Good evening.
Matt Caswell wrote in <18466c3a-430a-f1cb-8277-1f742e1b4...@openssl.org>:
|On 17/10/2018 14:09, Steffen Nurpmeso wrote:
|> Matt Caswell wrote in :
|>|On 17/10/2018 13:43, Steffen Nurpmeso wrote:
|>|> Matt Caswell wrote in |> >:
|>|>|On 17/10/2018
Matt Caswell wrote in :
|On 17/10/2018 22:07, Steffen Nurpmeso wrote:
|>|
|>|This is definitely an environmental issue. I just installed an Alpine
|>|Linux VM. I got the above error consistently when using clang as the
|>|compiler (whether or not I added "-DOPENSSL_
Hello, and fyi.
I have built final 1.1.1 yesterday on AlpineLinux musl after
running a prelease from end of May before. My makefile rule for
this box is (excerpt)
./config --prefix=$(MYPREFIX) zlib-dynamic no-hw shared \
no-deprecated no-async no-tests \
Matt Caswell wrote in :
|
|
|On 17/10/2018 13:12, Steffen Nurpmeso wrote:
|> Hello, and fyi.
|>
|> I have built final 1.1.1 yesterday on AlpineLinux musl after
|> running a prelease from end of May before. My makefile rule for
|> this box is (excerpt)
|>
|>
Matt Caswell wrote in :
|On 17/10/2018 13:43, Steffen Nurpmeso wrote:
|> Matt Caswell wrote in :
|>|On 17/10/2018 13:12, Steffen Nurpmeso wrote:
|>|> I have built final 1.1.1 yesterday on AlpineLinux musl after
|>|> running a prelease from end of May before.
Scott Neugroschl wrote in :
|Steffen Nurpmeso, Tuesday, September 25, 2018 11:57 AM
|> The RFC 7468 term "parsers SHOULD ignore whitespace and other non-
|>base64 characters" makes me wonder.
|
|The relevant clause is a few sentences up: "Data before the encapsu
Viktor Dukhovni wrote in <5d44b1e9-cdb3-49c1-a3e5-4ab0d889c...@dukhovni.org>:
|That particular parser tries to parse an arbitrary single
|PEM-encoded object, rather than a first object of a particular
|type (as with "pkey", "req", "x509", ...). The code for that
|is more specialized, and does
Dr. Matthias St. Pierre wrote in :
|I agree with Kurt, except for one point:
|
|> The RAND_bytes and RAND_status manpages can clearly be improved.
|
|Both manpages got an update during the DRBG rewrite (by me) and I don't
|see any contradiction. You bring it to the point yourself:
I had a
Good evening.
Please excuse the late reply.
Kurt Roeckx wrote in <20190104180735.ga25...@roeckx.be>:
|On Fri, Jan 04, 2019 at 02:48:48PM +0100, Steffen Nurpmeso wrote:
|> Dr. Matthias St. Pierre wrote in <450169f8ca7c43d1841c4c8052e78c72@Ex13.\
|> ncp.local>:
...
|>
506.ga18...@roeckx.be>:
|On Sat, Jan 05, 2019 at 08:33:18PM +0100, Steffen Nurpmeso wrote:
|>
|> (I am also really interested and will look into OpenSSL to see if
|> the abort() that seems to happen if the initial seed fails is in
|> a linker-resolved constructor, and if not, why
Good evening.
Jakob Bohm via openssl-users wrote in <95bceb59-b299-015a-f9c2-e2487a699\
8...@wisemo.com>:
|Small corrections below:
|
|On 07/01/2019 19:31, Steffen Nurpmeso wrote:
|
||...
|||RAND_load_file() and all this stuff. Just make sure the os entropy \
|||sources
|||are ava
Steffen Nurpmeso wrote in <20190107183136.-ew61%stef...@sdaoden.eu>:
...
| ...
||RAND_bytes() has always documented that it can fail. Most function
...
|So, to me.., i do not see any possible error condition, since the
|initial seeding has been testified with RAND_
Jakob Bohm via openssl-users wrote in <07f4dea3-1a62-0c8c-76a4-cbe56abc8\
7...@wisemo.com>:
|On 07/01/2019 22:31, Steffen Nurpmeso wrote:
|> Good evening.
|>
|> Jakob Bohm via openssl-users wrote in <95bceb59-b299-015a-f9c2-e2487a699\
|> 8...@wisemo.com>:
|&
Dr. Matthias St. Pierre wrote in <450169f8ca7c43d1841c4c8052e78c72@Ex13.\
ncp.local>:
|> So my concerns are:
|> 1. Whether I really can count on getting a high-entropy PRNG across \
|> these various platforms, without any explicit initialization.
|
|Yes, for the mentioned platforms, the
Dennis Clarke wrote in <73f913f0-c7d0-2805-d28c-2273fc8c2...@blastwave.org>:
|On 1/2/19 5:14 AM, Jakob Bohm via openssl-users wrote:
|> On 02/01/2019 10:41, Matt Caswell wrote:
|>>
|>> On 27/12/2018 08:37, Dmitry Belyavsky wrote:
|>>> Hello,
|>>>
|>>> Am I right supposing that local
Dennis Clarke wrote in :
|
|>> beta $ gzip -dc ../src/openssl-1.1.1c.tar.gz | tar -xf -
|>> tar: pax_global_header: typeflag 'g' not recognized, converting to
|>> regular file
|>> beta $
|>>
|>> Must be a gnu tar thing?
|>
|> Hi Dennis,
|>
|> it's not a bug, it's a feature. ;-)
|>
Jay Foster wrote in <84571f12-68b3-f7ee-7896-c891a2e25...@roadrunner.com>:
|On 5/28/2019 10:39 AM, Jay Foster wrote:
|> I built OpenSSL 1.1.1c from the recent release, but have noticed what
|> seems like a significant performance drop compared with 1.1.1b. I
|> notice this when starting
Jakob Bohm via openssl-users wrote in <23f8b94d-0078-af3c-b46a-929b9d005\
4...@wisemo.com>:
|On 28/05/2019 23:48, Steffen Nurpmeso wrote:
|> Jay Foster wrote in <84571f12-68b3-f7ee-7896-c891a2e25...@roadrunner.com\
|> >:
|>|On 5/28/2019 10:39 AM, Jay Foster wrote:
|>|
Steffen Nurpmeso wrote in
<20200425210613.scjxn%stef...@sdaoden.eu>:
|Hello once more.
|
|OpenSSL wrote in
|<20200423142936.ga24...@openssl.org>:
|| OpenSSL version 3.0 alpha 1 released
|
|I do not understand one thing at the moment. If i use
|no-deprecated then the st
Hello once more.
OpenSSL wrote in
<20200423142936.ga24...@openssl.org>:
| OpenSSL version 3.0 alpha 1 released
I do not understand one thing at the moment. If i use
no-deprecated then the stack handling is not available:
/*
* If we're building OpenSSL, or we have no-deprecated
Hello Rich Salz,
Salz, Rich wrote in
:
|>I do not understand one thing at the moment. If i use
|no-deprecated then the stack handling is not available:
|
|If you use no-deprecated you have to use DEFINE_STACK_OF in exactly \
|one file. And use DECLARE_STACK in your common header
Salz, Rich wrote in
<05c099a8-261f-43df-a59a-97ccf030f...@akamai.com>:
|>Yes, nice, why not reduce compile time and save prescious compiler
|memory by getting rid of all-inline one-liners.
|
|And link-time collapsing the identical code. I think this is an issue \
|on some Solaris,
Hello!
OpenSSL wrote in
<20200423142936.ga24...@openssl.org>:
| OpenSSL version 3.0 alpha 1 released
That surely is "a great step" for you who work with that code!
Congratulations.
I get compile errors, maybe some config flags are not honoured
correctly yet? So i am using a local git clone
Hello and Good Evening!
Matt Caswell wrote in
<94a03020-9f9e-cf31-c3e7-88fa4579b...@openssl.org>:
|On 24/04/2020 16:12, Steffen Nurpmeso wrote:
|make: *** [Makefile:2801: build_sw] Error 2
|>
|> I have to go now, maybe this all goes away if i get myself the
|> Test::Builder
Hello.
Matt Caswell wrote in
:
|On 09/01/2021 23:24, Steffen Nurpmeso wrote:
|> Hello.
|>
|> I do use SSL_CONF_cmd() (and modules) possibility if it exists,
|> since it allow users to simply use the features of the newest
|> OpenSSL library without any code cha
Hello.
I do use SSL_CONF_cmd() (and modules) possibility if it exists,
since it allow users to simply use the features of the newest
OpenSSL library without any code changes on my side.
This is great, and i think i applauded in the past.
I discovered security_level(), needless to say i thought
Matt Caswell wrote in
<9b337dc8-3d2b-23c4-f4b8-ee332deda...@openssl.org>:
|Please raise your patch as a PR so that it can properly reviewed. You'll
|also need to submit a CLA:
Sorry no, i do not have a github account nor will i go there.
You may commit it with your own name, or not.
Have a
Matt Caswell wrote in
<33db69e0-0f9b-c559-43f7-e5a2f85a4...@openssl.org>:
|On 17/06/2021 15:43, Steffen Nurpmeso wrote:
|> Fyi, i have $PERL5OPT=-C permanently in my environment, in
|> conjunction with LC_ALL=en_US.utf8 this results in the build error
|> as below. Prefixing
Hello.
Matt Caswell wrote in
<20210617133633.ga24...@openssl.org>:
...
| OpenSSL version 3.0 beta 1 released
...
Congratulations after a lot of work!
Fyi, i have $PERL5OPT=-C permanently in my environment, in
conjunction with LC_ALL=en_US.utf8 this results in the build error
as below.
Yes, off-topic, sorry.
Tomas Mraz wrote in
<11264f92f87def629df40cf0b7f7b0cc8f43fbe4.ca...@openssl.org>:
|On Thu, 2021-06-17 at 17:12 +0200, Steffen Nurpmeso wrote:
|>
|> P.P.S.: Tomáš Mráz: aren't you part of PAM project too? Off-topic
|> here, but i had written a somewhat
Steffen Nurpmeso wrote in
<20210617151209.s_znu%stef...@sdaoden.eu>:
|Matt Caswell wrote in
| <33db69e0-0f9b-c559-43f7-e5a2f85a4...@openssl.org>:
||On 17/06/2021 15:43, Steffen Nurpmeso wrote:
||> Fyi, i have $PERL5OPT=-C permanently in my environment, in
||> conju
Yeah?
:)
--steffen
|
|Der Kragenbaer,The moon bear,
|der holt sich munter he cheerfully and one by one
|einen nach dem anderen runter wa.ks himself off
|(By Robert Gernhardt)
Hello.
William Roberts wrote in
:
|It's there:
|https://github.com/openssl/openssl/releases/tag/openssl-3.0.0
|
|I checked it out this morning.
Oh! I have
fetch = +refs/heads/master:refs/remotes/origin/master
fetch =
Benjamin Kaduk wrote in
<2021090848.gx19...@akamai.com>:
|On Thu, Sep 09, 2021 at 12:15:44AM +0200, Steffen Nurpmeso wrote:
|>
|> P.S.: maybe at least release commits and tags could be signed?
|> And/or HTTPS access to the repository ... but then i get the gut
|> feeli
Benjamin Kaduk wrote in
<20210908233639.gy19...@akamai.com>:
|On Thu, Sep 09, 2021 at 01:03:28AM +0200, Steffen Nurpmeso wrote:
|> But if i use
|>
|> #?0|kent:tls-openssl.git$ alias gl1
|> alias gl1='git slpn -1'
|> #?0|kent:tls-openssl.git$ git alias|grep slpn
Randall S. Becker wrote in
<012201d7a590$56df08d0$049d1a70$@nexbridge.com>:
|On September 9, 2021 6:56 AM, Steffen Nurpmeso wrote:
|>Benjamin Kaduk wrote in
|> <20210908233639.gy19...@akamai.com>:
|>|On Thu, Sep 09, 2021 at 01:03:28AM +0200, Steffen Nurpmeso wrote:
Randall S. Becker wrote in
<014c01d7a5b7$a0a7d1f0$e1f775d0$@nexbridge.com>:
...
You are right in everything that you say.
|Strictly speaking, the signature on a tag is considered immutable and \
|transitively applies the signature to the commit (it does not really, \
|but the effect is the
Randall S. Becker wrote in
<015301d7a5be$22589940$6709cbc0$@nexbridge.com>:
..
|cture" would have to reconstruct the Merkel Tree, which, even in SHA-1 \
Now you digress.
But i had nothing to say from the start..
Good night!
--steffen
|
|Der Kragenbaer,The moon bear,
|der
Hello.
I first thought it was musl related but the AlpineLinux bug report
turned out to be wrong, i can easily reproduce it anywhere, it is
just that the according script only runs there:
#?0|kent:$ export
LD_LIBRARY_PATH=~/usr-kent-crux-linux-x86_64/opt/.ossl3/lib64/
#?0|kent:$
Viktor Dukhovni wrote in
:
|On Wed, Sep 29, 2021 at 10:30:29PM +0200, Steffen Nurpmeso wrote:
...
|> #?1|kent:$ ~/usr-kent-crux-linux-x86_64/opt/.ossl3/bin/openssl chacha20
|> Segmentation fault
Thanks for fixing this so fast.
...
|You should open an issue on Github. The imm
Viktor Dukhovni wrote in
:
|On Thu, Sep 30, 2021 at 02:48:39PM +0200, Steffen Nurpmeso wrote:
|> Thanks for fixing this so fast.
|> ...
|>|You should open an issue on Github. The immediate cause is:
|> ...
|>
|> I finally (re)created a github account to cause le
Viktor Dukhovni wrote in
:
|On Fri, Feb 11, 2022 at 09:13:05PM +, Joseph Chen via openssl-users \
|wrote:
|> Could someone point me to some good reads or C code examples for
|> creating a TLS client/server with best practices?
...
|In Postfix, you'll find clean, well commented code that
Tomas Mraz wrote in
<8dc71838a21fb2508928cab720f5e2c10bab1746.ca...@openssl.org>:
|A good starting point is to read the migration guide:
|
|https://www.openssl.org/docs/man3.0/man7/migration_guide.html
You .. really have to find that first. I shamelessly post some
private conversation i had
Jakob Bohm wrote in
<5257e6e7-94e3-896d-73c8-9c17b29b8...@wisemo.com>:
|On 2022-11-06 23:14, raf via openssl-users wrote:
|> On Sat, Nov 05, 2022 at 02:22:55PM +, Michael Wojcik atmicrofocus.com> wrote:
...
|Regarding C90 compilers, it is important to realize that some system
|vendors
Michael Wojcik wrote in
:
|> From: openssl-users On Behalf \
|> Of Phillip
|> Susi
|> Sent: Wednesday, 2 November, 2022 11:45
|>
|> The only thing to fix is don't put your compiler in strict C90 mode.
|
|I'm inclined to agree. While there's an argument for backward compatibil\
|ity,
45 matches
Mail list logo
