On Thu, Apr 30, 2020 at 9:27 PM Richard Levitte wrote:
> Yes, running from the DESTDIR "installation" gets you into trouble.
> DESTDIR is intended to be a staging directory, i.e. a place to put
Fair enough, I don't have to use DESTDIR, I configure with openssldir
and prefix set to a sandbox now.
Reminder that in git master and 3.0.0, CAST5 gives the wrong output:
https://github.com/openssl/openssl/issues/11459 (this proof of concept was
made before you moved CAST5 to liblegacy, so just put
OSSL_PROVIDER_load(nullptr, "legacy"); in there to make it work)
On Thu, Apr 23, 2020 at 4:30 PM
On Fri, May 1, 2020 at 6:36 AM Richard Levitte wrote:
>
> On Sun, 26 Apr 2020 11:35:14 +0200,
> Yann Ylavic wrote:
> >
> > On Sun, Apr 26, 2020 at 12:15 AM Kurt Roeckx wrote:
> > >
> > > On Fri, Apr 24, 2020 at 01:26:05PM +0200, Yann Ylavic wrote:
> > > >
> > > > - DH_bits(dh) (used for logging
On Sun, 26 Apr 2020 11:35:14 +0200,
Yann Ylavic wrote:
>
> On Sun, Apr 26, 2020 at 12:15 AM Kurt Roeckx wrote:
> >
> > On Fri, Apr 24, 2020 at 01:26:05PM +0200, Yann Ylavic wrote:
> > >
> > > - DH_bits(dh) (used for logging only in httpd)
> > > Replaced by BN_num_bits(DH_get0_p(dh)).
> > > Not
On Fri, 01 May 2020 01:22:34 +0200,
Sam Roberts wrote:
>
> On Fri, Apr 24, 2020 at 9:07 AM Nicola Tuveri wrote:
> > At https://wiki.openssl.org/index.php/OpenSSL_3.0#Providers there was
> > already an example of how to do this programmatically, and a link to the
> > manpage for the config file
On Fri, Apr 24, 2020 at 9:07 AM Nicola Tuveri wrote:
> At https://wiki.openssl.org/index.php/OpenSSL_3.0#Providers there was already
> an example of how to do this programmatically, and a link to the manpage for
> the config file syntax.
That's not working for me:
Failed to load Legacy
On Sun, Apr 26, 2020 at 12:15 AM Kurt Roeckx wrote:
>
> On Fri, Apr 24, 2020 at 01:26:05PM +0200, Yann Ylavic wrote:
> >
> > - DH_bits(dh) (used for logging only in httpd)
> > Replaced by BN_num_bits(DH_get0_p(dh)).
> > Not sure this one should be deprecated, it seems to be used in several
> >
I would normally refrain but ...
On 25/04/2020 23:24, Salz, Rich via openssl-users wrote:
Yes, nice, why not reduce compile time and save prescious compiler
memory by getting rid of all-inline one-liners.
And link-time collapsing the identical code. I think this is an issue on some
Salz, Rich wrote in
<05c099a8-261f-43df-a59a-97ccf030f...@akamai.com>:
|>Yes, nice, why not reduce compile time and save prescious compiler
|memory by getting rid of all-inline one-liners.
|
|And link-time collapsing the identical code. I think this is an issue \
|on some Solaris,
>Yes, nice, why not reduce compile time and save prescious compiler
memory by getting rid of all-inline one-liners.
And link-time collapsing the identical code. I think this is an issue on some
Solaris, for example.
> Sorry for coming
over sarcastic, i am listening to "This
On Fri, Apr 24, 2020 at 01:26:05PM +0200, Yann Ylavic wrote:
>
> - DH_bits(dh) (used for logging only in httpd)
> Replaced by BN_num_bits(DH_get0_p(dh)).
> Not sure this one should be deprecated, it seems to be used in several
> places in openssl codebase still, no replacement?
I think the
Hello Rich Salz,
Salz, Rich wrote in
:
|>I do not understand one thing at the moment. If i use
|no-deprecated then the stack handling is not available:
|
|If you use no-deprecated you have to use DEFINE_STACK_OF in exactly \
|one file. And use DECLARE_STACK in your common header
Steffen Nurpmeso wrote in
<20200425210613.scjxn%stef...@sdaoden.eu>:
|Hello once more.
|
|OpenSSL wrote in
|<20200423142936.ga24...@openssl.org>:
|| OpenSSL version 3.0 alpha 1 released
|
|I do not understand one thing at the moment. If i use
|no-deprecated then the stack handling is
>I do not understand one thing at the moment. If i use
no-deprecated then the stack handling is not available:
If you use no-deprecated you have to use DEFINE_STACK_OF in exactly one file.
And use DECLARE_STACK in your common header file.
Let me know if this works, or not, for you.
Hello once more.
OpenSSL wrote in
<20200423142936.ga24...@openssl.org>:
| OpenSSL version 3.0 alpha 1 released
I do not understand one thing at the moment. If i use
no-deprecated then the stack handling is not available:
/*
* If we're building OpenSSL, or we have no-deprecated
Hello and Good Evening!
Matt Caswell wrote in
<94a03020-9f9e-cf31-c3e7-88fa4579b...@openssl.org>:
|On 24/04/2020 16:12, Steffen Nurpmeso wrote:
|make: *** [Makefile:2801: build_sw] Error 2
|>
|> I have to go now, maybe this all goes away if i get myself the
|> Test::Builder::TodoDiag perl
r 2
From: openssl-users on behalf of OpenSSL
Sent: Friday, 24 April 2020 12:29 AM
To: openssl-proj...@openssl.org ; OpenSSL User
Support ML ; OpenSSL Announce ML
Subject: OpenSSL version 3.0.0-alpha1 published
-BEGIN PGP SIGN
On Fri, Apr 24, 2020 at 09:51:48AM -0600, The Doctor wrote:
> All right, I am test 3.0 alpha 2 using sshd and squid n FreeBSD 12.1
> I will also test on httpd , php 74 et al.
>
> so far openssh 8.2p1 and openssl 2.0 is working.
>
And squid 5.0.2
> --
> Member - Liberal International This is
On 24/04/2020 16:12, Steffen Nurpmeso wrote:
make: *** [Makefile:2801: build_sw] Error 2
>
> I have to go now, maybe this all goes away if i get myself the
> Test::Builder::TodoDiag perl module?
I doubt it. This isn't code in the tests.
Try adding this line with the other includes at at the
On Fri, Apr 24, 2020 at 5:50 PM The Doctor wrote:
>
> I will also test on httpd , php 74 et al.
This commit might help if you want to test httpd trunk/master:
https://github.com/apache/httpd/commit/316aea784d9423688ea38943d95d1d2b614fc921
Regards,
Yann.
At https://wiki.openssl.org/index.php/OpenSSL_3.0#Providers there was
already an example of how to do this programmatically, and a link to the
manpage for the config file syntax.
I just added also a minimal config file example to load both the default
and the legacy provider in the default
All right, I am test 3.0 alpha 2 using sshd and squid n FreeBSD 12.1
I will also test on httpd , php 74 et al.
so far openssh 8.2p1 and openssl 2.0 is working.
--
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
Yahweh, Queen & country!Never Satan President
On Fri, Apr 24, 2020 at 1:05 AM Matt Caswell wrote:
> This one is interesting:
>
> ERR_OSSL_EVP_FETCH_FAILED
>
>
> This means that the algorithm you are trying to use isn't available in
> the loaded providers. Since you should be getting the default provider
> loaded automatically it could be
Hello!
OpenSSL wrote in
<20200423142936.ga24...@openssl.org>:
| OpenSSL version 3.0 alpha 1 released
That surely is "a great step" for you who work with that code!
Congratulations.
I get compile errors, maybe some config flags are not honoured
correctly yet? So i am using a local git clone
On 24/04/2020 13:15, Yann Ylavic wrote:
> On Fri, Apr 24, 2020 at 1:26 PM Yann Ylavic wrote:
>>
>> - Custom input BIO_METHOD (using httpd filters' stack) asserted its
>> _ctrl() was never called, so far..
>> The new BIO_eof() calls in codebase, notably from ssl3_read_n(),
>> breaks this
On 24/04/2020 12:26, Yann Ylavic wrote:
> Hi team,
>
> I gave 3.0.0-alpha1 a try with Apache httpd.
> tl;dr it works with minimal changes, congrats!
That's great to hear. Thanks for the feedback Yann!
Matt
On Fri, Apr 24, 2020 at 1:26 PM Yann Ylavic wrote:
>
> - Custom input BIO_METHOD (using httpd filters' stack) asserted its
> _ctrl() was never called, so far..
> The new BIO_eof() calls in codebase, notably from ssl3_read_n(),
> breaks this assertion.
> Handling the case for BIO_CTRL_EOF made it,
Hi team,
I gave 3.0.0-alpha1 a try with Apache httpd.
tl;dr it works with minimal changes, congrats!
The changes needed on httpd side:
- SSL_CTX_load_verify_locations() and X509_STORE_load_locations()
Replaced by {SSL_CTX,X590_STORE}_load_verify_file() +
On 24/04/2020 00:05, Sam Roberts wrote:
> Fwiw, took a quick run at building and testing Node.js against the 3.x beta.
>
> It was API compatible enough to build.
Good to hear!
> The DH_, ECDH_, HMAC_, etc.
> deprecations make sense, will look at those.
>
> My assumption is that EVP versions
On Thu, 2020-04-23 at 16:05 -0700, Sam Roberts wrote:
> Fwiw, took a quick run at building and testing Node.js against the
> 3.x beta.
>
> It was API compatible enough to build. The DH_, ECDH_, HMAC_, etc.
> deprecations make sense, will look at those.
>
> My assumption is that EVP versions of
Fwiw, took a quick run at building and testing Node.js against the 3.x beta.
It was API compatible enough to build. The DH_, ECDH_, HMAC_, etc.
deprecations make sense, will look at those.
My assumption is that EVP versions of these exist in openssl 1.1.1,
and that if we switch our openssl 1.1.1
On 23/04/2020 18:01, Sam Roberts wrote:
> Resending to -users.
>
> On Thu, Apr 23, 2020 at 9:58 AM Sam Roberts wrote:
>>
>> Seems to be something wrong with the way config is generating the
>> version strings:
>> gcc -Icrypto -I. -Iinclude -Iproviders/common/include
>>
Resending to -users.
On Thu, Apr 23, 2020 at 9:58 AM Sam Roberts wrote:
>
> Seems to be something wrong with the way config is generating the
> version strings:
> gcc -Icrypto -I. -Iinclude -Iproviders/common/include
> -Iproviders/implementations/include -Icrypto/include -DAES_ASM
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
OpenSSL version 3.0 alpha 1 released
OpenSSL - The Open Source toolkit for SSL/TLS
https://www.openssl.org/
OpenSSL 3.0 is currently in alpha.
OpenSSL 3.0 alpha 1 has now been made
34 matches
Mail list logo
