Please read INSTALL for more information.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
ux (new _err.h,
> modified obj_dat.h and probably a few more) but I would prefer an official
> way to (re)generate them on Windows.
>
> Regards,
> Andrew.
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
sl-1.1.1a and openssl-1.1.1b and they all have the same
> issue. I think it has
> something to do with my env. But i am not able to figure out what is the
> cause.
>
> Thanks,
> Wenbin
>
> Forwarding messages
> From: "dengwenbin_0301"
>
>
> Any help/pointers on compiling openssl library to generate static version of
> openssl executable
> for ARM64 bit linux platform will help.
>
>
>
> Thanks,
>
> Raveendra
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
"Salz, Rich via openssl-users" skrev: (21 maj 2019
17:27:44 CEST)
>>If it's a sarcasm, I'm missing the point.
>
>I was't being sarcastic, I was trying to show that the team, recently,
>still liked the use of floating point.
>
>>There are use cases when one wants to mix/add extra
quot;\"/usr/local/lib/engines-3\""
-DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DNDEBUG -MMD -MF
apps/libapps-lib-app_rand.d.tmp -MT apps/libapps-lib-app_rand.o -c
-o apps/libapps-lib-app_rand.o ../apps/app_rand.c
So the question is what hap
(As
> far as I know), I'm
> wondering if there is any version of OpenSSL that does not require
> compiling assembly
> code.
> Or, if there is anyone who experienced the similar problem, please
> share your experience.
>
> Thank you!
>
> --
> Best, Sung
>
> --
> Best, Sung
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
And now, to openssl-users. Oops...
Originalmeddelande
Från: Richard Levitte
Skickat: 16 maj 2019 08:34:06 GMT-07:00
Till: John Unsworth
Ämne: RE: OpenSSL 1.1.1b tests fail on Solaris - solution and possible fix
The actual problem is the call of DEFINE macros in safestack.h
I have extracted tar file and executed Configure command. Do we need to set
> anything before
> Configure?
>
> On Mon 13 May, 2019, 7:33 PM Richard Levitte, wrote:
>
> What else did you do other than configuring?
>
> Cheers
> Richard
>
> Samiya
What else did you do other than configuring?
Cheers
Richard
Samiya Khanum via openssl-users skrev: (13 maj 2019
05:19:18 GMT-07:00)
>Hi,
>
>Earlier our application used openSSL version 1.0.2n. We want to upgrade
>to
>1.1.1b.
>When I compile openssl, I see "opensslconf.h" not found error.
>
nu still am getting
> same error.
>
> Please let me know the right path where i have to copy this engine?
>
> Thanks and Regards,
>
> SWAMY J S
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
e Borland comes with some
kind of make utility... or do Borland users use something else?
What's its default Makefile name?
Cheers,
Richard ( slowly working out something that is more flexible )
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
Tentative fix: https://github.com/openssl/openssl/pull/8548
On Thu, 21 Mar 2019 07:22:39 +0100,
Richard Levitte wrote:
>
> Said and done: https://github.com/openssl/openssl/issues/8547
>
> I would appreciate it if you followed what's happening there and
> helped out g
Said and done: https://github.com/openssl/openssl/issues/8547
I would appreciate it if you followed what's happening there and
helped out getting it right...
Cheers,
Richard
On Thu, 21 Mar 2019 07:09:37 +0100,
Richard Levitte wrote:
>
> "collect2" indicates that this isn't Sol
ymbolic",
> >shared_defflag => "-Wl,-M,",
> >shared_sonameflag=> "-Wl,-h,",
> >},
> >
> >After changing the shared_defflag to "-Wl, -Map," it works fine. i.e "-Wl,
> >-M" is not recognized on S
member that PRs go through the CIs before
merging.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
1
> make[1]: Leaving directory
> `/netapp-home/ppatel/lmadmin_parth/3rdparty/openssl/openssl-1.1.1b'
>
> Can any one help me on this issue ?
>
> Thanks,
> Parth
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
t in the Cygwin shell
> resolves the problem.
> Can someone please confirm if the above workaround is acceptable and can be
> logged as bug in
> OpenSSL 1.1.1b version?
>
> Regards,
> Vinay
>
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
, but
fair warning, that one is a bit more complex than you would probably
expect from the average store loader.
Cheers,
Richard
On Wed, 06 Mar 2019 16:01:05 +0100,
Antonio Iacono wrote:
>
> OSSL_STORE_LOADER_set_open on bind ?
>
> On Wed, Mar 6, 2019 at 10:35 AM Richard Le
rding these things.
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
y makes the
> list of ids and labels of keys present in a token.
>
> I have already prepared a draft in this branch
> https://github.com/opensignature/openssl/tree/add-pkcs11-command/apps
>
> Thanks,
> Antonio
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
Tomas Mraz skrev: (5 mars 2019 14:47:18 CET)
>On Tue, 2019-03-05 at 14:16 +0100, Yann Ylavic wrote:
>> On Tue, Mar 5, 2019 at 12:51 PM Matt Caswell
>> wrote:
>> >
>> > 2) The no-pinshared option does not appear in 1.1.1 or 1.1.1a. It
>> > first appears
>> > in 1.1.1b. Backporting the option
Matt Caswell skrev: (4 mars 2019 12:59:26 CET)
>
>
>On 01/03/2019 22:26, Paul Smith wrote:
>> Hi all.
>>
>> I'm reading with interest the details coming out with respect to the
>> next release of OpenSSL.
>>
>> I'm curious if there's any consideration being given to updating the
>> API for
ert.pem test/certs/ca-cert.pem
So in Wolfgang's case, I suspect something like this would say more:
openssl verify -trusted .ca.crt .user.crt
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
; Validity
>
> Not Before: Oct 22 13:28:29 2009 GMT
>
> Not After : Mar 8 13:28:29 2037 GMT
>
> The customer provided us with a „…..ca.crt“ file, a „….user.crt“ file and a
> „user.key“ file. But I
> fear it is not smart to post tho
gt; @echo "Detected changed: $?"
> @@ -984,7 +984,7 @@ EOF
>if ($args{generator}->[0] =~ /\.pl$/) {
>$generator = 'CC="$(CC)" $(PERL)'.$generator_incs.'
> '.$generator;
>} elsif ($args{generator}->[0] =~ /\.m4$/) {
> - $generator = 'm4 -B 8192'.$generator_incs.' '.$generator.' >'
> + $generator = 'm4'.$generator_incs.' '.$generator.' >'
>} elsif ($args{generator}->[0] =~ /\.S$/) {
>$generator = undef;
>} else {
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
ER_CTX_reset.html
> /man3/EVP_DecryptInit.html
> /man3/EVP_DecryptInit_ex.html
> /man3/EVP_EncryptInit.html
> /man3/EVP_EncryptInit_ex.html
>
> /man3/EVP_sm4.html
> used in 5 files:
> /man3/EVP_CIPHER_CTX_reset.html
> /man3/EVP_DecryptInit.html
> /man3/EVP_DecryptInit_ex.html
> /man3/EVP_EncryptInit.html
> /man3/EVP_EncryptInit_ex.html
>
> /man3/X509_check_purpose.html
> used in 1 file:
> /man3/X509_get_extension_flags.html
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
> I've found other links in the man3 section which want to refer to this
> "ssl" page, and look for it in section 3 instead of section 7, also
> broken.
>
> Cheers!
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
gt; Yes. I believe this is okay, but also that OpenSSL is not going to support
> this.
Matt quoted a part of the design document that confirms what you're
saying. I stand (*) corrected.
Cheers,
Richard
-
(*) actually, I sit ;-)
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
1 - 100 of 987 matches
Mail list logo