Re: goto out not working in tests
On Mon, May 06, 2024 at 11:34:59PM -0600, The Doctor via openssl-users wrote: > Using clang versino 18 > > and it is spewing at goto out > Line 417 and 434 of test/threadstest.c in openssl-3.3 daily -- Member - Liberal International This is doc...@nk.ca Ici doc...@nk.ca Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism ;
goto out not working in tests
Using clang versino 18 and it is spewing at goto out -- Member - Liberal International This is doc...@nk.ca Ici doc...@nk.ca Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism ;
Snapshots
No snapshots since 2022-10-19. -- Member - Liberal International This is doc...@nk.ca Ici doc...@nk.ca Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism https://www.empire.kred/ROOTNK?t=94a1f39b How can one be prejudiced and remain objective? -unknown Beware https://mindspring.com
Mac OS X and openssl 3
Just wondering if Apple OS is compatible with OPenssl 3 . -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism https://www.empire.kred/ROOTNK?t=94a1f39b If challenge is our enemy, we won't have friends. -unknown Beware https://mindspring.com
Re: OpenSSL 3.0 LTS
On Fri, Mar 04, 2022 at 02:31:01PM +, Short, Todd wrote: > Apple uses LibreSSL, not OpenSSL, in their recent OSes: > > ~$ openssl version -a > LibreSSL 2.8.3 > built on: date not available > platform: information not available > options: bn(64,64) rc4(16x,int) des(idx,cisc,16,int) blowfish(idx) > compiler: information not available > OPENSSLDIR: "/private/etc/ssl" > ~$ uname -mprsv > Darwin 21.3.0 Darwin Kernel Version 21.3.0: Wed Jan 5 21:37:58 PST 2022; > root:xnu-8019.80.24~20/RELEASE_X86_64 x86_64 i386 > ~$ > This is goofy. So we update to openssl 3 and Apple clients get locked out. Libresll should get its act together. > -- > -Todd Short > // tsh...@akamai.com > // ???One if by land, two if by sea, three if by the Internet." > > > On Mar 4, 2022, at 9:26 AM, The Doctor via openssl-users > > wrote: > > > > On Fri, Mar 04, 2022 at 11:04:00AM +, Matt Caswell wrote: > >> OpenSSL 3.0 has recently been designated as a Long Term Support (LTS) > >> release. This means that it will now be supported until 7th September > >> 2026 (5 years after its initial release). > >> > >> Our previous LTS release (1.1.1) will continue to be supported until > >> 11th September 2023. > >> > >> We encourage all users to upgrade to 3.0. > >> > > > > > > Though I full agree, what is Apple's stand on gettng their clients upgraded > > to openssl3 compilance? > > > >> Yours, > >> The OpenSSL Project Team > > > > > > > > > > > > > > -- > > Member - Liberal International This is doctor@@nl2k.ab.ca Ici > > doctor@@nl2k.ab.ca > > Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist > > rising! > > Look at Psalms 14 and 53 on Atheism > > https://urldefense.com/v3/__https://www.empire.kred/ROOTNK?t=94a1f39b__;!!GjvTz_vk!D9V7BUjD7_WYZb-MFNIM1B5vPCGGhjFNF3Bh8w6c_691AQgafZRZJZmvQfcb$ > > Siding with murders against the innocent is progress only to fools. > > -unknown Beware > > https://urldefense.com/v3/__https://mindspring.com__;!!GjvTz_vk!D9V7BUjD7_WYZb-MFNIM1B5vPCGGhjFNF3Bh8w6c_691AQgafZRZJRTcE69B$ > -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism https://www.empire.kred/ROOTNK?t=94a1f39b Siding with murders against the innocent is progress only to fools. -unknown Beware https://mindspring.com
Re: OpenSSL 3.0 LTS
On Fri, Mar 04, 2022 at 11:04:00AM +, Matt Caswell wrote: > OpenSSL 3.0 has recently been designated as a Long Term Support (LTS) > release. This means that it will now be supported until 7th September > 2026 (5 years after its initial release). > > Our previous LTS release (1.1.1) will continue to be supported until > 11th September 2023. > > We encourage all users to upgrade to 3.0. > Though I full agree, what is Apple's stand on gettng their clients upgraded to openssl3 compilance? > Yours, > The OpenSSL Project Team -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism https://www.empire.kred/ROOTNK?t=94a1f39b Siding with murders against the innocent is progress only to fools. -unknown Beware https://mindspring.com
Re: Which version to upgrade to?
On Mon, Dec 20, 2021 at 10:24:54AM +, LN via openssl-users wrote: > Hello, > I'm currently using a pre-release version of openssl 1.1.1 and want to > upgrade to a release version. > With the release of openssl 3.0 (and now 3.0.1) while 1.1.1 is still ongoing > development, do you recommed using one version over the other???Is there an > advantage to use one or the other or just a matter of choice?What is the plan > for 1.1.1 after the end of LTS period? > Are we going to have a 3.1 release soon? My advice stick with openssl 1.1.1 . Many apps still have to rewrite for openssl 3.0.X . > Sorry for the many questions! > Thank you! -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism https://www.empire.kred/ROOTNK?t=94a1f39b Merry Christmas 2021 and Happy New Year 2022 Beware https://mindspring.com
Blanks
Testing to see if I get a blank. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism https://www.empire.kred/ROOTNK?t=94a1f39b Merry Christmas 2021 and Happy New Year 2022 Beware https://mindspring.com
Re: OPenssl 3 Beta 1
On Fri, Jul 02, 2021 at 04:12:29PM +0200, Tomas Mraz wrote: > On Fri, 2021-07-02 at 07:53 -0600, The Doctor wrote: > > So far working better with openssh 8.6 . > > > > Ruby 2.7 and rust is of concern. > > Language bindings are expected to require some minor changes to be able > to properly work with OpenSSL 3.0. Hopefully the maintainers of these > language bindings follow the alpha/beta releases and are working on > fixes. > Hopefully they are doing it now! > -- > Tom Mr??z > No matter how far down the wrong road you've gone, turn back. > Turkish proverb > [You'll know whether the road is wrong if you carefully listen to your > conscience.] > > -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism https://www.empire.kred/ROOTNK?t=94a1f39b Muscle, brain, will... all must be exercised if they will be strong. -unknown Beware https://mindspring.com
OPenssl 3 Beta 1
So far working better with openssh 8.6 . Ruby 2.7 and rust is of concern. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism https://www.empire.kred/ROOTNK?t=94a1f39b Muscle, brain, will... all must be exercised if they will be strong. -unknown Beware https://mindspring.com
Maiising Daily Snapshots for 20210416
Anyone knows what happened? -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism https://www.empire.kred/ROOTNK?t=94a1f39b A consequence-free mentality brings the most severe consequences. -unknown
Re: OpenSSL 3.0 daily snapshot
On Mon, Feb 15, 2021 at 02:06:17PM +0100, Richard Levitte wrote: > Hmmm, I have never seen that (apart from in one of my own development > branches, but that never reached the main source). > > If you want anyone to look into it, it would be a good idea to show us what > your configuration is. The output from this command is recommended: > > perl configdata.pm -d > > Cheers > Richard > > > The Doctor skrev: (14 februari 2021 13:33:51 CET) > >Anyome running tests running into an infinite loop > >on 04-test_encoder_decoder_legacy.t ? > Will do. Command line (with current working directory = .): /usr/local/bin/perl ./Configure --prefix=/usr/local/ BSD-x86_64 enable-ec_nistp_64_gcc_128 enable-sctp enable-fips no-crypto-mdebug no-crypto-mdebug-backtrace no-asan no-fuzz-afl no-fuzz-libfuzzer no-heartbeats no-idea no-md2 no-md4 no-msan no-rc5 no-sm2 no-sm3 enable-rfc3779 enable-shared zlib-dynamic enable-rc4 no-ssl3 no-ssl3-method no-ubsan no-weak-ssl-ciphers no-idea enable-ssl-trace enable-unit-test Perl information: /usr/local/bin/perl 5.30.3 for amd64-freebsd-thread-multi Enabled features: acvp_tests aria asm async autoalginit autoerrinit autoload-config bf blake2 bulk cached-fetch camellia capieng cast chacha cmac cmp cms comp ct deprecated des devcryptoeng dgram dh dsa dso dtls dynamic-engine ec ec2m ecdh ecdsa ec_nistp_64_gcc_128 engine err filenames fips fips-securitychecks gost legacy makedepend mdc2 module multiblock nextprotoneg pinshared ocb ocsp padlockeng pic poly1305 posix-io psk rc2 rc4 rdrand rfc3779 rmd160 scrypt sctp secure-memory seed shared siphash siv sm4 sock srp srtp sse2 ssl ssl-trace static-engine stdio tests threads tls ts ui-console unit-test whirlpool zlib zlib-dynamic tls1 tls1-method tls1_1 tls1_1-method tls1_2 tls1_2-method tls1_3 dtls1 dtls1-method dtls1_2 dtls1_2-method Disabled features: afalgeng[not-linux] OPENSSL_NO_AFALGENG asan[option] OPENSSL_NO_ASAN buildtest-c++ [default] crypto-mdebug [option] OPENSSL_NO_CRYPTO_MDEBUG egd [default] OPENSSL_NO_EGD external-tests [default] OPENSSL_NO_EXTERNAL_TESTS fuzz-libfuzzer [option] OPENSSL_NO_FUZZ_LIBFUZZER fuzz-afl[option] OPENSSL_NO_FUZZ_AFL idea[option] OPENSSL_NO_IDEA (skip crypto/idea) ktls[default] OPENSSL_NO_KTLS md2 [option] OPENSSL_NO_MD2 (skip crypto/md2) md4 [option] OPENSSL_NO_MD4 (skip crypto/md4) msan[option] OPENSSL_NO_MSAN rc5 [option] OPENSSL_NO_RC5 (skip crypto/rc5) sm2 [option] OPENSSL_NO_SM2 (skip crypto/sm2) sm3 [option] OPENSSL_NO_SM3 (skip crypto/sm3) trace [default] OPENSSL_NO_TRACE ubsan [option] OPENSSL_NO_UBSAN uplink [no uplink_arch] OPENSSL_NO_UPLINK weak-ssl-ciphers[option] OPENSSL_NO_WEAK_SSL_CIPHERS ssl3[option(ssl3-method)] OPENSSL_NO_SSL3 ssl3-method [option] OPENSSL_NO_SSL3_METHOD Config target attributes: AR => "ar", ARFLAGS => "qc", CC => "cc", CFLAGS => "-Wall -O3", HASHBANGPERL => "/usr/bin/env perl", RANLIB => "ranlib", RC => "windres", asm_arch => "x86_64", bn_ops => "SIXTY_FOUR_BIT_LONG", build_file => "Makefile", build_scheme => [ "unified", "unix" ], cflags => "-pthread", cppflags => "-D_THREAD_SAFE -D_REENTRANT", defines => [ "OPENSSL_BUILDING_OPENSSL", "ZLIB", "ZLIB_SHARED" ], disable => [ ], dso_ldflags => "-Wl,-z,defs", dso_scheme => "dlfcn", enable => [ "devcryptoeng" ], ex_libs => "-pthread", includes => [ ], lflags => "", lib_cflags => "", lib_cppflags => "-DL_ENDIAN", lib_defines => [ ], module_cflags => "-fPIC", module_cxxflags => undef, module_ldflags => "-shared
OpenSSL 3.0 daily snapshot
Anyome running tests running into an infinite loop on 04-test_encoder_decoder_legacy.t ? -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism https://www.empire.kred/ROOTNK?t=94a1f39b NFLD on 13 Feb vote Liberal !
Openssl 3.0 Aplha daily snap test locks up
Anyone knows why 04-test_encoder_decode_legacy.t is spinning its wheels? -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism https://www.empire.kred/ROOTNK?t=94a1f39b NFLD on 13 Feb vote Liberal !
OPenssl 3.0 issues
Anyone using BSD running into basename issues? -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism https://www.empire.kred/ROOTNK?t=94a1f39b Born 29 Jan 1969 Redhill, Surrey, UK
20201229 snapshots
1) No openssl-3.0 20201229 candidate otnight 2) Script started on Mon Dec 28 23:31:06 2020 root@doctor:/usr/source/openssl-1.1.1-stable-SNAP-20201229 # cd .. root@doctor:/usr/source # tar xf openssl*1026*z*z[K*z[K*z[K2*z2*z9*z tar: Failed to set default locale openssl-1.1.1-stable-SNAP-20201229/test/drbg_cavs_data.c: Truncated tar archive tar: Error exit delayed from previous errors. root@doctor:/usr/source # cd op*1229 root@doctor:/usr/source/openssl-1.1.1-stable-SNAP-20201229 # cofnigopenssl[K[K[K[K[K[K[K[K[K[K[K[K[Kcat /usr/local/bin/ cofnigopenssl[K[K[K[K[K[K[K[K[K[K[Knfigopenssl #!/usr/local/bin/bash CC=/usr/local/bin/clang11 ./Configure --prefix=/usr/ BSD-x86_64 enable-ec_nistp_64_gcc_128 enable-sctp no-crypto-mdebug no-crypto-mdebug-backtrace no-asan no-fuzz-afl no-fuzz-libfuzzer no-heartbeats no-idea no-md2 enable-md4 no-msan no-rc5 no-sm2 no-sm3 enable-rfc3779 enable-shared zlib-dynamic enable-rc4 no-ssl3 no-ssl3-method no-ubsan enable-weak-ssl-ciphers no-idea enable-ssl-trace enable-unit-test; make depend root@doctor:/usr/source/openssl-1.1.1-stable-SNAP-20201229 # ^cat[Kt /usr/local/bin/configopenssl perl: warning: Setting locale failed. perl: warning: Please check that your locale settings: LC_ALL = (unset), LANG = "en_GB" are supported and installed on your system. perl: warning: Falling back to the standard locale ("C"). Can't locate OpenSSL/Glob.pm in @INC (you may need to install the OpenSSL::Glob module) (@INC contains: /usr/source/openssl-1.1.1-stable-SNAP-20201229/util/perl /usr/local/lib/perl5/site_perl/mach/5.30 /usr/local/lib/perl5/site_perl /usr/local/lib/perl5/5.30/mach /usr/local/lib/perl5/5.30) at ./Configure line 20. BEGIN failed--compilation aborted at ./Configure line 20. make: don't know how to make depend. Stop make: stopped in /usr/source/openssl-1.1.1-stable-SNAP-20201229 root@doctor:/usr/source/openssl-1.1.1-stable-SNAP-20201229 # ma[K[Kexit exit Script done on Mon Dec 28 23:32:08 2020 What went wrong with openssl-1.1.1-stable-SNAP-20201229 ? -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism https://www.empire.kred/ROOTNK?t=94a1f39b Merry Christmas 2020 and Happy New Year 2021 !
Re: 3 failures with Openssl 3 alpha
On Wed, Oct 07, 2020 at 09:54:48AM -0700, Thomas Dwyer III wrote: > On Wed, Oct 7, 2020 at 7:33 AM The Doctor wrote: > > > 1) The openssh project does not work openssh 8.4+ > > > > This is a problem with the openssh codebase and not with openssl. You asked > <https://lists.mindrot.org/pipermail/openssh-unix-dev/2020-July/038686.html> > about this in openssh-unix-dev back in July. I posted this reply > <https://lists.mindrot.org/pipermail/openssh-unix-dev/2020-August/038737.html> > in August. The issue is that openssh needs the "current" IV state (which > the now-deprecated EVP_CIPHER_CTX_iv() used to return) but it's calling the > wrong openssl function to obtain it. See PR #12233 > <https://github.com/openssl/openssl/pull/12233> for additional discussion. > > > Regards, > Tom.III > Will forward to openssh . > > > > 2) Rust and OPEnssl 3 are not agrreing > > > > 3) ca_root_nss project and openssl 3 have a difference of opinion. > > > > -- > > Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@ > > nl2k.ab.ca > > Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist > > rising! > > Look at Psalms 14 and 53 on Atheism > > https://www.empire.kred/ROOTNK?t=94a1f39b > > BC save the Province; on 24 October 2020, vote Liberal and not NDP! > > -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism https://www.empire.kred/ROOTNK?t=94a1f39b BC save the Province; on 24 October 2020, vote Liberal and not NDP!
3 failures with Openssl 3 alpha
1) The openssh project does not work openssh 8.4+ 2) Rust and OPEnssl 3 are not agrreing 3) ca_root_nss project and openssl 3 have a difference of opinion. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism https://www.empire.kred/ROOTNK?t=94a1f39b BC save the Province; on 24 October 2020, vote Liberal and not NDP!
Re: openssl-3
On Wed, Aug 05, 2020 at 04:49:36PM +0300, me...@cyberia.net.sa wrote: > > > Hello, > > > > > > I have sucesfully installed openssl 3.x version but when I was trying to > check the version wheather it installed sucesfully or not, it gives error as > below , any assistance would be highly appreciated thanks in advance. > > > > [root@nc ~]# /usr/local/bin/openssl versioin -a > > /usr/local/bin/openssl: error while loading shared libraries: libssl.so.3: > cannot open shared object file: No such file or directory > > > > > > I have redhat 8 O/S > > > > > > Regards > > Ejaz > I am now happy with OPEnssl 3- alpha 6 OPenssh, squid, nginx and curl are running smoothly. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Morphing the facts to fit our worldview is a regressive trait. -unknown
openssl-1.1.1-stable-SNAP-20200714 bug Re: openssl-1.1.1-stable-SNAP-20200713 bug
On Mon, Jul 13, 2020 at 08:02:06PM +0300, Nicola Tuveri wrote: > I independently reached the same failure and I opened a github issue that > references this report: https://github.com/openssl/openssl/issues/12432 > > The fix should be coming in the form of > https://github.com/openssl/openssl/pull/12433 > > Thanks for reporting this issue! > > > Cheers, > > Nicola Tuveri And this morning we get Script started on Tue Jul 14 07:05:40 2020 root@doctor:/usr/source/openssl-1.1.1-stable-SNAP-20200714 # make make depend && make _all perl: warning: Setting locale failed. perl: warning: Please check that your locale settings: LC_ALL = (unset), LANG = "en_GB" are supported and installed on your system. perl: warning: Falling back to the standard locale ("C"). rm -f test/ectest ${LDCMD:-/usr/local/bin/clang10} -pthread -Wa,--noexecstack -Qunused-arguments -Wall -O3 -L.-o test/ectest test/ectest.o test/libtestutil.a -lcrypto -pthread ld: [0;31merror: [0mundefined symbol: EC_GROUP_get_field_type >>> referenced by ectest.c >>> test/ectest.o:(custom_generator_test) ld: [0;31merror: [0mundefined symbol: EC_GROUP_get0_field >>> referenced by ectest.c >>> test/ectest.o:(custom_generator_test) clang: [0;1;31merror: [0mlinker command failed with exit code 1 (use -v to see invocation)[0m *** Error code 1 Stop. make[1]: stopped in /usr/source/openssl-1.1.1-stable-SNAP-20200714 *** Error code 1 Stop. make: stopped in /usr/source/openssl-1.1.1-stable-SNAP-20200714 root@doctor:/usr/source/openssl-1.1.1-stable-SNAP-20200714 # exit exit Script done on Tue Jul 14 07:05:54 2020 Error in lines 2126 and 2127 of test/ectest.c -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b We were not instructed to succumb to the world. -unknown
openssl-1.1.1-stable-SNAP-20200713 bug
Script started on Mon Jul 13 06:01:58 2020 You have mail. root@doctor:/usr/source/openssl-1.1.1-stable-SNAP-20200713 # make make depend && make _all perl: warning: Setting locale failed. perl: warning: Please check that your locale settings: LC_ALL = (unset), LANG = "en_GB" are supported and installed on your system. perl: warning: Falling back to the standard locale ("C"). rm -f test/ectest ${LDCMD:-/usr/local/bin/clang10} -pthread -Wa,--noexecstack -Qunused-arguments -Wall -O3 -L.-o test/ectest test/ectest.o test/libtestutil.a -lcrypto -pthread ld: [0;31merror: [0mundefined symbol: EC_GROUP_get_field_type >>> referenced by ectest.c >>> test/ectest.o:(custom_generator_test) ld: [0;31merror: [0mundefined symbol: EC_GROUP_get0_field >>> referenced by ectest.c >>> test/ectest.o:(custom_generator_test) clang: [0;1;31merror: [0mlinker command failed with exit code 1 (use -v to see invocation)[0m *** Error code 1 Stop. make[1]: stopped in /usr/source/openssl-1.1.1-stable-SNAP-20200713 *** Error code 1 Stop. make: stopped in /usr/source/openssl-1.1.1-stable-SNAP-20200713 root@doctor:/usr/source/openssl-1.1.1-stable-SNAP-20200713 # exit exit Script done on Mon Jul 13 06:02:20 2020 openssl-1.1.1-stable-SNAP-20200712 was all right. Please fix. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b We were not instructed to succumb to the world. -unknown
Re: FTP server
On Sun, Jul 05, 2020 at 02:04:15PM +0200, Richard Levitte wrote: > Fixed! > > On Sat, 04 Jul 2020 23:35:28 +0200, > Richard Levitte wrote: > > > > Hmmm... I can see issues over IPv4 from my laptop, but it works > > flawlessly over iPv6, as well as from the VMS machines I've access to > > (over IPv4). Not sure what's going on there. > > > > The Doctor, would you mind telling us what's going on on your end? > > > > Cheers, > > Richard > > > > On Sat, 04 Jul 2020 23:06:54 +0200, > > Matt Caswell wrote: > > > > > > The infrastructure was upgraded on Thursday and so things were down for > > > a while. Should all be back to normal now. If there are still problems > > > then let us know. > > > > > > Matt > > > > > > On 04/07/2020 20:48, The Doctor wrote: > > > > Have there been stablility issues lately? > > > > > > > Oh! Still having issues. > > -- > > Richard Levitte levi...@openssl.org > > OpenSSL Project http://www.openssl.org/~levitte/ > > > -- > Richard Levitte levi...@openssl.org > OpenSSL Project http://www.openssl.org/~levitte/ -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b The highest result of education is tolerance. -Helen Keller
Re: FTP server
On Sat, Jul 04, 2020 at 11:35:28PM +0200, Richard Levitte wrote: > Hmmm... I can see issues over IPv4 from my laptop, but it works > flawlessly over iPv6, as well as from the VMS machines I've access to > (over IPv4). Not sure what's going on there. > > The Doctor, would you mind telling us what's going on on your end? > > Cheers, > Richard > > On Sat, 04 Jul 2020 23:06:54 +0200, > Matt Caswell wrote: > > > > The infrastructure was upgraded on Thursday and so things were down for > > a while. Should all be back to normal now. If there are still problems > > then let us know. > > > > Matt > > > > On 04/07/2020 20:48, The Doctor wrote: > > > Have there been stablility issues lately? > > > > > Iand here is a message 194.97.150.234:5908 It the IP and port it is tryingto connect to. Also, why are the http snapshots a day off? > -- > Richard Levitte levi...@openssl.org > OpenSSL Project http://www.openssl.org/~levitte/ -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b The highest result of education is tolerance. -Helen Keller
FTP server
Have there been stablility issues lately? -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b The highest result of education is tolerance. -Helen Keller
Current openssl 3 alpha dev 2 and upcoming openssh 8.3
Odd. Found this today. In make test , the test stops at simple transfer. In openssh-8.2p1 I worked find to a point. Any changes in the 3 aplha daily snaphots that could cause this? -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism No change on the outside will affect the problem within the heart. -unknown
Re: CONF_MODULE undefined?
m macro 'DEFINE_OR_DECLARE_STACK_OF' > > # define DEFINE_OR_DECLARE_STACK_OF(s) DEFINE_STACK_OF(s) > >^ > > /Users/ur20980/openssl-3/include/openssl/safestack.h:135:29: note: expanded > > from macro 'DEFINE_STACK_OF' > > # define DEFINE_STACK_OF(t) SKM_DEFINE_STACK_OF(t, t, t) > > ^ > > /Users/ur20980/openssl-3/include/openssl/safestack.h:71:21: note: expanded > > from macro 'SKM_DEFINE_STACK_OF' > > return (t2 *)OPENSSL_sk_delete_ptr((OPENSSL_STACK *)sk, \ > > ^ > > In file included from evp-sign.c:40: > > /Users/ur20980/openssl-3/include/openssl/conf.h:37:28: error: use of > > undeclared identifier 'CONF_MODULE' > > DEFINE_OR_DECLARE_STACK_OF(CONF_MODULE) > >^ > > /Users/ur20980/openssl-3/include/openssl/conf.h:37:28: error: unknown type > > name 'CONF_MODULE' > > /Users/ur20980/openssl-3/include/openssl/conf.h:37:28: error: unknown type > > name 'CONF_MODULE' > > /Users/ur20980/openssl-3/include/openssl/conf.h:37:28: error: unknown type > > name 'CONF_MODULE' > > /Users/ur20980/openssl-3/include/openssl/conf.h:37:1: error: expected > > expression > > DEFINE_OR_DECLARE_STACK_OF(CONF_MODULE) > > ^ > > /Users/ur20980/openssl-3/include/openssl/safestack.h:175:40: note: expanded > > from macro 'DEFINE_OR_DECLARE_STACK_OF' > > # define DEFINE_OR_DECLARE_STACK_OF(s) DEFINE_STACK_OF(s) > >^ > > /Users/ur20980/openssl-3/include/openssl/safestack.h:135:29: note: expanded > > from macro 'DEFINE_STACK_OF' > > # define DEFINE_STACK_OF(t) SKM_DEFINE_STACK_OF(t, t, t) > > ^ > > /Users/ur20980/openssl-3/include/openssl/safestack.h:84:21: note: expanded > > from macro 'SKM_DEFINE_STACK_OF' > > return (t2 *)OPENSSL_sk_pop((OPENSSL_STACK *)sk); \ > > ^ > > fatal error: too many errors emitted, stopping now [-ferror-limit=] > > > > -- > > Regards, > > Uri > > GOt that too when I tried to compile pkg on FreeBSD-12.1 > > > -- > Richard Levitte levi...@openssl.org > OpenSSL Project http://www.openssl.org/~levitte/ -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism Small opportunities are often the beginning of great enterprises. -Demosthenes
Re: OpenSSL version 3.0.0-alpha1 published
On Fri, Apr 24, 2020 at 09:51:48AM -0600, The Doctor wrote: > All right, I am test 3.0 alpha 2 using sshd and squid n FreeBSD 12.1 > I will also test on httpd , php 74 et al. > > so far openssh 8.2p1 and openssl 2.0 is working. > And squid 5.0.2 > -- > Member - Liberal International This is doctor@@nl2k.ab.ca Ici > doctor@@nl2k.ab.ca > Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist > rising! > https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism > Joy is not in things; it is in us. -Richard Wagner -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism Joy is not in things; it is in us. -Richard Wagner
Re: OpenSSL version 3.0.0-alpha1 published
All right, I am test 3.0 alpha 2 using sshd and squid n FreeBSD 12.1 I will also test on httpd , php 74 et al. so far openssh 8.2p1 and openssl 2.0 is working. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism Joy is not in things; it is in us. -Richard Wagner
Re: openssl-1.1.1-stable-SNAP-20200408
On Thu, Apr 09, 2020 at 11:27:48AM +0100, Matt Caswell wrote: > > > On 09/04/2020 07:45, The Doctor wrote: > > On Wed, Apr 08, 2020 at 09:26:31AM +0100, Matt Caswell wrote: > >> The fix is already going through review here: > >> > >> https://github.com/openssl/openssl/pull/11489 > >> > >> It will probably be tomorrow before it gets merged. > >> > >> Matt > >> > > > > Still saw the problem in openssl-1.1.1-stable-SNAP-20200409 . > > The fix was merged earlier today. > > Matt > I will check in tomorrow. > > > >> > >> On 08/04/2020 07:46, The Doctor wrote: > >>> Error occured while compiling > >>> > >>> in FreeBsd 12 > >>> > >>> root@gallifrey:/usr/source/openssl-1.1.1-stable-SNAP-20200408 # make > >>> make depend && make _all > >>> /usr/local/bin/clang10 -I. -Iinclude -fPIC -pthread -Wa,--noexecstack > >>> -Qunused-arguments -Wall -O3 -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ > >>> -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 > >>> -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM > >>> -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM > >>> -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM > >>> -DOPENSSLDIR="\"/usr/ssl\"" -DENGINESDIR="\"/usr//lib/engines-1.1\"" > >>> -D_THREAD_SAFE -D_REENTRANT -DZLIB -DZLIB_SHARED -DNDEBUG -MMD -MF > >>> crypto/rand/drbg_ctr.d.tmp -MT crypto/rand/drbg_ctr.o -c -o > >>> crypto/rand/drbg_ctr.o crypto/rand/drbg_ctr.c > >>> crypto/rand/drbg_ctr.c:25:5: error: use of undeclared identifier 'u32' > >>> u32 n = 16, c = 1; > >>> ^ > >>> crypto/rand/drbg_ctr.c:28:11: error: use of undeclared identifier 'n' > >>> --n; > >>> ^ > >>> crypto/rand/drbg_ctr.c:29:9: error: use of undeclared identifier 'c' > >>> c += p[n]; > >>> ^ > >>> crypto/rand/drbg_ctr.c:29:16: error: use of undeclared identifier 'n' > >>> c += p[n]; > >>>^ > >>> crypto/rand/drbg_ctr.c:30:11: error: use of undeclared identifier 'n' > >>> p[n] = (u8)c; > >>> ^ > >>> crypto/rand/drbg_ctr.c:30:17: error: use of undeclared identifier 'u8' > >>> p[n] = (u8)c; > >>> ^ > >>> crypto/rand/drbg_ctr.c:31:9: error: use of undeclared identifier 'c' > >>> c >>= 8; > >>> ^ > >>> crypto/rand/drbg_ctr.c:32:14: error: use of undeclared identifier 'n' > >>> } while (n); > >>> ^ > >>> 8 errors generated. > >>> *** Error code 1 > >>> > >>> Stop. > >>> make[1]: stopped in /usr/source/openssl-1.1.1-stable-SNAP-20200408 > >>> *** Error code 1 > >>> > >>> Stop. > >>> > >>> Please fix. > >>> > > -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism Those who cannot win on facts rely upon slander. -unknown
Re: openssl-1.1.1-stable-SNAP-20200408
On Wed, Apr 08, 2020 at 09:26:31AM +0100, Matt Caswell wrote: > The fix is already going through review here: > > https://github.com/openssl/openssl/pull/11489 > > It will probably be tomorrow before it gets merged. > > Matt > Still saw the problem in openssl-1.1.1-stable-SNAP-20200409 . > > On 08/04/2020 07:46, The Doctor wrote: > > Error occured while compiling > > > > in FreeBsd 12 > > > > root@gallifrey:/usr/source/openssl-1.1.1-stable-SNAP-20200408 # make > > make depend && make _all > > /usr/local/bin/clang10 -I. -Iinclude -fPIC -pthread -Wa,--noexecstack > > -Qunused-arguments -Wall -O3 -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ > > -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 > > -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM > > -DRC4_ASM -DMD5_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM > > -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/ssl\"" > > -DENGINESDIR="\"/usr//lib/engines-1.1\"" -D_THREAD_SAFE -D_REENTRANT -DZLIB > > -DZLIB_SHARED -DNDEBUG -MMD -MF crypto/rand/drbg_ctr.d.tmp -MT > > crypto/rand/drbg_ctr.o -c -o crypto/rand/drbg_ctr.o crypto/rand/drbg_ctr.c > > crypto/rand/drbg_ctr.c:25:5: error: use of undeclared identifier 'u32' > > u32 n = 16, c = 1; > > ^ > > crypto/rand/drbg_ctr.c:28:11: error: use of undeclared identifier 'n' > > --n; > > ^ > > crypto/rand/drbg_ctr.c:29:9: error: use of undeclared identifier 'c' > > c += p[n]; > > ^ > > crypto/rand/drbg_ctr.c:29:16: error: use of undeclared identifier 'n' > > c += p[n]; > >^ > > crypto/rand/drbg_ctr.c:30:11: error: use of undeclared identifier 'n' > > p[n] = (u8)c; > > ^ > > crypto/rand/drbg_ctr.c:30:17: error: use of undeclared identifier 'u8' > > p[n] = (u8)c; > > ^ > > crypto/rand/drbg_ctr.c:31:9: error: use of undeclared identifier 'c' > > c >>= 8; > > ^ > > crypto/rand/drbg_ctr.c:32:14: error: use of undeclared identifier 'n' > > } while (n); > > ^ > > 8 errors generated. > > *** Error code 1 > > > > Stop. > > make[1]: stopped in /usr/source/openssl-1.1.1-stable-SNAP-20200408 > > *** Error code 1 > > > > Stop. > > > > Please fix. > > -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism Those who cannot win on facts rely upon slander. -unknown
openssl-1.1.1-stable-SNAP-20200408
Error occured while compiling in FreeBsd 12 root@gallifrey:/usr/source/openssl-1.1.1-stable-SNAP-20200408 # make make depend && make _all /usr/local/bin/clang10 -I. -Iinclude -fPIC -pthread -Wa,--noexecstack -Qunused-arguments -Wall -O3 -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/ssl\"" -DENGINESDIR="\"/usr//lib/engines-1.1\"" -D_THREAD_SAFE -D_REENTRANT -DZLIB -DZLIB_SHARED -DNDEBUG -MMD -MF crypto/rand/drbg_ctr.d.tmp -MT crypto/rand/drbg_ctr.o -c -o crypto/rand/drbg_ctr.o crypto/rand/drbg_ctr.c crypto/rand/drbg_ctr.c:25:5: error: use of undeclared identifier 'u32' u32 n = 16, c = 1; ^ crypto/rand/drbg_ctr.c:28:11: error: use of undeclared identifier 'n' --n; ^ crypto/rand/drbg_ctr.c:29:9: error: use of undeclared identifier 'c' c += p[n]; ^ crypto/rand/drbg_ctr.c:29:16: error: use of undeclared identifier 'n' c += p[n]; ^ crypto/rand/drbg_ctr.c:30:11: error: use of undeclared identifier 'n' p[n] = (u8)c; ^ crypto/rand/drbg_ctr.c:30:17: error: use of undeclared identifier 'u8' p[n] = (u8)c; ^ crypto/rand/drbg_ctr.c:31:9: error: use of undeclared identifier 'c' c >>= 8; ^ crypto/rand/drbg_ctr.c:32:14: error: use of undeclared identifier 'n' } while (n); ^ 8 errors generated. *** Error code 1 Stop. make[1]: stopped in /usr/source/openssl-1.1.1-stable-SNAP-20200408 *** Error code 1 Stop. Please fix. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism Those who cannot win on facts rely upon slander. -unknown
Daily snapshots
What is happening. For 2 days in a row, the snapshots are not available. What gives? -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism Merry Christmas 2019 and Happy New Year 2020 !
Error on 20190823 release
Found this during the tests ../test/recipes/20-test_enc.t(Wstat: 256 Tests: 162 Failed: 1) Failed test: 161 Non-zero exit status: 1 What informationh do you require? -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism Manitoba - Vote Liberal to Give Palliser and Scheer a message on 10 Sept 2019 !
20190726 snapshots
What happened? I do not see any. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism Rather than love, than money, than fame, give me truth. -Henry David Thoreau
evp.t errors
Anyone getting this in the last 2 days? ../test/recipes/30-test_evp.t .. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/10 subtests -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism All appears to change when we change. -Henri-Fr=C3=A9d=C3=A9ric Amiel
Re: Forthcoming OpenSSL Releases
For the next branch of OpenSSL is it 1.1.2 or 1.2.0 ? -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism Always seek out the seed of triumph in every adversity. -Og Mandino
[openssl-users] Openssl 1.1. compliant apps
Looks like bind9 Exim Inn apache POstgresql and openssh > 7.8 Are all compliant. What about Dovecot php ? MySQL / Mariadb / Percona are not yet. Any full lists? -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism Love much. Earth has enough of bitter in it. -Ella Wheeler Wilcox -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] openssl 1.1.1 daily snapshots
When will those be ready to go? -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism NB 24 Sept vote Liberal! Quebec votez contre le PQ et le QS des 1 October 2018! -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] openssl 1.1.1 and FreeBSD 11.2
On Tue, Sep 11, 2018 at 04:09:48PM -0500, Benjamin Kaduk wrote: > On Tue, Sep 11, 2018 at 03:04:06PM -0600, The Doctor wrote: > > On Tue, Sep 11, 2018 at 02:57:09PM -0500, Benjamin Kaduk via openssl-users > > wrote: > > > On Tue, Sep 11, 2018 at 10:48:40AM -0600, The Doctor wrote: > > > > On Tue, Sep 11, 2018 at 09:33:36AM -0600, The Doctor wrote: > > > > > Looks likes I found a first bug > > > > > > > > > > ../test/recipes/70-test_comp.t . > > > > > Proxy started on port [::1]:10789 > > > > > Server command: ../../util/shlib_wrap.sh ../../apps/openssl s_server > > > > > -max_protocol TLSv1.3 -no_comp -rev -engine ossltest -ext_cache > > > > > -accept [::1]:0 -cert ../../apps/server.pem -cert2 > > > > > ../../apps/server.pem -naccept 1 -cipher AES128-SHA -ciphersuites > > > > > TLS_AES_128_GCM_SHA256 > > > > > engine "ossltest" set. > > > > > Using default temp DH parameters > > > > > ACCEPT [::1]:39577 > > > > > Server responds on [::1]:39577 > > > > > panic: XSUB Socket6::getaddrinfo (Socket6.c) failed to extend arg > > > > > stack: base=805d16098, sp=805d160e8, hwm=805d160d0 > > > > > > > > > > > > > Using perl 5.28.1 > > > > > > The test suite needs some modules not included in the core perl > > > port/package. > > > You should probably list out what p5-* you have installed. > > > > > > p5-Archive-Zip-1.63Create, manipulate, read, and write Zip > > archive files > > p5-Authen-NTLM-1.09_1 Perl5 NTLM authentication module > > p5-Authen-PAM-0.16_2 Perl interface to the PAM library > > p5-Authen-SASL-2.16_1 Perl5 module for SASL authentication > > p5-Business-ISBN-3.004 Work with International Standard Book Numbers > > p5-Business-ISBN-Data-20140910.003 Data pack for Business::ISBN > > p5-CGI-4.40Handle Common Gateway Interface requests and > > responses > > p5-Class-Inspector-1.32Provides information about classes > > p5-Convert-ASN1-0.27_2 Perl5 module to encode and decode ASN.1 data > > structures > > p5-Convert-BinHex-1.125Perl module to extract data from Macintosh > > BinHex files > > p5-Convert-TNEF-0.18_1 Perl module to read TNEF files > > p5-Crypt-OpenSSL-Bignum-0.09 OpenSSL's multiprecision integer arithmetic > > p5-Crypt-OpenSSL-Guess-0.11Guess OpenSSL include path > > p5-Crypt-OpenSSL-RSA-0.30_1Perl5 module to RSA encode and decode > > strings using OpenSSL > > p5-Crypt-OpenSSL-Random-0.15 Perl5 interface to the OpenSSL pseudo-random > > number generator > > p5-Crypt-SSLeay-0.72_3 Perl5 interface to allow p5-libwww LWP to > > make https connections > > p5-DBD-SQLite-1.58 Provides access to SQLite3 databases through > > the DBI > > p5-DBD-mysql-4.046 MySQL driver for the Perl5 Database > > Interface (DBI) > > p5-DBI-1.641 Perl5 Database Interface, required for > > DBD::* modules > > p5-Data-Dump-1.23_1Pretty printing of data structures > > p5-Date-EzDate-1.16Date and time manipulation made easy > > p5-Devel-CheckLib-1.13 Check that a library is available > > p5-Digest-BubbleBabble-0.02_1 Perl5 interface to a fingerprint in "bubble > > babble" format > > p5-Digest-HMAC-1.03_1 Perl5 interface to HMAC Message-Digest > > Algorithms > > p5-Digest-SHA1-2.13_1 Perl interface to the SHA-1 Algorithm > > p5-Encode-Detect-1.01_1Encode::Encoding subclass that detects the > > encoding of data > > p5-Encode-Locale-1.05 Determine the locale encoding > > p5-Error-0.17026 Error/exception handling in object-oriented > > programming style > > p5-ExtUtils-Depends-0.405 Easily build XS extensions that depend on XS > > extensions > > p5-ExtUtils-PkgConfig-1.16 Simplistic interface to pkg-config > > p5-File-Listing-6.04_1 Parse directory listings > > p5-File-ShareDir-1.116 Locate per-dist and per-module shared files > > p5-File-ShareDir-Install-0.13 Install read-only data files from a > > distribution > > p5-Filesys-Df-0.92_1 Perl extension for filesystem space > > p5-Filter-1.59 Number of source filters for perl5 programs > > p5-GD-2.68 Perl5 interface to Gd Graphics Library > > ver
Re: [openssl-users] openssl 1.1.1 and FreeBSD 11.2
On Tue, Sep 11, 2018 at 02:57:09PM -0500, Benjamin Kaduk via openssl-users wrote: > On Tue, Sep 11, 2018 at 10:48:40AM -0600, The Doctor wrote: > > On Tue, Sep 11, 2018 at 09:33:36AM -0600, The Doctor wrote: > > > Looks likes I found a first bug > > > > > > ../test/recipes/70-test_comp.t . > > > Proxy started on port [::1]:10789 > > > Server command: ../../util/shlib_wrap.sh ../../apps/openssl s_server > > > -max_protocol TLSv1.3 -no_comp -rev -engine ossltest -ext_cache -accept > > > [::1]:0 -cert ../../apps/server.pem -cert2 ../../apps/server.pem -naccept > > > 1 -cipher AES128-SHA -ciphersuites TLS_AES_128_GCM_SHA256 > > > engine "ossltest" set. > > > Using default temp DH parameters > > > ACCEPT [::1]:39577 > > > Server responds on [::1]:39577 > > > panic: XSUB Socket6::getaddrinfo (Socket6.c) failed to extend arg stack: > > > base=805d16098, sp=805d160e8, hwm=805d160d0 > > > > > > > Using perl 5.28.1 > > The test suite needs some modules not included in the core perl port/package. > You should probably list out what p5-* you have installed. p5-Archive-Zip-1.63Create, manipulate, read, and write Zip archive files p5-Authen-NTLM-1.09_1 Perl5 NTLM authentication module p5-Authen-PAM-0.16_2 Perl interface to the PAM library p5-Authen-SASL-2.16_1 Perl5 module for SASL authentication p5-Business-ISBN-3.004 Work with International Standard Book Numbers p5-Business-ISBN-Data-20140910.003 Data pack for Business::ISBN p5-CGI-4.40Handle Common Gateway Interface requests and responses p5-Class-Inspector-1.32Provides information about classes p5-Convert-ASN1-0.27_2 Perl5 module to encode and decode ASN.1 data structures p5-Convert-BinHex-1.125Perl module to extract data from Macintosh BinHex files p5-Convert-TNEF-0.18_1 Perl module to read TNEF files p5-Crypt-OpenSSL-Bignum-0.09 OpenSSL's multiprecision integer arithmetic p5-Crypt-OpenSSL-Guess-0.11Guess OpenSSL include path p5-Crypt-OpenSSL-RSA-0.30_1Perl5 module to RSA encode and decode strings using OpenSSL p5-Crypt-OpenSSL-Random-0.15 Perl5 interface to the OpenSSL pseudo-random number generator p5-Crypt-SSLeay-0.72_3 Perl5 interface to allow p5-libwww LWP to make https connections p5-DBD-SQLite-1.58 Provides access to SQLite3 databases through the DBI p5-DBD-mysql-4.046 MySQL driver for the Perl5 Database Interface (DBI) p5-DBI-1.641 Perl5 Database Interface, required for DBD::* modules p5-Data-Dump-1.23_1Pretty printing of data structures p5-Date-EzDate-1.16Date and time manipulation made easy p5-Devel-CheckLib-1.13 Check that a library is available p5-Digest-BubbleBabble-0.02_1 Perl5 interface to a fingerprint in "bubble babble" format p5-Digest-HMAC-1.03_1 Perl5 interface to HMAC Message-Digest Algorithms p5-Digest-SHA1-2.13_1 Perl interface to the SHA-1 Algorithm p5-Encode-Detect-1.01_1Encode::Encoding subclass that detects the encoding of data p5-Encode-Locale-1.05 Determine the locale encoding p5-Error-0.17026 Error/exception handling in object-oriented programming style p5-ExtUtils-Depends-0.405 Easily build XS extensions that depend on XS extensions p5-ExtUtils-PkgConfig-1.16 Simplistic interface to pkg-config p5-File-Listing-6.04_1 Parse directory listings p5-File-ShareDir-1.116 Locate per-dist and per-module shared files p5-File-ShareDir-Install-0.13 Install read-only data files from a distribution p5-Filesys-Df-0.92_1 Perl extension for filesystem space p5-Filter-1.59 Number of source filters for perl5 programs p5-GD-2.68 Perl5 interface to Gd Graphics Library version2 p5-GD-Barcode-1.15_6 GD::Barcode - Create barcode image with GD p5-GSSAPI-0.28_1 Perl extension providing access to the GSSAPIv2 library p5-Geo-IP-1.51 Gets country name by IP or hostname p5-Geography-Countries-2009041301_1 Handle ISO-3166 country codes p5-Glib2-1.327 This module provides access to Glib and GObject libraries p5-HTML-Parser-3.72Perl5 module for parsing HTML documents p5-HTML-Tagset-3.20_1 Some useful data table in parsing HTML p5-HTTP-Cookies-6.04 HTTP Cookie jars p5-HTTP-Daemon-6.01_1 Simple HTTP server class p5-HTTP-Date-6.02_1Conversion routines for the HTTP protocol date formats p5-HTTP-Message-6.18 Representation of HTTP style messages p5-HTTP-Negotiate-6.01_1 Implementation of the HTTP content negotiation algorithm p5-IO-HTML-1.001_1 Open an HTML file with automatic charset
Re: [openssl-users] openssl 1.1.1 and FreeBSD 11.2
On Tue, Sep 11, 2018 at 12:48:53PM -0400, Dennis Clarke wrote: > On 09/11/2018 12:23 PM, Viktor Dukhovni wrote: > > > > > >> On Sep 11, 2018, at 11:33 AM, The Doctor wrote: > >> > >> Looks likes I found a first bug > >> > > > > This did not happen on my machine, the build succeeded, and all tests > > passed: > > > > $ uname -srp > > FreeBSD 11.1-RELEASE-p10 amd64 > > > > You have 11.1 there whereas the initial report is in regards to 11.2. > I think 12.0 is right around the corner. I'll have a look at both. > > >> My configuration is > >> > >> #!/usr/local/bin/bash > >> CC=/usr/local/bin/clang60 ./Configure --prefix=/usr/local BSD-x86_64 > >> enable-crypto-mdebug enable-crypto-mdebug-backtrace enable-rfc3779 > >> enable-shared zlib-dynamic enable-sctp enable-rc4 > >> disable-weak-ssl-ciphers no-idea enable-ssl-trace enable-unit-test; make > >> depend > > > > You don't need to, and should not run "make depend" for OpenSSL 1.1.x. > > I'd recommend building an empty sub-directory or "out of tree": > > > > mkdir build; cd build; $path_to_source/Configure ...; make; make test > > > > Why are you building with "enable-crypto-mdebug" and > > "enable-crypto-mdebug-backtrace"? > > These are developer-team options, not expected to used by others, or > > necessarily work > > reliably on all systems... They also incur a substantial performance > > penalty. > > > > Hrmmm ... I'll give it a whirl out of the box but generally I find that > the Configurations/10-main.conf needs to be edited as well as the > resultant Makefile but after that everything goes smoothly. > > Dennis > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users LEt's get this tweaked accordingly for current BSD standards. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism NB 24 Sept vote Liberal! Quebec votez contre le PQ et le QS des 1 October 2018! -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] openssl 1.1.1 and FreeBSD 11.2
On Tue, Sep 11, 2018 at 12:23:08PM -0400, Viktor Dukhovni wrote: > > > > On Sep 11, 2018, at 11:33 AM, The Doctor wrote: > > > > Looks likes I found a first bug > > > > ../test/recipes/70-test_comp.t . > > Proxy started on port [::1]:10789 > > Server command: ../../util/shlib_wrap.sh ../../apps/openssl s_server > > -max_protocol TLSv1.3 -no_comp -rev -engine ossltest -ext_cache -accept > > [::1]:0 -cert ../../apps/server.pem -cert2 ../../apps/server.pem -naccept 1 > > -cipher AES128-SHA -ciphersuites TLS_AES_128_GCM_SHA256 > > engine "ossltest" set. > > Using default temp DH parameters > > ACCEPT [::1]:39577 > > Server responds on [::1]:39577 > > panic: XSUB Socket6::getaddrinfo (Socket6.c) failed to extend arg stack: > > base=805d16098, sp=805d160e8, hwm=805d160d0 > > This did not happen on my machine, the build succeeded, and all tests > passed: > >$ uname -srp >FreeBSD 11.1-RELEASE-p10 amd64 > Using 11.2 myself. 11.1 is now unsupported. > ## > ## Makefile for OpenSSL > ## > ## WARNING: do not edit! > ## Generated by Configure from ../Configurations/unix-Makefile.tmpl, > ../Configurations/common.tmpl > > PLATFORM=BSD-x86_64 > OPTIONS=enable-shared no-asan no-crypto-mdebug no-crypto-mdebug-backtrace > no-ec_nistp_64_gcc_128 no-egd no-fuzz-afl no-fuzz-libfuzzer no-heartbeats > no-md2 no-msan no-rc5 no-sctp no-ssl-trace no-ssl3 no-ssl3-method no-ubsan > no-unit-test no-weak-ssl-ciphers no-zlib no-zlib-dynamic > CONFIGURE_ARGS=("BSD-x86_64", "shared") > > Ditto with a configuration similar to yours, but built with "CC=clang50": > > ## > ## Makefile for OpenSSL > ## > ## WARNING: do not edit! > ## Generated by Configure from ../Configurations/unix-Makefile.tmpl, > ../Configurations/common.tmpl > > PLATFORM=BSD-x86_64 > OPTIONS=--prefix=/usr/local enable-crypto-mdebug > enable-crypto-mdebug-backtrace enable-rfc3779 enable-shared > enable-zlib-dynamic enable-sctp enable-rc4 enable-ssl-trace enable-unit-test > no-asan no-ec_nistp_64_gcc_128 no-egd no-fuzz-afl no-fuzz-libfuzzer > no-heartbeats no-idea no-md2 no-msan no-rc5 no-ssl3 no-ssl3-method no-ubsan > no-weak-ssl-ciphers > CONFIGURE_ARGS=("--prefix=/usr/local", "BSD-x86_64", "enable-crypto-mdebug", > "enable-crypto-mdebug-backtrace", "enable-rfc3779", "enable-shared", > "zlib-dynamic", "enable-sctp", "enable-rc4", "disable-weak-ssl-ciphers", > "no-idea", "enable-ssl-trace", "enable-unit-test") > > > My configuration is > > > > #!/usr/local/bin/bash > > CC=/usr/local/bin/clang60 ./Configure --prefix=/usr/local BSD-x86_64 > > enable-crypto-mdebug enable-crypto-mdebug-backtrace enable-rfc3779 > > enable-shared zlib-dynamic enable-sctp enable-rc4 > > disable-weak-ssl-ciphers no-idea enable-ssl-trace enable-unit-test; make > > depend > > You don't need to, and should not run "make depend" for OpenSSL 1.1.x. > I'd recommend building an empty sub-directory or "out of tree": > > mkdir build; cd build; $path_to_source/Configure ...; make; make test > > Why are you building with "enable-crypto-mdebug" and > "enable-crypto-mdebug-backtrace"? > These are developer-team options, not expected to used by others, or > necessarily work > reliably on all systems... They also incur a substantial performance penalty. > clang 6.0 is the default and there is clang 6.0.1 and clang 7.0 FYI Let me try without mdebug > -- > Viktor. > > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism NB 24 Sept vote Liberal! Quebec votez contre le PQ et le QS des 1 October 2018! -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] openssl 1.1.1 and FreeBSD 11.2
On Tue, Sep 11, 2018 at 09:33:36AM -0600, The Doctor wrote: > Looks likes I found a first bug > > ../test/recipes/70-test_comp.t . > Proxy started on port [::1]:10789 > Server command: ../../util/shlib_wrap.sh ../../apps/openssl s_server > -max_protocol TLSv1.3 -no_comp -rev -engine ossltest -ext_cache -accept > [::1]:0 -cert ../../apps/server.pem -cert2 ../../apps/server.pem -naccept 1 > -cipher AES128-SHA -ciphersuites TLS_AES_128_GCM_SHA256 > engine "ossltest" set. > Using default temp DH parameters > ACCEPT [::1]:39577 > Server responds on [::1]:39577 > panic: XSUB Socket6::getaddrinfo (Socket6.c) failed to extend arg stack: > base=805d16098, sp=805d160e8, hwm=805d160d0 > > > My configuration is > > #!/usr/local/bin/bash > CC=/usr/local/bin/clang60 ./Configure --prefix=/usr/local BSD-x86_64 > enable-crypto-mdebug enable-crypto-mdebug-backtrace enable-rfc3779 > enable-shared zlib-dynamic enable-sctp enable-rc4 disable-weak-ssl-ciphers > no-idea enable-ssl-trace enable-unit-test; make depend > -- > Member - Liberal International This is doctor@@nl2k.ab.ca Ici > doctor@@nl2k.ab.ca > Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist > rising! > https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism > NB 24 Sept vote Liberal! Quebec votez contre le PQ et le QS des 1 October > 2018! > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users Using perl 5.28.1 -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism NB 24 Sept vote Liberal! Quebec votez contre le PQ et le QS des 1 October 2018! -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] openssl 1.1.1 and FreeBSD 11.2
Looks likes I found a first bug ../test/recipes/70-test_comp.t . Proxy started on port [::1]:10789 Server command: ../../util/shlib_wrap.sh ../../apps/openssl s_server -max_protocol TLSv1.3 -no_comp -rev -engine ossltest -ext_cache -accept [::1]:0 -cert ../../apps/server.pem -cert2 ../../apps/server.pem -naccept 1 -cipher AES128-SHA -ciphersuites TLS_AES_128_GCM_SHA256 engine "ossltest" set. Using default temp DH parameters ACCEPT [::1]:39577 Server responds on [::1]:39577 panic: XSUB Socket6::getaddrinfo (Socket6.c) failed to extend arg stack: base=805d16098, sp=805d160e8, hwm=805d160d0 My configuration is #!/usr/local/bin/bash CC=/usr/local/bin/clang60 ./Configure --prefix=/usr/local BSD-x86_64 enable-crypto-mdebug enable-crypto-mdebug-backtrace enable-rfc3779 enable-shared zlib-dynamic enable-sctp enable-rc4 disable-weak-ssl-ciphers no-idea enable-ssl-trace enable-unit-test; make depend -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism NB 24 Sept vote Liberal! Quebec votez contre le PQ et le QS des 1 October 2018! -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] openssl 1.0.2 and TLS 1.3
On Tue, Sep 11, 2018 at 03:01:38PM +0100, Matt Caswell wrote: > > > On 11/09/18 14:58, The Doctor wrote: > > On Tue, Sep 11, 2018 at 09:31:23AM +0100, Matt Caswell wrote: > >> > >> > >> On 11/09/18 09:05, Dr. Matthias St. Pierre wrote: > >>>> Von: openssl-users Im Auftrag von > >>>> The Doctor > >>>> Gesendet: Dienstag, 11. September 2018 08:49 > >>>> An: openssl-users@openssl.org; openssl-...@openssl.org > >>>> Betreff: [openssl-users] openssl 1.0.2 and TLS 1.3 > >>>> > >>>> Will that combination occur? > >>> > >>> Support for TLS 1.3 is a new feature in OpenSSL 1.1.1 which will be > >>> released today. > >>> OpenSSL 1.0.2 is an LTS release which will only receive security updates > >>> and no new > >>> features. > >> > >> Strictly speaking 1.0.2 will receive bug fixes and security fixes until > >> the end of this year. From the end of this year until the end of 2019 it > >> will receive security fixes only. In any case it will receive no new > >> features (including TLSv1.3). > >> > >> >From the release of 1.1.1 (today), 1.1.0 will receive security fixes > >> only for one year. > >> > >> Matt > >> > >> > > > > Got you. > > > > So Openssh, NTPd, MOd_pagespeed have to adopt OPEnssl 1.1X API > > in order to use TLS 1.3 . > > Yes. I would encourage *all* applications still on the 1.0.x API to move > to 1.1.1 asap. By the end of next year there will be no supported > OpenSSL version that has the old API. > > > Matt > > I will forward this to the many mailing lists I belong to. > > >> > >>> > >>> HTH, > >>> Matthias > >>> > >>> See also > >>> https://wiki.openssl.org/index.php/TLS1.3 > >>> https://www.openssl.org/policies/releasestrat.html > >>> > >>> > >>> > >> -- > >> openssl-users mailing list > >> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > > > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism NB 24 Sept vote Liberal! Quebec votez contre le PQ et le QS des 1 October 2018! -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] openssl 1.0.2 and TLS 1.3
On Tue, Sep 11, 2018 at 09:31:23AM +0100, Matt Caswell wrote: > > > On 11/09/18 09:05, Dr. Matthias St. Pierre wrote: > >> Von: openssl-users Im Auftrag von The > >> Doctor > >> Gesendet: Dienstag, 11. September 2018 08:49 > >> An: openssl-users@openssl.org; openssl-...@openssl.org > >> Betreff: [openssl-users] openssl 1.0.2 and TLS 1.3 > >> > >> Will that combination occur? > > > > Support for TLS 1.3 is a new feature in OpenSSL 1.1.1 which will be > > released today. > > OpenSSL 1.0.2 is an LTS release which will only receive security updates > > and no new > > features. > > Strictly speaking 1.0.2 will receive bug fixes and security fixes until > the end of this year. From the end of this year until the end of 2019 it > will receive security fixes only. In any case it will receive no new > features (including TLSv1.3). > > >From the release of 1.1.1 (today), 1.1.0 will receive security fixes > only for one year. > > Matt > > Got you. So Openssh, NTPd, MOd_pagespeed have to adopt OPEnssl 1.1X API in order to use TLS 1.3 . > > > > > HTH, > > Matthias > > > > See also > > https://wiki.openssl.org/index.php/TLS1.3 > > https://www.openssl.org/policies/releasestrat.html > > > > > > > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism NB 24 Sept vote Liberal! Quebec votez contre le PQ et le QS des 1 October 2018! -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] openssl 1.0.2 and TLS 1.3
Will that combination occur? -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism NB 24 Sept vote Liberal! Quebec votez contre le PQ et le QS des 1 October 2018! -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] About 1.0.2p version release !!
On Wed, Aug 08, 2018 at 01:46:54PM +0100, Matt Caswell wrote: > > > On 08/08/18 13:39, The Doctor wrote: > > On Wed, Aug 08, 2018 at 09:27:43AM +0100, Matt Caswell wrote: > >> > >> > >> On 08/08/18 04:31, Juan Isoza wrote: > >>> and final 1.1.1 > >> > >> There is no date yet. We are still waiting on the official publication > >> of the TLSv1.3 RFC which we anticipate happening any day now. Once that > >> happens there will be another 1.1.1 beta release cycle soon after. > >> Assuming no major issues are identified in that beta the final release > >> should happen soon after that. > >> > >> Matt > >> > > > > MAtt how compatible is 1.1.1 to 1.1.0 brach? > > > > Will applicaions like NAmed, Exim, clamav, INND, proftpd, pure-ftpd, > > and apache et al work? > > Well, I've not tested those applications but the intention is that it > should be a drop in replacement and fully API/ABI compatible. However > there are some potential "gotcha's" with TLSv1.3 which could cause some > problems for some applications. This is primarily because the TLSv1.3 > protocol is significantly different to TLSv1.2 and below. See: > > https://wiki.openssl.org/index.php/TLS1.3 > > Matt > Right when will TLSv1.3 be officially recognised? > > > > >> > >>> > >>> 1.0.2p is for 14 august > >>> > >>> Le??lun. 6 ao??t 2018 15:00, Hareesh D >>> <mailto:hareesh@gmail.com>> a ??crit??: > >>> > >>> Hi, > >>> > >>> Anyone know when is the official release of 1.0.2p version? Is it > >>> possible to get such info about openssl version plan ? > >>> > >>> Thanks !! > >>> -- > >>> openssl-users mailing list > >>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > >>> > >>> > >>> > >> -- > >> openssl-users mailing list > >> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > > > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism The heart has its reasons which reason knows nothing of. -Blaise Pascal -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] About 1.0.2p version release !!
On Wed, Aug 08, 2018 at 09:27:43AM +0100, Matt Caswell wrote: > > > On 08/08/18 04:31, Juan Isoza wrote: > > and final 1.1.1 > > There is no date yet. We are still waiting on the official publication > of the TLSv1.3 RFC which we anticipate happening any day now. Once that > happens there will be another 1.1.1 beta release cycle soon after. > Assuming no major issues are identified in that beta the final release > should happen soon after that. > > Matt > MAtt how compatible is 1.1.1 to 1.1.0 brach? Will applicaions like NAmed, Exim, clamav, INND, proftpd, pure-ftpd, and apache et al work? > > > > > 1.0.2p is for 14 august > > > > Le??lun. 6 ao??t 2018 15:00, Hareesh D > <mailto:hareesh@gmail.com>> a ??crit??: > > > > Hi, > > > > Anyone know when is the official release of 1.0.2p version? Is it > > possible to get such info about openssl version plan ? > > > > Thanks !! > > -- > > openssl-users mailing list > > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > > > > > > > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism The heart has its reasons which reason knows nothing of. -Blaise Pascal -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] openssl-1.1.0-stable-SNAP-20180802 issue
On Thu, Aug 02, 2018 at 01:58:19PM +0100, Matt Caswell wrote: > The fix is already pending: > https://github.com/openssl/openssl/pull/6843 > > Just waiting on it being pushed. > > Matt > Still waiting! 20180803 is also affected!! > > On 02/08/18 13:28, Blumenthal, Uri - 0553 - MITLL wrote: > > Same problem on Linux. > > > > Regards, > > Uri > > > > Sent from my iPhone > > > >> On Aug 2, 2018, at 07:47, The Doctor wrote: > >> > >> While compiling today's openssl 1.1.0 snap on FreeBSD 11.2 > >> > >> I got > >> > >> /usr/bin/cc -I. -Icrypto/include -Iinclude -DZLIB -DZLIB_SHARED > >> -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS > >> -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 > >> -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m > >> -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM > >> -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM > >> -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" > >> -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -DL_ENDIAN -Wall -O3 > >> -pthread -D_THREAD_SAFE -D_REENTRANT -rdynamic -fPIC -MMD -MF > >> crypto/asn1/tasn_utl.d.tmp -MT crypto/asn1/tasn_utl.o -c -o > >> crypto/asn1/tasn_utl.o crypto/asn1/tasn_utl.c > >> cc: warning: argument unused during compilation: '-rdynamic' > >> [-Wunused-command-line-argument] > >> crypto/asn1/tasn_utl.c:60:5: error: use of undeclared identifier > >> 'CRYPTO_REF_COUNT' > >> CRYPTO_REF_COUNT *lck; > >> ^ > >> crypto/asn1/tasn_utl.c:60:23: error: use of undeclared identifier 'lck' > >> CRYPTO_REF_COUNT *lck; > >>^ > >> crypto/asn1/tasn_utl.c:70:5: error: use of undeclared identifier 'lck'; > >> did you > >> mean 'lock'? > >> lck = offset2ptr(*pval, aux->ref_offset); > >> ^~~ > >> lock > >> crypto/asn1/tasn_utl.c:61:21: note: 'lock' declared here > >>CRYPTO_RWLOCK **lock; > >> ^ > >> crypto/asn1/tasn_utl.c:75:10: error: use of undeclared identifier 'lck'; > >> did you > >>mean 'lock'? > >>*lck = ret = 1; > >> ^~~ > >> lock > >> crypto/asn1/tasn_utl.c:61:21: note: 'lock' declared here > >> CRYPTO_RWLOCK **lock; > >> ^ > >> crypto/asn1/tasn_utl.c:75:14: warning: incompatible integer to pointer > >>conversion assigning to 'CRYPTO_RWLOCK *' (aka 'void *') from 'int' > >> [-Wint-conversion] > >> *lck = ret = 1; > >> ^ ~~~ > >> crypto/asn1/tasn_utl.c:83:14: warning: implicit declaration of function > >> 'CRYPTO_UP_REF' is invalid in C99 [-Wimplicit-function-declaration] > >> if (!CRYPTO_UP_REF(lck, , *lock)) > >> ^ > >> crypto/asn1/tasn_utl.c:83:28: error: use of undeclared identifier 'lck'; > >> did you > >> mean 'lock'? > >>if (!CRYPTO_UP_REF(lck, , *lock)) > >> ^~~ > >> lock > >> crypto/asn1/tasn_utl.c:61:21: note: 'lock' declared here > >>CRYPTO_RWLOCK **lock; > >> ^ > >> crypto/asn1/tasn_utl.c:87:14: warning: implicit declaration of function > >> 'CRYPTO_DOWN_REF' is invalid in C99 [-Wimplicit-function-declaration] > >>if (!CRYPTO_DOWN_REF(lck, , *lock)) > >> ^ > >> crypto/asn1/tasn_utl.c:87:30: error: use of undeclared identifier 'lck'; > >> did you > >> mean 'lock'? > >> if (!CRYPTO_DOWN_REF(lck, , *lock)) > >>^~~ > >> lock > >> crypto/asn1/tasn_utl.c:61:21: note: 'lock' declared here > >> CRYPTO_RWLOCK **lock; > >> ^ > >> 3 warnings and 6 errors generated. > >> *** Error code 1 > >> > >> Stop. > >> make[1]: stopped in /usr/source/openssl-1.1.0-stable-SNAP-20180802 > >> *** Error code 1 > >> > >> Stop. > >> make: stopped in /usr/source/openssl-1.1.0-stable-SNAP-20180802 > >> > >> > >> Please fix. > >> > >> -- > >> Member - Liberal International This is doctor@@nl2k.ab.ca Ici > >> doctor@@nl2k.ab.ca > >> Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist > >> rising! > >> https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on > >> Atheism > >> A problem is a chance for you to do your best. -Duke Ellington > >> -- > >> openssl-users mailing list > >> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > >> > >> > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism A problem is a chance for you to do your best. -Duke Ellington -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] openssl-1.1.0-stable-SNAP-20180802 issue
While compiling today's openssl 1.1.0 snap on FreeBSD 11.2 I got /usr/bin/cc -I. -Icrypto/include -Iinclude -DZLIB -DZLIB_SHARED -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -DL_ENDIAN -Wall -O3 -pthread -D_THREAD_SAFE -D_REENTRANT -rdynamic -fPIC -MMD -MF crypto/asn1/tasn_utl.d.tmp -MT crypto/asn1/tasn_utl.o -c -o crypto/asn1/tasn_utl.o crypto/asn1/tasn_utl.c cc: warning: argument unused during compilation: '-rdynamic' [-Wunused-command-line-argument] crypto/asn1/tasn_utl.c:60:5: error: use of undeclared identifier 'CRYPTO_REF_COUNT' CRYPTO_REF_COUNT *lck; ^ crypto/asn1/tasn_utl.c:60:23: error: use of undeclared identifier 'lck' CRYPTO_REF_COUNT *lck; ^ crypto/asn1/tasn_utl.c:70:5: error: use of undeclared identifier 'lck'; did you mean 'lock'? lck = offset2ptr(*pval, aux->ref_offset); ^~~ lock crypto/asn1/tasn_utl.c:61:21: note: 'lock' declared here CRYPTO_RWLOCK **lock; ^ crypto/asn1/tasn_utl.c:75:10: error: use of undeclared identifier 'lck'; did you mean 'lock'? *lck = ret = 1; ^~~ lock crypto/asn1/tasn_utl.c:61:21: note: 'lock' declared here CRYPTO_RWLOCK **lock; ^ crypto/asn1/tasn_utl.c:75:14: warning: incompatible integer to pointer conversion assigning to 'CRYPTO_RWLOCK *' (aka 'void *') from 'int' [-Wint-conversion] *lck = ret = 1; ^ ~~~ crypto/asn1/tasn_utl.c:83:14: warning: implicit declaration of function 'CRYPTO_UP_REF' is invalid in C99 [-Wimplicit-function-declaration] if (!CRYPTO_UP_REF(lck, , *lock)) ^ crypto/asn1/tasn_utl.c:83:28: error: use of undeclared identifier 'lck'; did you mean 'lock'? if (!CRYPTO_UP_REF(lck, , *lock)) ^~~ lock crypto/asn1/tasn_utl.c:61:21: note: 'lock' declared here CRYPTO_RWLOCK **lock; ^ crypto/asn1/tasn_utl.c:87:14: warning: implicit declaration of function 'CRYPTO_DOWN_REF' is invalid in C99 [-Wimplicit-function-declaration] if (!CRYPTO_DOWN_REF(lck, , *lock)) ^ crypto/asn1/tasn_utl.c:87:30: error: use of undeclared identifier 'lck'; did you mean 'lock'? if (!CRYPTO_DOWN_REF(lck, , *lock)) ^~~ lock crypto/asn1/tasn_utl.c:61:21: note: 'lock' declared here CRYPTO_RWLOCK **lock; ^ 3 warnings and 6 errors generated. *** Error code 1 Stop. make[1]: stopped in /usr/source/openssl-1.1.0-stable-SNAP-20180802 *** Error code 1 Stop. make: stopped in /usr/source/openssl-1.1.0-stable-SNAP-20180802 Please fix. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism A problem is a chance for you to do your best. -Duke Ellington -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] 20170914 snapshots
They are missing in action! -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism Talk Sense to a fool and he calls you foolish - Euripides -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Openssl 1.0.2 snap STABLE 20170311 issue
Script started on Fri Mar 10 23:31:39 2017 You have mail. root@doctor:/usr/source/openssl-1.0.2-stable-SNAP-20170311 # make making all in crypto... making all in crypto/objects... making all in crypto/md4... making all in crypto/md5... making all in crypto/sha... making all in crypto/mdc2... making all in crypto/hmac... making all in crypto/ripemd... making all in crypto/whrlpool... making all in crypto/des... making all in crypto/aes... making all in crypto/rc2... making all in crypto/rc4... making all in crypto/idea... making all in crypto/bf... making all in crypto/cast... making all in crypto/camellia... making all in crypto/seed... making all in crypto/modes... making all in crypto/bn... making all in crypto/ec... making all in crypto/rsa... making all in crypto/dsa... making all in crypto/ecdsa... making all in crypto/dh... making all in crypto/ecdh... making all in crypto/dso... making all in crypto/engine... making all in crypto/buffer... making all in crypto/bio... making all in crypto/stack... making all in crypto/lhash... making all in crypto/rand... making all in crypto/err... making all in crypto/evp... making all in crypto/asn1... making all in crypto/pem... making all in crypto/x509... making all in crypto/x509v3... making all in crypto/conf... making all in crypto/txt_db... making all in crypto/pkcs7... making all in crypto/pkcs12... making all in crypto/comp... making all in crypto/ocsp... making all in crypto/ui... making all in crypto/krb5... making all in crypto/cms... making all in crypto/pqueue... making all in crypto/ts... making all in crypto/jpake... making all in crypto/srp... making all in crypto/store... making all in crypto/cmac... if [ -n "libcrypto.so.1.0.0 libssl.so.1.0.0" ]; then (cd ..; make libcrypto.so.1.0.0); fi `libcrypto.so.1.0.0' is up to date. making all in engines... echo making all in engines/ccgost... making all in ssl... /usr/local/bin/clang39 -I../crypto -I.. -I../include -fPIC -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -pthread -D_THREAD_SAFE -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN -O3 -Wall -DOPENSSL_EXPERIMENTAL_JPAKE -DOPENSSL_EXPERIMENTAL_STORE -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -I/usr/local/ssl/fips-2.0/include -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -c ssl_rsa.c -o ssl_rsa.o ssl_rsa.c:105:46: error: no member named 'default_passwd_callback' in 'struct ssl_st' x = PEM_read_bio_X509(in, NULL, ssl->default_passwd_callback, ~~~ ^ ssl_rsa.c:106:36: error: no member named 'default_passwd_callback_userdata' in 'struct ssl_st' ssl->default_passwd_callback_userdata); ~~~ ^ ssl_rsa.c:264:47: error: no member named 'default_passwd_callback' in 'struct ssl_st' ssl->default_passwd_callback, ~~~ ^ ssl_rsa.c:265:47: error: no member named 'default_passwd_callback_userdata' in 'struct ssl_st' ssl->default_passwd_callback_userdata); ~~~ ^ ssl_rsa.c:337:45: error: no member named 'default_passwd_callback' in 'struct ssl_st' ssl->default_passwd_callback, ~~~ ^ ssl_rsa.c:338:45: error: no member named 'default_passwd_callback_userdata' in 'struct ssl_st' ssl->default_passwd_callback_userdata); ~~~ ^ 6 errors generated. *** Error code 1 Stop. make[1]: stopped in /usr/source/openssl-1.0.2-stable-SNAP-20170311/ssl *** Error code 1 Stop. make: stopped in /usr/source/openssl-1.0.2-stable-SNAP-20170311 root@doctor:/usr/source/openssl-1.0.2-stable-SNAP-20170311 # exit exit Script done on Fri Mar 10 23:36:32 2017 Please fix. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism God is dead! Yahweh lives! Jesus his only begotten Son is the Risen Saviour!! -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Openssl 1.0.2 stable SNAP 20170309 issue
Script started on Thu Mar 9 05:45:36 2017 root@doctor:/usr/source/openssl-1.0.2-stable-SNAP-20170309 # make making all in crypto... making all in crypto/objects... making all in crypto/md4... making all in crypto/md5... making all in crypto/sha... making all in crypto/mdc2... making all in crypto/hmac... making all in crypto/ripemd... making all in crypto/whrlpool... making all in crypto/des... making all in crypto/aes... making all in crypto/rc2... making all in crypto/rc4... making all in crypto/idea... making all in crypto/bf... making all in crypto/cast... making all in crypto/camellia... making all in crypto/seed... making all in crypto/modes... making all in crypto/bn... making all in crypto/ec... making all in crypto/rsa... making all in crypto/dsa... making all in crypto/ecdsa... making all in crypto/dh... making all in crypto/ecdh... making all in crypto/dso... making all in crypto/engine... making all in crypto/buffer... making all in crypto/bio... making all in crypto/stack... making all in crypto/lhash... making all in crypto/rand... making all in crypto/err... making all in crypto/evp... making all in crypto/asn1... making all in crypto/pem... making all in crypto/x509... making all in crypto/x509v3... making all in crypto/conf... making all in crypto/txt_db... making all in crypto/pkcs7... making all in crypto/pkcs12... making all in crypto/comp... making all in crypto/ocsp... making all in crypto/ui... making all in crypto/krb5... making all in crypto/cms... making all in crypto/pqueue... making all in crypto/ts... making all in crypto/jpake... making all in crypto/srp... making all in crypto/store... making all in crypto/cmac... if [ -n "libcrypto.so.1.0.0 libssl.so.1.0.0" ]; then (cd ..; make libcrypto.so.1.0.0); fi `libcrypto.so.1.0.0' is up to date. making all in engines... echo making all in engines/ccgost... making all in ssl... if [ -n "libcrypto.so.1.0.0 libssl.so.1.0.0" ]; then (cd ..; make libssl.so.1.0.0); fi `libssl.so.1.0.0' is up to date. making all in apps... /usr/local/bin/clang39 -DMONOLITH -I.. -I../include -fPIC -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -pthread -D_THREAD_SAFE -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN -O3 -Wall -DOPENSSL_EXPERIMENTAL_JPAKE -DOPENSSL_EXPERIMENTAL_STORE -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -I/usr/local/ssl/fips-2.0/include -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -c enc.c -o enc.o enc.c:93:5: error: use of undeclared identifier 'cipher' cipher = EVP_get_cipherbyname(name->name); ^ enc.c:94:9: error: use of undeclared identifier 'cipher' if (cipher == NULL || ^ enc.c:95:31: error: use of undeclared identifier 'cipher' (EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) != 0 || ^ enc.c:96:29: error: use of undeclared identifier 'cipher' EVP_CIPHER_mode(cipher) == EVP_CIPH_XTS_MODE) ^ 4 errors generated. *** Error code 1 Stop. make[1]: stopped in /usr/source/openssl-1.0.2-stable-SNAP-20170309/apps *** Error code 1 Stop. make: stopped in /usr/source/openssl-1.0.2-stable-SNAP-20170309 root@doctor:/usr/source/openssl-1.0.2-stable-SNAP-20170309 # exzit exzit: Command not found. root@doctor:/usr/source/openssl-1.0.2-stable-SNAP-20170309 # exit exit Script done on Thu Mar 9 05:46:27 2017 Please fix. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism God is dead! Yahweh lives! Jesus his only begotten Son is the Risen Saviour!! -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] openssl 1.0.2 SNAP stable 20161127 issue
Can you get his fixed? ../util/shlib_wrap.sh ./heartbeat_test test_dtls1_not_bleeding failed: expected return value -1, received 0 ** test_dtls1_not_bleeding failed ** test_dtls1_not_bleeding_empty_payload failed: expected return value -1, received 0 ** test_dtls1_not_bleeding_empty_payload failed ** test_tls1_not_bleeding failed: expected return value -1, received 0 ** test_tls1_not_bleeding failed ** test_tls1_not_bleeding_empty_payload failed: expected return value -1, received 0 ** test_tls1_not_bleeding_empty_payload failed ** 4 tests failed *** Error code 1 Stop. make[1]: stopped in /usr/source/openssl-1.0.2-stable-SNAP-20161127/test *** Error code 1 Stop. make: stopped in /usr/source/openssl-1.0.2-stable-SNAP-20161127 -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Merry Christmas 2016 and Happy New Year 2017 -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Still showing openssl 1.0.2 snapshot issue
How long for this to get fixed? ../util/shlib_wrap.sh ./heartbeat_test test_dtls1_not_bleeding failed: expected return value -1, received 0 ** test_dtls1_not_bleeding failed ** test_dtls1_not_bleeding_empty_payload failed: expected return value -1, received 0 ** test_dtls1_not_bleeding_empty_payload failed ** test_tls1_not_bleeding failed: expected return value -1, received 0 ** test_tls1_not_bleeding failed ** test_tls1_not_bleeding_empty_payload failed: expected return value -1, received 0 ** test_tls1_not_bleeding_empty_payload failed ** 4 tests failed *** Error code 1 Stop. make[1]: stopped in /usr/source/openssl-1.0.2-stable-SNAP-20161126/test *** Error code 1 Stop. make: stopped in /usr/source/openssl-1.0.2-stable-SNAP-20161126 -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Merry Christmas 2016 and Happy New Year 2017 -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Still problems with openssl 1.0.2 snapshot
ALL OCSP TESTS SUCCESSFUL Test X509v3_check_* ../util/shlib_wrap.sh ./v3nametest ../util/shlib_wrap.sh ./heartbeat_test test_dtls1_not_bleeding failed: expected return value -1, received 0 ** test_dtls1_not_bleeding failed ** test_dtls1_not_bleeding_empty_payload failed: expected return value -1, received 0 ** test_dtls1_not_bleeding_empty_payload failed ** test_tls1_not_bleeding failed: expected return value -1, received 0 ** test_tls1_not_bleeding failed ** test_tls1_not_bleeding_empty_payload failed: expected return value -1, received 0 ** test_tls1_not_bleeding_empty_payload failed ** 4 tests failed *** Error code 1 Stop. make[1]: stopped in /usr/source/openssl-1.0.2-stable-SNAP-20161125/test *** Error code 1 Stop. make: stopped in /usr/source/openssl-1.0.2-stable-SNAP-20161125 Please fix -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Merry Christmas 2016 and Happy New Year 2017 -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Still seeing openssl 1.0.2 Daily snap issue
Test X509v3_check_* ../util/shlib_wrap.sh ./v3nametest ../util/shlib_wrap.sh ./heartbeat_test test_dtls1_not_bleeding failed: expected return value -1, received 0 ** test_dtls1_not_bleeding failed ** test_dtls1_not_bleeding_empty_payload failed: expected return value -1, received 0 ** test_dtls1_not_bleeding_empty_payload failed ** test_tls1_not_bleeding failed: expected return value -1, received 0 ** test_tls1_not_bleeding failed ** test_tls1_not_bleeding_empty_payload failed: expected return value -1, received 0 ** test_tls1_not_bleeding_empty_payload failed ** 4 tests failed *** Error code 1 Stop. make[1]: stopped in /usr/source/openssl-1.0.2-stable-SNAP-20161124/test *** Error code 1 Stop. make: stopped in /usr/source/openssl-1.0.2-stable-SNAP-20161124 root@doctor:/usr/source/openssl-1.0.2-stable-SNAP-20161124 # exit exit Script done on Thu Nov 24 05:39:49 2016 Please fix -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Merry Christmas 2016 and Happy New Year 2017 -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] [openssl-dev] iStill seeing heartbeat prolem in openssl 1.0.2 STABLE Daily releases
On Wed, Nov 02, 2016 at 05:00:27PM +, Salz, Rich wrote: > > > Why is this not solved? > > It will be solved before the next release. No further promises. I will report back tomorrow. Still It is a good thing to gripe if you see an issue. > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Time for the USA to hold a referendum on its republic and vote to dissolve!! -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] iStill seeing heartbeat prolem in openssl 1.0.2 STABLE Daily releases
Why is this not solved? ../util/shlib_wrap.sh ./v3nametest ../util/shlib_wrap.sh ./heartbeat_test test_dtls1_not_bleeding failed: expected return value 0, received -1 ** test_dtls1_not_bleeding failed ** test_dtls1_not_bleeding_empty_payload failed: expected return value 0, received -1 ** test_dtls1_not_bleeding_empty_payload failed ** test_tls1_not_bleeding failed: expected return value 0, received -1 ** test_tls1_not_bleeding failed ** test_tls1_not_bleeding_empty_payload failed: expected return value 0, received -1 ** test_tls1_not_bleeding_empty_payload failed ** 4 tests failed *** Error code 1 Stop. Using FreeBSD 11 . -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Time for the USA to hold a referendum on its republic and vote to dissolve!! -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] [openssl-dev] Still seeing test failure in openssl 1.0.2 SNAPHOT 20161031
On Tue, Nov 01, 2016 at 10:54:39AM +0100, Richard Levitte wrote: > I just tested on two systems, Debian [unstable] and FreeBSD 8.4, and > in both cases, that test goes through with no trouble at all. > > Could you tell us your exact configuration? If I recall correctly, > you have your own hacked configuration, right? > > Cheers, > Richard Certainly, My configuration script is #!/usr/local/bin/bash CC=/usr/local/bin/clang39 ./Configure --prefix=/usr/ BSD-x86_64 enable-gmp experimental-jpake enable-rfc3779 enable-shared zlib-dynamic disable-sctp experimental-store enable-ssl-trace enable-unit-test; make depend > > In message <20161031142938.ga97...@doctor.nl2k.ab.ca> on Mon, 31 Oct 2016 > 08:29:38 -0600, The Doctor <doc...@doctor.nl2k.ab.ca> said: > > doctor> I saw this yesterday as well > doctor> > doctor> ../util/shlib_wrap.sh ./heartbeat_test > doctor> test_dtls1_not_bleeding failed: expected return value 0, received -1 > doctor> ** test_dtls1_not_bleeding failed ** > doctor> > doctor> test_dtls1_not_bleeding_empty_payload failed: expected return value > 0, received -1 > doctor> ** test_dtls1_not_bleeding_empty_payload failed ** > doctor> > doctor> test_tls1_not_bleeding failed: expected return value 0, received -1 > doctor> ** test_tls1_not_bleeding failed ** > doctor> > doctor> test_tls1_not_bleeding_empty_payload failed: expected return value 0, > received -1 > doctor> ** test_tls1_not_bleeding_empty_payload failed ** > doctor> > doctor> 4 tests failed > doctor> *** Error code 1 > doctor> > doctor> Stop. > doctor> make[1]: stopped in > /usr/source/openssl-1.0.2-stable-SNAP-20161031/test > doctor> *** Error code 1 > doctor> > doctor> Please fix > doctor> > doctor> -- > doctor> Member - Liberal International This is doctor@@nl2k.ab.ca Ici > doctor@@nl2k.ab.ca > doctor> God,Queen and country!Never Satan President Republic!Beware > AntiChrist rising! > doctor> http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on > Atheism > doctor> Time for the USA to hold a referendum on its republic and vote to > dissolve!! > doctor> -- > doctor> openssl-dev mailing list > doctor> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev > doctor> -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Time for the USA to hold a referendum on its republic and vote to dissolve!! -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Still seeing test failure in openssl 1.0.2 SNAPHOT 20161031
I saw this yesterday as well ../util/shlib_wrap.sh ./heartbeat_test test_dtls1_not_bleeding failed: expected return value 0, received -1 ** test_dtls1_not_bleeding failed ** test_dtls1_not_bleeding_empty_payload failed: expected return value 0, received -1 ** test_dtls1_not_bleeding_empty_payload failed ** test_tls1_not_bleeding failed: expected return value 0, received -1 ** test_tls1_not_bleeding failed ** test_tls1_not_bleeding_empty_payload failed: expected return value 0, received -1 ** test_tls1_not_bleeding_empty_payload failed ** 4 tests failed *** Error code 1 Stop. make[1]: stopped in /usr/source/openssl-1.0.2-stable-SNAP-20161031/test *** Error code 1 Please fix -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Time for the USA to hold a referendum on its republic and vote to dissolve!! -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] openssl-1.0.2-stable-SNAP-20161030 isue test failures
make test yield Test X509v3_check_* ../util/shlib_wrap.sh ./v3nametest ../util/shlib_wrap.sh ./heartbeat_test test_dtls1_not_bleeding failed: expected return value 0, received -1 ** test_dtls1_not_bleeding failed ** test_dtls1_not_bleeding_empty_payload failed: expected return value 0, received -1 ** test_dtls1_not_bleeding_empty_payload failed ** test_tls1_not_bleeding failed: expected return value 0, received -1 ** test_tls1_not_bleeding failed ** test_tls1_not_bleeding_empty_payload failed: expected return value 0, received -1 ** test_tls1_not_bleeding_empty_payload failed ** 4 tests failed *** Error code 1 not present in openssl-1.0.2-stable-SNAP-20161029 . Please fix. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Time for the USA to hold a referendum on its republic and vote to dissolve!! -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] openssl 1.0.2 Daily Snapshot issue
/usr/local/bin/clang39 -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include -fPIC -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -pthread -D_THREAD_SAFE -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN -O3 -Wall -DOPENSSL_EXPERIMENTAL_JPAKE -DOPENSSL_EXPERIMENTAL_STORE -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -c jpake.c -o jpake.o jpake.c:157:9: error: void function 'hashbn' should not return a value [-Wreturn-type] return NULL; ^ 1 error generated. Please fix. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Time for the USA to hold a referendum on its republic and vote to dissolve!! -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] openssl 1.0.2 20160816 snap
This error showed up /usr/local/bin/clang38 -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include -fPIC -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -pthread -D_THREAD_SAFE -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN -O3 -Wall -DOPENSSL_EXPERIMENTAL_JPAKE -DOPENSSL_EXPERIMENTAL_STORE -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -c pvkfmt.c -o pvkfmt.o pvkfmt.c:279:34: error: use of undeclared identifier 'PEM_R_HEADER_TOO_LONG' PEMerr(PEM_F_DO_B2I_BIO, PEM_R_HEADER_TOO_LONG); ^ 1 error generated. in FreeBSD 10.3 Please fix. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Time for the USA to hold a referendum on its republic and vote to dissolve!! -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] openssl-SNAP-20160720
./libcrypto.so: undefined reference to `RUN_ONCE' cc: error: linker command failed with exit code 1 (use -v to see invocation) *** Error code 1 Please fix -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Language is the source of misunderstandings. -Antoine de Saint-Exupery -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Moving on
I will be retiring our BSDI servers tonight replacing them with FreeBSD servers. I will still work with you on 1.0 and 1.1 development issues. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Language is the source of misunderstandings. -Antoine de Saint-Exupery -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] 1.1 release being delayed
On Mon, May 23, 2016 at 01:15:45PM +, Salz, Rich wrote: > ... in case you haven't noticed :) Our announced release date for 1.1 has > come and gone. > > We want to close many more bugs before we release it. In the meantime, > please test against master or a daily snapshot or the last beta release. > > Thanks for your patience! > No problem and hopefully for app developers will come on board. > > -- > Senior Architect, Akamai Technologies > IM: richs...@jabber.at Twitter: RichSalz > > > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Abuse a man unjustly, and you will make friends for him. -Edgar Watson Howe -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] [openssl-dev] Openssl 1.1 and Bind 9.6 ESV R11
On Tue, Jan 19, 2016 at 08:53:49PM -0600, Benjamin Kaduk wrote: > On 01/19/2016 05:37 PM, The Doctor wrote: > > Tried to compile an old bind and ran into > > Why? > > > What needs to be adjusted? > > > > > > The bind code is what needs to be adjusted, given that openssl 1.1 is > intentionally introducing API changes and removing direct access to many > structures. It seems quite unlikely that an EoL version of a > third-party software is going to magically receive a new release > allowing it to build against a version of openssl that did not exist > when it was released. That's my issue. I cannot get a more recent bind version to stay to stable on one box. > > -Ben > ___ > openssl-dev mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Birthdate 29 Jan 1969 Redhill, Surrey, UK ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] [openssl-dev] Openssl 1.1 and Bind 9.6 ESV R11
On Wed, Jan 20, 2016 at 06:11:16PM +, Salz, Rich wrote: > > That's my issue. I cannot get a more recent bind version to stay to stable > > on > > one box. > > Then I think that's going to be a tough issue, and you'll either have to > modify that source or stay at 1.0.2 > Source modification it is. BTW we are more interested in Bind 9.9 and Bind 9.10 ? > ___ > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Birthdate 29 Jan 1969 Redhill, Surrey, UK ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Openssl 1.1 and Bind 9.6 ESV R11
Tried to compile an old bind and ran into /bin/bash /usr/source/bind-9.6-ESV-R11/libtool --mode=compile /usr/bin/gcc -I/usr/source/bind-9.6-ESV-R11 -I. -Iinclude -I/usr/source/bind-9.6-ESV-R11/lib/dns/include -I../../lib/dns/include -I/usr/source/bind-9.6-ESV-R11/lib/isc/include -I../../lib/isc -I../../lib/isc/include -I../../lib/isc/unix/include -I../../lib/isc/nothreads/include -I../../lib/isc/x86_32/include -I/usr/contrib/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -DUSE_MD5 -DOPENSSL -g -O2 -Wall -I/usr/contrib/include/libxml2 -W -Wall -Wmissing-prototypes -Wcast-qual -Wwrite-strings -Wformat -Wpointer-arith -fno-strict-aliasing -c openssldh_link.c libtool: compile: /usr/bin/gcc -I/usr/source/bind-9.6-ESV-R11 -I. -Iinclude -I/usr/source/bind-9.6-ESV-R11/lib/dns/include -I../../lib/dns/include -I/usr/source/bind-9.6-ESV-R11/lib/isc/include -I../../lib/isc -I../../lib/isc/include -I../../lib/isc/unix/include -I../../lib/isc/nothreads/include -I../../lib/isc/x86_32/include -I/usr/contrib/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -DUSE_MD5 -DOPENSSL -g -O2 -Wall -I/usr/contrib/include/libxml2 -W -Wall -Wmissing-prototypes -Wcast-qual -Wwrite-strings -Wformat -Wpointer-arith -fno-strict-aliasing -c openssldh_link.c -o openssldh_link.o openssldh_link.c: In function `openssldh_generate': openssldh_link.c:155: storage size of `cb' isn't known openssldh_link.c:155: warning: unused variable `cb' openssldh_link.c: In function `dst__openssldh_init': openssldh_link.c:623: warning: implicit declaration of function `BN_init' /usr/contrib/include/openssl/conf.h: At top level: openssldh_link.c:73: storage size of `bn2' isn't known openssldh_link.c:73: storage size of `bn768' isn't known openssldh_link.c:73: storage size of `bn1024' isn't known openssldh_link.c:73: storage size of `bn1536' isn't known *** Error code 1 Stop. *** Error code 1 Stop. *** Error code 1 Stop. Line 73 reads static BIGNUM bn2, bn768, bn1024, bn1536; line 155 reads #if OPENSSL_VERSION_NUMBER > 0x00908000L BN_GENCB cb; #endif and line 623 reads isc_result_t dst__openssldh_init(dst_func_t **funcp) { REQUIRE(funcp != NULL); if (*funcp == NULL) { BN_init(); BN_init(); BN_init(); BN_init(); BN_set_word(, 2); BN_fromhex(, PRIME768); BN_fromhex(, PRIME1024); BN_fromhex(, PRIME1536); *funcp = _functions; } return (ISC_R_SUCCESS); } What needs to be adjusted? -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Birthdate 29 Jan 1969 Redhill, Surrey, UK ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] OPenssl and dependencies such as openssh
On Mon, Jan 04, 2016 at 01:29:56PM -0700, The Doctor wrote: > On Mon, Jan 04, 2016 at 07:22:04PM +, Viktor Dukhovni wrote: > > On Mon, Jan 04, 2016 at 09:08:31AM -0700, The Doctor wrote: > > > > > if ((rc = fprintf(fd ,"%08x (%s)\n", SSLeay(), > > > SSLeay_version(SSLEAY_VERSION))) <0) > > > > > > Could there be anything that is causing openssh not to see the new > > > openssl 1.1 > > > > The above. The SSLeay names are gone. The new way is: > > > > if ((rc = fprintf(fd ,"%08x (%s)\n", OpenSSL_version_num(), > > OpenSSL_version(OPENSSL_VERSION))) <0) > > > > I think it is likely prudent at this time to restore source- > > backwards-compatible behaviour, by adding to : > > > > #if !defined(OPENSSL_API_COMPAT) || OPENSSL_API_COMPAT < 0x1010L > > # include > > # define SSLeay OpenSSL_version_num > > # define SSLeay_version OpenSSL_version > > # define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER > > # define SSLEAY_VERSION OPENSSL_VERSION > > # define SSLEAY_CFLAGS OPENSSL_CFLAGS > > # define SSLEAY_BUILT_ON OPENSSL_BUILT_ON > > # define SSLEAY_PLATFORM OPENSSL_PLATFORM > > # define SSLEAY_DIR OPENSSL_DIR > > #endif /* OPENSSL_API_COMPAT */ > > > > Users who want to make sure they are avoiding interfaces that are > > deprecated with 1.1.0 can set OPENSSL_API_COMPAT to 0x1010L or > > higher as appropriate. > > That is one way. > > Can we get developers to come on baord so that > we can launch a new era without incident? All right, can the above be committed and any other source-backwards-compatible behaviour ? This will help API developers a lot. BTW, I got openssl-SNAP-20160115 to behave nicely. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Birthdate 29 Jan 1969 Redhill, Surrey, UK ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] openssl-SNAP-20160109 issue
In a amke && make test I got making all in engines/ccgost... gcc -I.. -I../include -I../crypto/include -I../fips -fPIC -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -pthread -D_THREAD_SAFE -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DPERL5 -DL_ENDIAN -DTERMIOS -fomit-frame-pointer -O2 -march=i486 -Wall -g -DOPENSSL_EXPERIMENTAL_JPAKE -DOPENSSL_EXPERIMENTAL_STORE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -c jpaketest.c jpaketest.c: In function `main': jpaketest.c:119: warning: implicit declaration of function `CRYPTO_set_mem_debug_functions' jpaketest.c:120: parse error before "CRYPTO_mem_ctrl" jpaketest.c:179: warning: implicit declaration of function `CRYPTO_mem_leaks' *** Error code 1 Stop. *** Error code 1 Stop. Please fix. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Birthdate 29 Jan 1969 Redhill, Surrey, UK ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] OPenssl and dependencies such as openssh
On Wed, Jan 06, 2016 at 07:33:27AM -0700, The Doctor wrote: > On Mon, Jan 04, 2016 at 07:22:04PM +, Viktor Dukhovni wrote: > > On Mon, Jan 04, 2016 at 09:08:31AM -0700, The Doctor wrote: > > > > > if ((rc = fprintf(fd ,"%08x (%s)\n", SSLeay(), > > > SSLeay_version(SSLEAY_VERSION))) <0) > > > > > > Could there be anything that is causing openssh not to see the new > > > openssl 1.1 > > > > The above. The SSLeay names are gone. The new way is: > > > > if ((rc = fprintf(fd ,"%08x (%s)\n", OpenSSL_version_num(), > > OpenSSL_version(OPENSSL_VERSION))) <0) > > > > I think it is likely prudent at this time to restore source- > > backwards-compatible behaviour, by adding to : > > > > #if !defined(OPENSSL_API_COMPAT) || OPENSSL_API_COMPAT < 0x1010L > > # include > > # define SSLeay OpenSSL_version_num > > # define SSLeay_version OpenSSL_version > > # define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER > > # define SSLEAY_VERSION OPENSSL_VERSION > > # define SSLEAY_CFLAGS OPENSSL_CFLAGS > > # define SSLEAY_BUILT_ON OPENSSL_BUILT_ON > > # define SSLEAY_PLATFORM OPENSSL_PLATFORM > > # define SSLEAY_DIR OPENSSL_DIR > > #endif /* OPENSSL_API_COMPAT */ > > > > Users who want to make sure they are avoiding interfaces that are > > deprecated with 1.1.0 can set OPENSSL_API_COMPAT to 0x1010L or > > higher as appropriate. > > > > With all the other issues (DEPREACTED) identified, let > me test the above out. > Still a few bumps, but I recommend that this be committed to openssl 1.1 branch. > > -- > > Viktor. > > ___ > > openssl-users mailing list > > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > > -- > Member - Liberal International This is doctor@@nl2k.ab.ca Ici > doctor@@nl2k.ab.ca > God,Queen and country!Never Satan President Republic!Beware AntiChrist > rising! > http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism > Birthdate 29 Jan 1969 Redhill, Surrey, UK > ___ > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Birthdate 29 Jan 1969 Redhill, Surrey, UK ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] OPenssl and dependencies such as openssh
On Mon, Jan 04, 2016 at 07:22:04PM +, Viktor Dukhovni wrote: > On Mon, Jan 04, 2016 at 09:08:31AM -0700, The Doctor wrote: > > > if ((rc = fprintf(fd ,"%08x (%s)\n", SSLeay(), > > SSLeay_version(SSLEAY_VERSION))) <0) > > > > Could there be anything that is causing openssh not to see the new openssl > > 1.1 > > The above. The SSLeay names are gone. The new way is: > >if ((rc = fprintf(fd ,"%08x (%s)\n", OpenSSL_version_num(), >OpenSSL_version(OPENSSL_VERSION))) <0) > > I think it is likely prudent at this time to restore source- > backwards-compatible behaviour, by adding to : > > #if !defined(OPENSSL_API_COMPAT) || OPENSSL_API_COMPAT < 0x1010L > # include > # define SSLeay OpenSSL_version_num > # define SSLeay_version OpenSSL_version > # define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER > # define SSLEAY_VERSION OPENSSL_VERSION > # define SSLEAY_CFLAGS OPENSSL_CFLAGS > # define SSLEAY_BUILT_ON OPENSSL_BUILT_ON > # define SSLEAY_PLATFORM OPENSSL_PLATFORM > # define SSLEAY_DIR OPENSSL_DIR > #endif /* OPENSSL_API_COMPAT */ > > Users who want to make sure they are avoiding interfaces that are > deprecated with 1.1.0 can set OPENSSL_API_COMPAT to 0x1010L or > higher as appropriate. > With all the other issues (DEPREACTED) identified, let me test the above out. > -- > Viktor. > ___ > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Birthdate 29 Jan 1969 Redhill, Surrey, UK ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] OPenssl and dependencies such as openssh
On Mon, Jan 04, 2016 at 07:22:04PM +, Viktor Dukhovni wrote: > On Mon, Jan 04, 2016 at 09:08:31AM -0700, The Doctor wrote: > > > if ((rc = fprintf(fd ,"%08x (%s)\n", SSLeay(), > > SSLeay_version(SSLEAY_VERSION))) <0) > > > > Could there be anything that is causing openssh not to see the new openssl > > 1.1 > > The above. The SSLeay names are gone. The new way is: > >if ((rc = fprintf(fd ,"%08x (%s)\n", OpenSSL_version_num(), >OpenSSL_version(OPENSSL_VERSION))) <0) > > I think it is likely prudent at this time to restore source- > backwards-compatible behaviour, by adding to : > > #if !defined(OPENSSL_API_COMPAT) || OPENSSL_API_COMPAT < 0x1010L > # include > # define SSLeay OpenSSL_version_num > # define SSLeay_version OpenSSL_version > # define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER > # define SSLEAY_VERSION OPENSSL_VERSION > # define SSLEAY_CFLAGS OPENSSL_CFLAGS > # define SSLEAY_BUILT_ON OPENSSL_BUILT_ON > # define SSLEAY_PLATFORM OPENSSL_PLATFORM > # define SSLEAY_DIR OPENSSL_DIR > #endif /* OPENSSL_API_COMPAT */ > > Users who want to make sure they are avoiding interfaces that are > deprecated with 1.1.0 can set OPENSSL_API_COMPAT to 0x1010L or > higher as appropriate. Tip of the iceberg. Number of changes are needed to be committed before launching. >From inn: tls.o: In function `tmp_dh_cb': /usr/source/inn-CURRENT-20160105/nnrpd/tls.c:219: undefined reference to `DH_generate_parameters' tls.o: In function `tls_init_serverengine': /usr/source/inn-CURRENT-20160105/nnrpd/tls.c:498: undefined reference to `SSLv23_server_method' gmake[1]: *** [nnrpd] Error 1 so 219 and that area gives us default: /* We should check current keylength vs. requested keylength * also, this is an extremely expensive operation! */ dh = DH_generate_parameters(keylength, DH_GENERATOR_2, NULL, NU LL); r = dh; I just comment these 2 lines out for now line 498 is CTX = SSL_CTX_new(SSLv23_server_method()); I just replace as follows CTX = SSL_CTX_new(TLS_server_method()); A better fix is neeeded. And there is Apache 2.4 Making all in support /usr/source/httpd-2.4.18/srclib/apr/libtool --silent --mode=link /usr/bin/gcc -std=gnu99 -Wmissing-prototypes -Wstrict-prototypes -Wmissing-declarations -Wpointer-arith -Wformat -Wformat-security -Wall -g -O2 -L/usr/contrib/lib -lssl -lcrypto -lpthread-o ab -static ab.lo -L/usr/lib -lc -lm -ldl -liconv -lintl -lutil -ldb -levent /usr/source/httpd-2.4.18/srclib/apr-util/libaprutil-1.la -lexpat /usr/source/httpd-2.4.18/srclib/apr/libapr-1.la -lpthread -lm ab.o: In function `test': /usr/source/httpd-2.4.18/support/ab.c:1863: undefined reference to `SSL_state' and this piece of code is set_conn_state(c, STATE_CONNECTED); #ifdef USE_SSL if (c->ssl) ssl_proceed_handshake(c); else #endif write_request(c); Looks like a lots of rewriting to do. > > -- > Viktor. > _______ > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Birthdate 29 Jan 1969 Redhill, Surrey, UK ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] OPenssl and dependencies such as openssh
On Tue, Jan 05, 2016 at 09:19:32AM -0700, The Doctor wrote: > On Mon, Jan 04, 2016 at 07:22:04PM +, Viktor Dukhovni wrote: > > On Mon, Jan 04, 2016 at 09:08:31AM -0700, The Doctor wrote: > > > > > if ((rc = fprintf(fd ,"%08x (%s)\n", SSLeay(), > > > SSLeay_version(SSLEAY_VERSION))) <0) > > > > > > Could there be anything that is causing openssh not to see the new > > > openssl 1.1 > > > > The above. The SSLeay names are gone. The new way is: > > > > if ((rc = fprintf(fd ,"%08x (%s)\n", OpenSSL_version_num(), > > OpenSSL_version(OPENSSL_VERSION))) <0) > > > > I think it is likely prudent at this time to restore source- > > backwards-compatible behaviour, by adding to : > > > > #if !defined(OPENSSL_API_COMPAT) || OPENSSL_API_COMPAT < 0x1010L > > # include > > # define SSLeay OpenSSL_version_num > > # define SSLeay_version OpenSSL_version > > # define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER > > # define SSLEAY_VERSION OPENSSL_VERSION > > # define SSLEAY_CFLAGS OPENSSL_CFLAGS > > # define SSLEAY_BUILT_ON OPENSSL_BUILT_ON > > # define SSLEAY_PLATFORM OPENSSL_PLATFORM > > # define SSLEAY_DIR OPENSSL_DIR > > #endif /* OPENSSL_API_COMPAT */ > > > > Users who want to make sure they are avoiding interfaces that are > > deprecated with 1.1.0 can set OPENSSL_API_COMPAT to 0x1010L or > > higher as appropriate. > > > Tip of the iceberg. > > Number of changes are needed to be committed before launching. > > >From inn: > > tls.o: In function `tmp_dh_cb': > /usr/source/inn-CURRENT-20160105/nnrpd/tls.c:219: undefined reference to > `DH_generate_parameters' > tls.o: In function `tls_init_serverengine': > /usr/source/inn-CURRENT-20160105/nnrpd/tls.c:498: undefined reference to > `SSLv23_server_method' > gmake[1]: *** [nnrpd] Error 1 > > so 219 and that area gives us > > default: > /* We should check current keylength vs. requested keylength > * also, this is an extremely expensive operation! */ > dh = DH_generate_parameters(keylength, DH_GENERATOR_2, NULL, > NU > LL); > r = dh; > > I just comment these 2 lines out for now > > line 498 is > > CTX = SSL_CTX_new(SSLv23_server_method()); > > I just replace as follows > >CTX = SSL_CTX_new(TLS_server_method()); > > A better fix is neeeded. > > And there is Apache 2.4 > > Making all in support > /usr/source/httpd-2.4.18/srclib/apr/libtool --silent --mode=link /usr/bin/gcc > -std=gnu99 -Wmissing-prototypes -Wstrict-prototypes -Wmissing-declarations > -Wpointer-arith -Wformat -Wformat-security -Wall -g -O2 -L/usr/contrib/lib > -lssl -lcrypto -lpthread-o ab -static ab.lo -L/usr/lib -lc -lm -ldl > -liconv -lintl -lutil -ldb -levent > /usr/source/httpd-2.4.18/srclib/apr-util/libaprutil-1.la -lexpat > /usr/source/httpd-2.4.18/srclib/apr/libapr-1.la -lpthread -lm > ab.o: In function `test': > /usr/source/httpd-2.4.18/support/ab.c:1863: undefined reference to > `SSL_state' > > and this piece of code is > > set_conn_state(c, STATE_CONNECTED); > #ifdef USE_SSL > if (c->ssl) > ssl_proceed_handshake(c); > else > #endif > write_request(c); > > Looks like a lots of rewriting to do. > > Here is one from bind-9.6-ESV-R11 (Yes this branch is no longer supported) libtool: link: /usr/bin/gcc -g -O2 -Wall -I/usr/contrib/include/libxml2 -o named builtin.o client.o config.o control.o controlconf.o interfacemgr.o listenlist.o log.o logconf.o main.o notify.o query.o server.o sortlist.o statschannel.o tkeyconf.o tsigconf.o update.o xfrout.o zoneconf.o lwaddr.o lwresd.o lwdclient.o lwderror.o lwdgabn.o lwdgnba.o lwdgrbn.o lwdnoop.o lwsearch.o unix/os.o ../../lib/lwres/.libs/liblwres.a -L/usr/contrib/lib -L/usr/lib ../../lib/dns/.libs/libdns.a ../../lib/bind9/.libs/libbind9.a /usr/source/bind-9.6-ESV-R11/lib/isccfg/.libs/libisccfg.a ../../lib/isccfg/.libs/libisccfg.a /usr/source/bind-9.6-ESV-R11/lib/dns/.libs/libdns.a /usr/source/bind-9.6-ESV-R11/lib/isccc/.libs/libisccc.a -lcrypto ../../lib/isccc/.libs/libisccc.a /usr/source/bind-9.6-ESV-R11/lib/isc/.libs/libisc.a ../../lib/isc/.libs/libisc.a /usr/contrib/lib/libxml2.so /usr/contrib/lib/liblzma.so -lz -lpthread /usr/lib/libiconv.so -lm -ldl -Wl,-rpath -W
Re: [openssl-users] OPenssl and dependencies such as openssh
On Tue, Jan 05, 2016 at 09:19:32AM -0700, The Doctor wrote: > On Mon, Jan 04, 2016 at 07:22:04PM +, Viktor Dukhovni wrote: > > On Mon, Jan 04, 2016 at 09:08:31AM -0700, The Doctor wrote: > > > > > if ((rc = fprintf(fd ,"%08x (%s)\n", SSLeay(), > > > SSLeay_version(SSLEAY_VERSION))) <0) > > > > > > Could there be anything that is causing openssh not to see the new > > > openssl 1.1 > > > > The above. The SSLeay names are gone. The new way is: > > > > if ((rc = fprintf(fd ,"%08x (%s)\n", OpenSSL_version_num(), > > OpenSSL_version(OPENSSL_VERSION))) <0) > > > > I think it is likely prudent at this time to restore source- > > backwards-compatible behaviour, by adding to : > > > > #if !defined(OPENSSL_API_COMPAT) || OPENSSL_API_COMPAT < 0x1010L > > # include > > # define SSLeay OpenSSL_version_num > > # define SSLeay_version OpenSSL_version > > # define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER > > # define SSLEAY_VERSION OPENSSL_VERSION > > # define SSLEAY_CFLAGS OPENSSL_CFLAGS > > # define SSLEAY_BUILT_ON OPENSSL_BUILT_ON > > # define SSLEAY_PLATFORM OPENSSL_PLATFORM > > # define SSLEAY_DIR OPENSSL_DIR > > #endif /* OPENSSL_API_COMPAT */ > > > > Users who want to make sure they are avoiding interfaces that are > > deprecated with 1.1.0 can set OPENSSL_API_COMPAT to 0x1010L or > > higher as appropriate. > > > Tip of the iceberg. > > Number of changes are needed to be committed before launching. > > >From inn: > > tls.o: In function `tmp_dh_cb': > /usr/source/inn-CURRENT-20160105/nnrpd/tls.c:219: undefined reference to > `DH_generate_parameters' > tls.o: In function `tls_init_serverengine': > /usr/source/inn-CURRENT-20160105/nnrpd/tls.c:498: undefined reference to > `SSLv23_server_method' > gmake[1]: *** [nnrpd] Error 1 > > so 219 and that area gives us > > default: > /* We should check current keylength vs. requested keylength > * also, this is an extremely expensive operation! */ > dh = DH_generate_parameters(keylength, DH_GENERATOR_2, NULL, > NU > LL); > r = dh; > > I just comment these 2 lines out for now > > line 498 is > > CTX = SSL_CTX_new(SSLv23_server_method()); > > I just replace as follows > >CTX = SSL_CTX_new(TLS_server_method()); > > A better fix is neeeded. > > And there is Apache 2.4 > > Making all in support > /usr/source/httpd-2.4.18/srclib/apr/libtool --silent --mode=link /usr/bin/gcc > -std=gnu99 -Wmissing-prototypes -Wstrict-prototypes -Wmissing-declarations > -Wpointer-arith -Wformat -Wformat-security -Wall -g -O2 -L/usr/contrib/lib > -lssl -lcrypto -lpthread-o ab -static ab.lo -L/usr/lib -lc -lm -ldl > -liconv -lintl -lutil -ldb -levent > /usr/source/httpd-2.4.18/srclib/apr-util/libaprutil-1.la -lexpat > /usr/source/httpd-2.4.18/srclib/apr/libapr-1.la -lpthread -lm > ab.o: In function `test': > /usr/source/httpd-2.4.18/support/ab.c:1863: undefined reference to > `SSL_state' > > and this piece of code is > > set_conn_state(c, STATE_CONNECTED); > #ifdef USE_SSL > if (c->ssl) > ssl_proceed_handshake(c); > else > #endif > write_request(c); > > Looks like a lots of rewriting to do. > > > In exim we get gcc -o exim tls.o: In function `rsa_callback': tls.o(.text+0x19a): undefined reference to `RSA_generate_key' tls.o: In function `tls_servername_cb': tls.o(.text+0xf32): undefined reference to `SSLv23_server_method' tls.o: In function `tls_init': tls.o(.text+0x1654): undefined reference to `SSLv23_server_method' tls.o(.text+0x165e): undefined reference to `SSLv23_client_method' tls.o(.text+0x18d2): undefined reference to `SSL_CTX_set_tmp_rsa_callback' tls.o: In function `tls_validate_require_cipher': tls.o(.text+0x2a6d): undefined reference to `SSLv23_server_method' tls.o: In function `tls_version_report': tls.o(.text+0x2b29): undefined reference to `SSLeay_version' tls.o(.text+0x2b36): undefined reference to `SSLeay_version' tls.o: In function `vaguely_random_number': tls.o(.text+0x2bf0): undefined reference to `RAND_pseudo_bytes' Do we need more examples? > > > > > -- > > Viktor. > > ___ > > openssl-users mailing lis
Re: [openssl-users] OPenssl and dependencies such as openssh
On Mon, Jan 04, 2016 at 07:22:04PM +, Viktor Dukhovni wrote: > On Mon, Jan 04, 2016 at 09:08:31AM -0700, The Doctor wrote: > > > if ((rc = fprintf(fd ,"%08x (%s)\n", SSLeay(), > > SSLeay_version(SSLEAY_VERSION))) <0) > > > > Could there be anything that is causing openssh not to see the new openssl > > 1.1 > > The above. The SSLeay names are gone. The new way is: > >if ((rc = fprintf(fd ,"%08x (%s)\n", OpenSSL_version_num(), >OpenSSL_version(OPENSSL_VERSION))) <0) > > I think it is likely prudent at this time to restore source- > backwards-compatible behaviour, by adding to : > > #if !defined(OPENSSL_API_COMPAT) || OPENSSL_API_COMPAT < 0x1010L > # include > # define SSLeay OpenSSL_version_num > # define SSLeay_version OpenSSL_version > # define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER > # define SSLEAY_VERSION OPENSSL_VERSION > # define SSLEAY_CFLAGS OPENSSL_CFLAGS > # define SSLEAY_BUILT_ON OPENSSL_BUILT_ON > # define SSLEAY_PLATFORM OPENSSL_PLATFORM > # define SSLEAY_DIR OPENSSL_DIR > #endif /* OPENSSL_API_COMPAT */ > > Users who want to make sure they are avoiding interfaces that are > deprecated with 1.1.0 can set OPENSSL_API_COMPAT to 0x1010L or > higher as appropriate. That is one way. Can we get developers to come on baord so that we can launch a new era without incident? > > -- > Viktor. > ___ > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Birthdate 29 Jan 1969 Redhill, Surrey, UK ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] OPenssl and dependencies such as openssh
On Tue, Jan 05, 2016 at 11:21:37AM +1100, Darren Tucker wrote: > On Tue, Jan 5, 2016 at 3:08 AM, The Doctor <doc...@doctor.nl2k.ab.ca> wrote: > > This might be a croosmail, but necessary. > > > > I did us openssl-SNAP-20160104 minorss erros and installed. > > installed onto what kind of system and where? > > > I tried openssh-SNAP-20160105 and the OpenSSL libraries cannot be found > > OpenSSH's config.log will have the details about what failed. > > My guess is that you built only a dynamic libcrypto.so and installed > it somewhere that your runtime linker can't find. Exactly how to fix > that will depend on what kind of system you have (eg /etc/ld.so.conf > on Linuxes). > Both libssl and libcrypto were build. In openssl , it was discovered that an old code was being used to find the libraries. > -- > Darren Tucker (dtucker at zip.com.au) > GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 > Good judgement comes with experience. Unfortunately, the experience > usually comes from bad judgement. > ___ > openssh-unix-dev mailing list > openssh-unix-...@mindrot.org > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Birthdate 29 Jan 1969 Redhill, Surrey, UK ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] OPenssl and dependencies such as openssh
This might be a croosmail, but necessary. I did us openssl-SNAP-20160104 minorss erros and installed. I tried openssh-SNAP-20160105 and the OpenSSL libraries cannot be found In the openssh configuration file I see # Determine OpenSSL library version { $as_echo "$as_me:${as_lineno-$LINENO}: checking OpenSSL library versi on" >&5 $as_echo_n "checking OpenSSL library version... " >&6; } if test "$cross_compiling" = yes; then : { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: not checking" >&5 $as_echo "$as_me: WARNING: cross compiling: not checking" >&2;} else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include #include #include #define DATA "conftest.ssllibver" int main () { FILE *fd; int rc; fd = fopen(DATA,"w"); if(fd == NULL) exit(1); if ((rc = fprintf(fd ,"%08x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0) exit(1); exit(0); ; return 0; } _ACEOF if ac_fn_c_try_run "$LINENO"; then : ssl_library_ver=`cat conftest.ssllibver` # Check version is supported. case "$ssl_library_ver" in 0090[0-7]*|009080[0-5]*) as_fn_error $? "OpenSSL >= 0.9.8f requi red (have \"$ssl_library_ver\")" "$LINENO" 5 ;; *) ;; esac { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ssl_l ibrary_ver" >&5 $as_echo "$ssl_library_ver" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: not fo und" >&5 $as_echo "not found" >&6; } as_fn_error $? "OpenSSL library not found." "$LINENO" 5 fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ conftest.$ac_objext conftest.beam conftest.$ac_ext fi Could there be anything that is causing openssh not to see the new openssl 1.1 and are any other dependent serverware affacted? -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Happy Christmas 2015 and Merry New Year 2016 ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Openssl 1.1
All right, I did get this to start working on my 'ancient' BSD box. Couple of issues did catch my attention. Are Openssh, DNS developers, SMTP/POP3/IMAP developers, FTP devleopers, HTTPD developers and LDAP developers aware of changes coming down the pipe? If not, they should be informed. Also the libraries for libcrypto and libssl are suffixed as 1.1 instead of 1.1.0 any reason? Finally for the Configurations/10-main.conf I propose a slight amendment to the bsdi section "bsdi-elf-gcc" => { inherit_from => [ asm("x86_elf_asm") ], cc => "gcc", cflags => "-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O2 -march =i486 -Wall", thread_cflag => "(unknown)", lflags => "-ldl", bn_ops => "BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}", dso_scheme => "dlfcn", shared_target=> "bsd-gcc-shared", shared_cflag => "-fPIC", shared_extension => ".so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", }, "debug-bsdi-x86-elf" => { inherit_from => [ asm("x86_elf_asm") ], cc => "gcc", cflags => "-DPERL5 -DL_ENDIAN -DTERMIOS -fomit-frame-pointer -O2 -march=i486 -Wall -g", thread_cflag => "-pthread -D_THREAD_SAFE -D_REENTRANT", lflags => "-ldl -lgmp -lm -lc -lz", bn_ops => "THIRTY_TWO_BIT_LONG RC4_CHUNK BN_LLONG ${x86_gcc_d es} ${x86_gcc_opts}", dso_scheme => "dlfcn", shared_target=> "bsd-gcc-shared", shared_cflag => "-fPIC", shared_extension => ".so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", }, -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Happy Christmas 2015 and Merry New Year 2016 -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Happy Christmas 2015 and Merry New Year 2016 ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] [openssl-dev] Openssl 1.1
On Wed, Dec 30, 2015 at 05:02:14PM +, Salz, Rich wrote: > > Are Openssh, DNS developers, SMTP/POP3/IMAP developers, FTP > > devleopers, HTTPD developers and LDAP developers aware of changes > > coming down the pipe? > > > > If not, they should be informed. > > We've posted about it several times. We're making explicit pre-release > testing versions available. We've seen other folks (e.g., CURL) post about > their experiences. Do you have any suggestions? We'd hate for 'surprises' > to delay people to start using it. > We do our best to get this informing done. I do not know why yet, but I had a problem with openssh. > ___ > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Happy Christmas 2015 and Merry New Year 2016 ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Debugging a compile issue
On Sat, Aug 01, 2015 at 09:52:12PM +, Dr. Stephen Henson wrote: On Sat, Aug 01, 2015, The Doctor wrote: On Sat, Aug 01, 2015 at 04:15:16PM +, Dr. Stephen Henson wrote: On Sat, Aug 01, 2015, The Doctor wrote: A few weeks ago, I overloaded my server and compiler and now I get signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes: OK signed content test streaming S/MIME format, 2 DSA and 2 RSA keys: verify error *** Error code 1 Stop. *** Error code 1 Stop. How can debug and rectify the situation? I do need to move forward. I answered this a while back. Sorry for missing the inital reply. You should have some files called cms.err and cms.out in the test directory. What is in them? cme.err file ls: error initializing month strings Error reading S/MIME message 135072992:error:0D0D40D1:asn1 encoding routines:SMIME_read_ASN1:no content type: asn_mime.c:440: That's weird, what kind of system is this? BSD system Not sure what is causing that ls error. There should also be a file test.cms created which is 6879 bytes long for that test on my system. The only immediate possibility I can think of is that the file isn't written to properly for some reason (disk full?). Disk not full, however file not being written properly is a clue. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Time for Stephen to move on on Oct 19 2015!! ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Debugging a compile issue
On Tue, Aug 04, 2015 at 12:48:05AM -0600, The Doctor wrote: On Sat, Aug 01, 2015 at 09:52:12PM +, Dr. Stephen Henson wrote: On Sat, Aug 01, 2015, The Doctor wrote: On Sat, Aug 01, 2015 at 04:15:16PM +, Dr. Stephen Henson wrote: On Sat, Aug 01, 2015, The Doctor wrote: A few weeks ago, I overloaded my server and compiler and now I get signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes: OK signed content test streaming S/MIME format, 2 DSA and 2 RSA keys: verify error *** Error code 1 Stop. *** Error code 1 Stop. How can debug and rectify the situation? I do need to move forward. I answered this a while back. Sorry for missing the inital reply. You should have some files called cms.err and cms.out in the test directory. What is in them? cme.err file ls: error initializing month strings Error reading S/MIME message 135072992:error:0D0D40D1:asn1 encoding routines:SMIME_read_ASN1:no content type: asn_mime.c:440: That's weird, what kind of system is this? BSD system Not sure what is causing that ls error. There should also be a file test.cms created which is 6879 bytes long for that test on my system. The only immediate possibility I can think of is that the file isn't written to properly for some reason (disk full?). Disk not full, however file not being written properly is a clue. Just tried a variety of perl commands and all turned up the same. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Time for Stephen to move on on Oct 19 2015!! ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Time for Stephen to move on on Oct 19 2015!! ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] New compile web server will not start up
Tryng to run Apache 2.2 using recent SSL and got [Wed Dec 31 16:26:58 1969] [error] Init: Unable to read server certificate from file /var/www/SSLconf/conf/secure.nl2k.ab.ca.2015.crt [Wed Dec 31 16:26:58 1969] [error] SSL Library Error: 218529960 error:0D0680A8: lib(13):func(104):wrong tag [Wed Dec 31 16:26:58 1969] [error] SSL Library Error: 218595386 error:0D07803A: lib(13):func(120):nested asn1 error [Wed Dec 31 17:02:32 1969] [error] Init: Unable to read server certificate from file /var/www/SSLconf/conf/secure.nl2k.ab.ca.2015b.crt [Wed Dec 31 17:02:32 1969] [error] SSL Library Error: 218529960 error:0D0680A8: lib(13):func(104):wrong tag [Wed Dec 31 17:02:32 1969] [error] SSL Library Error: 218595386 error:0D07803A: lib(13):func(120):nested asn1 error [Wed Dec 31 17:14:03 1969] [error] Init: Unable to read server certificate from file /var/www/SSLconf/conf/secure.nl2k.ab.ca.2015.crt [Wed Dec 31 17:14:03 1969] [error] SSL Library Error: 218529960 error:0D0680A8: lib(13):func(104):wrong tag [Wed Dec 31 17:14:03 1969] [error] SSL Library Error: 218595386 error:0D07803A: lib(13):func(120):nested asn1 error [Wed Dec 31 17:18:04 1969] [error] Init: Unable to read server certificate from file /var/www/SSLconf/conf/secure.nl2k.ab.ca.2015b.crt [Wed Dec 31 17:18:04 1969] [error] SSL Library Error: 218529960 error:0D0680A8: lib(13):func(104):wrong tag [Wed Dec 31 17:18:04 1969] [error] SSL Library Error: 218595386 error:0D07803A: lib(13):func(120):nested asn1 error One cert secure.nl2k.ab.ca.2015.crt was brought over from a server backup and the other secure.nl2k.ab.ca.2015b.crt was generated on this server. What is causing this issue? -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Time for Stephen to move on on Oct 19 2015!! ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Compile question
Just compile openssl 1.0.2 daily 20150804 and got making all in crypto/cmac... if [ -n libcrypto.so.1.0.0 libssl.so.1.0.0 ]; then (cd ..; make libcrypto.so.1.0.0); fi [ -z ] || gcc -dPIC -fPIC -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -pthread -D_THREAD_SAFE -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DPERL5 -DL_ENDIAN -DTERMIOS -fomit-frame-pointer -O2 -march=pentium3 -Wall -g -DOPENSSL_EXPERIMENTAL_JPAKE -DOPENSSL_EXPERIMENTAL_LIBUNBOUND -DOPENSSL_EXPERIMENTAL_STORE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DGHASH_ASM -Iinclude -DFINGERPRINT_PREMAIN_DSO_LOAD -o fips_premain_dso fips_premain.c fipscanister.o libcrypto.a -lgmp -lc -ldl -lm /usr/lib/libc.a(sha.o): In function `SHA': sha.o(.text+0x0): multiple definition of `SHA' libcrypto.a(sha_one.o):/usr/source/openssl-1.0.2-stable-SNAP-20150804/crypto/sha/sha_one.c:66: first defined here ld: Warning: size of symbol `SHA' changed from 142 to 92 in /usr/lib/libc.a(sha.o) /usr/lib/libc.a(syslog.o): In function `vsyslog': syslog.o(.text+0x3a5): undefined reference to `__progname' /usr/lib/libc.a(exec.o): In function `execl': exec.o(.text+0x103): undefined reference to `environ' /usr/lib/libc.a(exec.o): In function `execv': exec.o(.text+0x26b): undefined reference to `environ' /usr/lib/libc.a(exec.o): In function `execvp': exec.o(.text+0x400): undefined reference to `environ' exec.o(.text+0x4da): undefined reference to `environ' *** Error code 1 Stop. *** Error code 1 Stop. *** Error code 1 Stop. *** Error code 1 Stop. *** Error code 1 Stop. used ./Configure 386 threads shared no-sse2 no-srtp no-ssl2 no-ssl3 experimental-li bunbound experimental-dane experimental-jpake experimental-store disable-sctp e nable-ssl-trace enable-whrlpool enable-montasm enable-capieng enable-cms enable -seed enable-tlsext enable-camellia enable-rfc3779 enable-md2 enable-gmp enable -mdc2 enable-md5 enable-rc5 experimental-multiblock enable-unit-test zlib-dynam ic --prefix=/usr/contrib --openssldir=/usr/contrib debug-bsdi-x86-elf ; make u pdate; make depend with call debug-bsdi-x86-elf, gcc:-DPERL5 -DL_ENDIAN -DTERMIOS -fomit-frame-pointer -O2 -march=pentium3 -Wall -g::${BSDthreads}::-lgmp -lc -ldl -lm :THIRY_TWO_BIT_ LONG RC4_CHUNK BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd -gcc-shared:-dPIC -fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR), -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Time for Stephen to move on on Oct 19 2015!! ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Debugging a compile issue
On Tue, Aug 04, 2015 at 12:52:19AM -0600, The Doctor wrote: On Tue, Aug 04, 2015 at 12:48:05AM -0600, The Doctor wrote: On Sat, Aug 01, 2015 at 09:52:12PM +, Dr. Stephen Henson wrote: On Sat, Aug 01, 2015, The Doctor wrote: On Sat, Aug 01, 2015 at 04:15:16PM +, Dr. Stephen Henson wrote: On Sat, Aug 01, 2015, The Doctor wrote: A few weeks ago, I overloaded my server and compiler and now I get signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes: OK signed content test streaming S/MIME format, 2 DSA and 2 RSA keys: verify error *** Error code 1 Stop. *** Error code 1 Stop. How can debug and rectify the situation? I do need to move forward. I answered this a while back. Sorry for missing the inital reply. You should have some files called cms.err and cms.out in the test directory. What is in them? cme.err file ls: error initializing month strings Error reading S/MIME message 135072992:error:0D0D40D1:asn1 encoding routines:SMIME_read_ASN1:no content type: asn_mime.c:440: That's weird, what kind of system is this? BSD system Not sure what is causing that ls error. There should also be a file test.cms created which is 6879 bytes long for that test on my system. The only immediate possibility I can think of is that the file isn't written to properly for some reason (disk full?). Disk not full, however file not being written properly is a clue. Just tried a variety of perl commands and all turned up the same. In perl debug mode I got DB1 signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes: OK main::run_smime_tests(cms-test.pl:531): 531:my ( $tnam, $rscmd, $rvcmd ) = @$smtst; DB1 main::run_smime_tests(cms-test.pl:532): 532:if ($ossl8) 533:{ DB1 main::run_smime_tests(cms-test.pl:541): 541:if ($no_ec $tnam =~ /ECDH/) 542:{ DB1 main::run_smime_tests(cms-test.pl:546): 546:if ($no_ecdh $tnam =~ /ECDH/) 547:{ DB1 main::run_smime_tests(cms-test.pl:551): 551:if ($no_ec2m $tnam =~ /K-283/) 552:{ DB1 main::run_smime_tests(cms-test.pl:556): 556:system($scmd$rscmd$redir); DB1 main::run_smime_tests(cms-test.pl:557): 557:if ($?) { DB1 main::run_smime_tests(cms-test.pl:563): 563:system($vcmd$rvcmd$redir); DB1 main::run_smime_tests(cms-test.pl:564): 564:if ($?) { DB1 main::run_smime_tests(cms-test.pl:565): 565:print $tnam: verify error\n; DB1 signed content test streaming S/MIME format, 2 DSA and 2 RSA keys: verify error main::run_smime_tests(cms-test.pl:566): 566:$$rv++; DB1 main::run_smime_tests(cms-test.pl:567): 567:exit 1 if $halt_err; DB1 -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Time for Stephen to move on on Oct 19 2015!! ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] NEed help
I am trying to compile openssl 1.0.2 SNAP 20150801 and now I get if [ -n libcrypto.so.1.0.0 libssl.so.1.0.0 ]; then (cd ..; make libcrypto.so.1.0.0); fi [ -z ] || gcc -fPIC -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -pthread -D_THREAD_SAFE -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DPERL5 -DL_ENDIAN -DTERMIOS -fomit-frame-pointer -O2 -march=pentium3 -Wall -g -DOPENSSL_EXPERIMENTAL_JPAKE -DOPENSSL_EXPERIMENTAL_LIBUNBOUND -DOPENSSL_EXPERIMENTAL_STORE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DGHASH_ASM -Iinclude -DFINGERPRINT_PREMAIN_DSO_LOAD -o fips_premain_dso fips_premain.c fipscanister.o libcrypto.a -ldl -lm -lc /usr/lib/libc.a(sha.o): In function `SHA': sha.o(.text+0x0): multiple definition of `SHA' libcrypto.a(sha_one.o):/usr/source/openssl-1.0.2-stable-SNAP-20150801/crypto/sha/sha_one.c:66: first defined here ld: Warning: size of symbol `SHA' changed from 142 to 92 in /usr/lib/libc.a(sha.o) /usr/lib/libc.a(malloc.o)(.text+0x16): undefined reference to `__progname' /usr/lib/libc.a(malloc.o)(.text+0xe0): undefined reference to `__progname' /usr/lib/libc.a(syslog.o): In function `vsyslog': syslog.o(.text+0x3a5): undefined reference to `__progname' /usr/lib/libc.a(getenv.o): In function `__findenv': getenv.o(.text+0x65): undefined reference to `environ' getenv.o(.text+0x72): undefined reference to `environ' /usr/lib/libc.a(exec.o): In function `execl': exec.o(.text+0x103): undefined reference to `environ' /usr/lib/libc.a(exec.o): In function `execv': exec.o(.text+0x26b): undefined reference to `environ' /usr/lib/libc.a(exec.o): In function `execvp': exec.o(.text+0x400): undefined reference to `environ' /usr/lib/libc.a(exec.o)(.text+0x4da): more undefined references to `environ' follow *** Error code 1 Stop. *** Error code 1 Stop. *** Error code 1 Stop. *** Error code 1 Stop. *** Error code 1 Stop. Pointers please on how to fix. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Abuse a man unjustly, and you will make friends for him. -Edgar Watson Howe ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Debugging a compile issue
A few weeks ago, I overloaded my server and compiler and now I get signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes: OK signed content test streaming S/MIME format, 2 DSA and 2 RSA keys: verify error *** Error code 1 Stop. *** Error code 1 Stop. How can debug and rectify the situation? I do need to move forward. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Abuse a man unjustly, and you will make friends for him. -Edgar Watson Howe ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Debugging a compile issue
On Sat, Aug 01, 2015 at 04:15:16PM +, Dr. Stephen Henson wrote: On Sat, Aug 01, 2015, The Doctor wrote: A few weeks ago, I overloaded my server and compiler and now I get signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes: OK signed content test streaming S/MIME format, 2 DSA and 2 RSA keys: verify error *** Error code 1 Stop. *** Error code 1 Stop. How can debug and rectify the situation? I do need to move forward. I answered this a while back. Sorry for missing the inital reply. You should have some files called cms.err and cms.out in the test directory. What is in them? cme.err file ls: error initializing month strings Error reading S/MIME message 135072992:error:0D0D40D1:asn1 encoding routines:SMIME_read_ASN1:no content type: asn_mime.c:440: amd cms.out is blank Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Abuse a man unjustly, and you will make friends for him. -Edgar Watson Howe ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Localised Error
What should I be looking at when signed content test streaming S/MIME format, 2 DSA and 2 RSA keys: verify error occurs? -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Abuse a man unjustly, and you will make friends for him. -Edgar Watson Howe ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] [openssl-dev] Localised Error
On Sun, Jul 19, 2015 at 06:05:26AM -0600, The Doctor wrote: What should I be looking at when signed content test streaming S/MIME format, 2 DSA and 2 RSA keys: verify error occurs? Further from the code i = X509_verify_cert(cert_ctx); if (i = 0) j = X509_STORE_CTX_get_error(cert_ctx); X509_STORE_CTX_cleanup(cert_ctx); if (i = 0) { PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_CERTIFICATE_VERIFY_ERROR); ERR_add_error_data(2, Verify error:, X509_verify_cert_error_string(j)); sk_X509_free(signers); return 0; } I wonder what could cause such an error? -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Abuse a man unjustly, and you will make friends for him. -Edgar Watson Howe ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Issue with openssl 1.0.2 20150713 SNAP
initializing month strings ls: error initializing month strings CMS = PKCS#7 compatibility tests signed content DER format, RSA key: OK signed detached content DER format, RSA key: OK signed content test streaming BER format, RSA: OK signed content DER format, DSA key: OK signed detached content DER format, DSA key: OK signed detached content DER format, add RSA signer: OK signed content test streaming BER format, DSA key: OK signed content test streaming BER format, 2 DSA and 2 RSA keys: OK signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes: OK signed content test streaming S/MIME format, 2 DSA and 2 RSA keys: verify error *** Error code 1 Stop. *** Error code 1 Stop. doctor.nl2k.ab.ca//usr/source/openssl-1.0.2-stable-SNAP-20150713$ x sh: x: command not found doctor.nl2k.ab.ca//usr/source/openssl-1.0.2-stable-SNAP-20150713$ exit exit Script done on Mon Jul 13 09:52:44 2015 Please fix -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Abuse a man unjustly, and you will make friends for him. -Edgar Watson Howe ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] openssl 1.0.2 and openssl 1.1.0 Snapshots
What is happening lately? openssl 1.0.2 snapshots have do materialised properly in the last 2 days and now opensl 1.1.0 is flopping. Please fix. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism UK! Vote LDem on 7 May 2015!! ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] openssl-1.0.2-stable-SNAP-20150504 error
secret with Brainpool Prime-Curve brainpoolP512r1 ok cat base64 aes-128-cbc aes-128-cbc base64 aes-128-ecb aes-128-ecb base64 aes-192-cbc aes-192-cbc base64 aes-192-ecb aes-192-ecb base64 aes-256-cbc aes-256-cbc base64 aes-256-ecb aes-256-ecb base64 base64 base64 base64 bf bf base64 bf-cbc bf-cbc base64 bf-cfb bf-cfb base64 bf-ecb bf-ecb base64 bf-ofb bf-ofb base64 camellia-128-cbc camellia-128-cbc base64 camellia-128-ecb camellia-128-ecb base64 camellia-192-cbc camellia-192-cbc base64 camellia-192-ecb camellia-192-ecb base64 camellia-256-cbc camellia-256-cbc base64 camellia-256-ecb camellia-256-ecb base64 cast cast base64 cast-cbc cast-cbc base64 cast5-cbc cast5-cbc base64 cast5-cfb cast5-cfb base64 cast5-ecb cast5-ecb base64 cast5-ofb cast5-ofb base64 des des base64 des-cbc des-cbc base64 des-cfb des-cfb base64 des-ecb des-ecb base64 des-ede des-ede base64 des-ede-cbc des-ede-cbc base64 des-ede-cfb des-ede-cfb base64 des-ede-ofb des-ede-ofb base64 des-ede3 des-ede3 base64 des-ede3-cbc des-ede3-cbc base64 des-ede3-cfb des-ede3-cfb base64 des-ede3-ofb des-ede3-ofb base64 des-ofb des-ofb base64 des3 des3 base64 desx desx base64 idea idea base64 idea-cbc idea-cbc base64 idea-cfb idea-cfb base64 idea-ecb idea-ecb base64 idea-ofb idea-ofb base64 rc2 rc2 base64 rc2-40-cbc rc2-40-cbc base64 rc2-64-cbc rc2-64-cbc base64 rc2-cbc rc2-cbc base64 rc2-cfb rc2-cfb base64 rc2-ecb rc2-ecb base64 rc2-ofb rc2-ofb base64 rc4 rc4 base64 rc4-40 rc4-40 base64 rc5 rc5 base64 rc5-cbc rc5-cbc base64 rc5-cfb rc5-cfb base64 rc5-ecb rc5-ecb base64 rc5-ofb rc5-ofb base64 seed seed base64 seed-cbc seed-cbc base64 seed-cfb seed-cfb base64 seed-ecb seed-ecb base64 seed-ofb seed-ofb base64 zlib zlib base64 echo test normal x509v1 certificate test normal x509v1 certificate sh ./tx509 2/dev/null testing X509 conversions p - d p - n p - p d - d n - d p - d d - n n - n p - n d - p n - p p - p echo test first x509v3 certificate test first x509v3 certificate sh ./tx509 v3-cert1.pem 2/dev/null testing X509 conversions p - d p - n p - p d - d n - d p - d d - n n - n p - n d - p n - p p - p echo test second x509v3 certificate test second x509v3 certificate sh ./tx509 v3-cert2.pem 2/dev/null testing X509 conversions p - d p - n p - p d - d n - d p - d d - n n - n p - n d - p n - p p - p rsa testing rsa conversions p - d p - p d - d p - d d - p p - p ../util/shlib_wrap.sh ./rsa_test PKCS #1 v1.5 encryption/decryption ok OAEP encryption/decryption ok PKCS #1 v1.5 encryption/decryption ok OAEP encryption/decryption ok PKCS #1 v1.5 encryption/decryption ok OAEP encryption/decryption ok PKCS #1 v1.5 encryption/decryption ok OAEP encryption/decryption ok PKCS #1 v1.5 encryption/decryption ok OAEP encryption/decryption ok PKCS #1 v1.5 encryption/decryption ok OAEP encryption/decryption ok testing crl conversions p - d p - p d - d p - d d - p p - p testing session-id conversions p - d p - p d - d p - d d - p p - p Generate and verify a certificate request generating certificate request rsa There should be a 2 sequences of .'s and some +'s. There should not be more that at most 80 per line This could take some time. Generating a 1024 bit RSA private key ...++ ..++ writing new private key to 'testkey.pem' - You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. - Country Name (2 letter code) [AU]:AU State or Province Name (full name) [Queensland]: Locality Name (eg, city) []:Brisbane Organization Name (eg, company) []:CryptSoft Pty Ltd Organizational Unit Name (eg, section) []:. Common Name (eg, YOUR name) []:Eric Young Email Address []:e...@mincom.oz.au verify OK testing req conversions p - d p - p d - d p - d d - p p - p testing req conversions p - d p - p d - d p - d d - p p - p testing pkcs7 conversions p - d p - p d - d p - d d - p p - p testing pkcs7 conversions (2) p - d p - p d - d p - d d - p p - p The following command should have some OK's and some failures There are definitly a few expired certificates ../util/shlib_wrap.sh ../apps/openssl verify -CApath ../certs/demo ../certs/demo/*.pem Segmentation fault *** Error code 139 Stop. *** Error code 1 Stop. ns2.nl2k.ab.ca//usr/source/openssl-1.0.2-stable-SNAP-20150504$ exit exit Script done on Mon May 4 07:09:07 2015 This error does not occur in openssl-1.0.2-stable-SNAP-20150502 Please fix. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Alberta time to save the province from corruption! Vote Liberal on 5 May 2015
[openssl-users] openssl 20150503 SNAP issue
base64 des-cfb des-cfb base64 des-ecb des-ecb base64 des-ede des-ede base64 des-ede-cbc des-ede-cbc base64 des-ede-cfb des-ede-cfb base64 des-ede-ofb des-ede-ofb base64 des-ede3 des-ede3 base64 des-ede3-cbc des-ede3-cbc base64 des-ede3-cfb des-ede3-cfb base64 des-ede3-ofb des-ede3-ofb base64 des-ofb des-ofb base64 des3 des3 base64 desx desx base64 idea idea base64 idea-cbc idea-cbc base64 idea-cfb idea-cfb base64 idea-ecb idea-ecb base64 idea-ofb idea-ofb base64 rc2 rc2 base64 rc2-40-cbc rc2-40-cbc base64 rc2-64-cbc rc2-64-cbc base64 rc2-cbc rc2-cbc base64 rc2-cfb rc2-cfb base64 rc2-ecb rc2-ecb base64 rc2-ofb rc2-ofb base64 rc4 rc4 base64 rc4-40 rc4-40 base64 rc5 rc5 base64 rc5-cbc rc5-cbc base64 rc5-cfb rc5-cfb base64 rc5-ecb rc5-ecb base64 rc5-ofb rc5-ofb base64 seed seed base64 seed-cbc seed-cbc base64 seed-cfb seed-cfb base64 seed-ecb seed-ecb base64 seed-ofb seed-ofb base64 zlib zlib base64 echo test normal x509v1 certificate test normal x509v1 certificate sh ./tx509 2/dev/null testing X509 conversions p - d p - n p - p d - d n - d p - d d - n n - n p - n d - p n - p p - p echo test first x509v3 certificate test first x509v3 certificate sh ./tx509 v3-cert1.pem 2/dev/null testing X509 conversions p - d p - n p - p d - d n - d p - d d - n n - n p - n d - p n - p p - p echo test second x509v3 certificate test second x509v3 certificate sh ./tx509 v3-cert2.pem 2/dev/null testing X509 conversions p - d p - n p - p d - d n - d p - d d - n n - n p - n d - p n - p p - p rsa testing rsa conversions p - d p - p d - d p - d d - p p - p ../util/shlib_wrap.sh ./rsa_test PKCS #1 v1.5 encryption/decryption ok OAEP encryption/decryption ok PKCS #1 v1.5 encryption/decryption ok OAEP encryption/decryption ok PKCS #1 v1.5 encryption/decryption ok OAEP encryption/decryption ok PKCS #1 v1.5 encryption/decryption ok OAEP encryption/decryption ok PKCS #1 v1.5 encryption/decryption ok OAEP encryption/decryption ok PKCS #1 v1.5 encryption/decryption ok OAEP encryption/decryption ok testing crl conversions p - d p - p d - d p - d d - p p - p testing session-id conversions p - d p - p d - d p - d d - p p - p Generate and verify a certificate request generating certificate request rsa There should be a 2 sequences of .'s and some +'s. There should not be more that at most 80 per line This could take some time. Generating a 1024 bit RSA private key ++ ..++ writing new private key to 'testkey.pem' - You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. - Country Name (2 letter code) [AU]:AU State or Province Name (full name) [Queensland]: Locality Name (eg, city) []:Brisbane Organization Name (eg, company) []:CryptSoft Pty Ltd Organizational Unit Name (eg, section) []:. Common Name (eg, YOUR name) []:Eric Young Email Address []:e...@mincom.oz.au verify OK testing req conversions p - d p - p d - d p - d d - p p - p testing req conversions p - d p - p d - d p - d d - p p - p testing pkcs7 conversions p - d p - p d - d p - d d - p p - p testing pkcs7 conversions (2) p - d p - p d - d p - d d - p p - p The following command should have some OK's and some failures There are definitly a few expired certificates ../util/shlib_wrap.sh ../apps/openssl verify -CApath ../certs/demo ../certs/demo/*.pem Segmentation fault *** Error code 139 Stop. *** Error code 1 Stop. ns2.nl2k.ab.ca//usr/source/openssl-1.0.2-stable-SNAP-20150503$ x sh: x: command not found ns2.nl2k.ab.ca//usr/source/openssl-1.0.2-stable-SNAP-20150503$ exit exit Script done on Sun May 3 05:46:57 2015 Please fix. This was working in 20150502 Snapshots. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Alberta time to save the province from corruption! Vote Liberal on 5 May 2015!! ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] SNAPSHOT updates
On Sat, Mar 14, 2015 at 11:22:56AM +0100, Kurt Roeckx wrote: On Fri, Mar 13, 2015 at 11:14:18AM -0600, The Doctor wrote: What is happening? In the Moutain Time Zone: It was at 22:22 MST then 23:22 MDT then 00:22 MDT !! Do you mean when the snapshot is made? The machine runs in UTC, and the files seem to be made at 6:22 UTC. How many times did they change the time release? Kurt ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Know how to listen, and you will profit even from those who talk badly.-Plutarch ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] SNAPSHOT updates
What is happening? In the Moutain Time Zone: It was at 22:22 MST then 23:22 MDT then 00:22 MDT !! -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Never compare your inside with somebody else's outside. -Hugh Macleod ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] More POODLE issues
Now POODLE is hitting TLS http://www.computerworld.com/article/2857274/security0/poodle-flaw-tls-itbwcw.html Any fixes in the works? -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Merry Christmas 2014 and Happy New Year 2015 ___ openssl-users mailing list openssl-users@openssl.org https://mta.opensslfoundation.net/mailman/listinfo/openssl-users