Re: [openssl-dev] [openssl.org #4470] AutoReply: FEATURE: OpenSSL test script for configurations and options
Updated to print the options used when a failure occurs; add additional test configurations, like "no-asm -ansi". The QA/Testing team should try the script. Its very revealing. Here's what I am seeing: $ grep '!!' openssl-result.txt !!FAILED (no-aes)!! !!FAILED (no-asm no-aes)!! !!FAILED (no-autoalginit)!! !!FAILED (no-asm no-autoalginit)!! ... Its better to run the script on a machine with 8 or 16 cores because there's a lot of combinations and you'll get results faster. The script automatically steps up job counts based on logical processors. I think the project has some big iron lying around, so it should be available somewhere. > - > Hi Everyone, > > Attached is a test script to repeatedly configure, build and test > OpenSSL under different configuration options. Options include the > usual suspects like "no-asm", "no-ssl2", "no-ssl3" and "no-comp". It > also includes other options, like Debug, Release, IPv4 and IPv6. > > I understand some of the devs have similar scripts Please consider > adding the attached script or a similar dev script to the tarball. > > The script will help the project proactively detect issues, and help > it avoid reactive fixes. As the script grows in depth and breadth, > OpenSSL will only get stronger. > > Thanks in advance. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4470 Please log in as guest with password guest if prompted openssl-test.tar.gz Description: GNU Zip compressed data -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] Changing/deleted ordinals for exported function in the Windows DLLs
It looks like ordinals are changing and/or being removed for functions exported by the Windows DLL. Its causing pain points for users in the field, and it appears to be trending. Confer: * WAMP OpenSSL ordinal 372 error, http://stackoverflow.com/q/36238887 * The Ordinal 112 could not be located in dynamic link library…, http://stackoverflow.com/q/36163468 I think ordinals were meant to speed up loading of shared resources in the 16-bit Windows days. They fell out of favor circa Windows 95. According to Jeffrey Richter and in his book Programming Applications for Microsoft Windows, page 701 (http://www.amazon.com/dp/1572319968): The second form [of the function GetProcAddress] ... [and the] pszSymbolName parameter indicates the ordinal number of the symbol whose address you want... Again, let me reiterate that Microsoft strongly discourages the use of ordinals. Richter then goes on to discuss getting the wrong function address because ordinals have changed. It seems like the changes should have been caught in the engineering process during QA or testing. Perhaps an explicit step should be added to avoid the problems in the future? -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4486] PATCH: fix NMAKE fatal error U1073: "don't know how to make 'LNAME\openssl\Configurations\windows-makefile.tmpl'"
Using Strawberry PERL from a typical Windows user desktop and working from Master at c828cd7... > cls && perl Configure VC-WIN32 ... > nmake Microsoft (R) Program Maintenance Utility Version 11.00.61030.0 Copyright (C) Microsoft Corporation. All rights reserved. NMAKE : fatal error U1073: don't know how to make 'LNAME\openssl\Configurations \windows-makefile.tmpl' Stop. $ git diff diff --git a/Configurations/windows-makefile.tmpl b/Configurations/windows-makefile.tmpl index 0b8ac72..6f97315 100644 --- a/Configurations/windows-makefile.tmpl +++ b/Configurations/windows-makefile.tmpl @@ -218,7 +218,7 @@ uninstall_runtime: # Building targets ### -configdata.pm: {- $config{build_file_template} -} $(SRCDIR)\Configure +configdata.pm: "{- $config{build_file_template} -}" $(SRCDIR)\Configure @echo "Detected changed: $?" @echo "Reconfiguring..." $(PERL) $(SRCDIR)\Configure reconf ** After patching: >nmake Microsoft (R) Program Maintenance Utility Version 11.00.61030.0 Copyright (C) Microsoft Corporation. All rights reserved. nasm -f win32 -ocrypto\aes\aes-586.obj crypto\aes\aes-586.asm cl -DDSO_WIN32 -DOPENSSL_THREADS -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_P IC -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENS SL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES _ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPOLY1305_ASM " -DENGINESDIR=\"%ProgramFiles(x86)%\\OpenSSL\\lib\\engines\"" "-DOPENSSLDIR=\"%Co mmonProgramFiles(x86)%\\SSL\"" -W3 -wd4090 -Gs0 -GF -Gy -nologo -DOPENSSL_SYS_WI N32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DUNICODE -D_UNI CODE /MT /Ox /O2 /Ob2 /Zl /Zi /Fdlib -D_WINDLL /I ..\..\Jeffrey /I Walton\openss l\include /I . /I crypto\include /I include /I crypto\bn\Walton\openssl\crypto\i nclude -c /Focrypto\aes\aes_cfb.obj crypto\aes\aes_cfb.c aes_cfb.c cl -DDSO_WIN32 -DOPENSSL_THREADS -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_P IC -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENS SL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES _ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPOLY1305_ASM " -DENGINESDIR=\"%ProgramFiles(x86)%\\OpenSSL\\lib\\engines\"" "-DOPENSSLDIR=\"%Co mmonProgramFiles(x86)%\\SSL\"" -W3 -wd4090 -Gs0 -GF -Gy -nologo -DOPENSSL_SYS_WI N32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DUNICODE -D_UNI CODE /MT /Ox /O2 /Ob2 /Zl /Zi /Fdlib -D_WINDLL /I ..\..\Jeffrey /I Walton\openss l\include /I . /I crypto\include /I include /I crypto\bn\Walton\openssl\crypto\i nclude -c /Focrypto\aes\aes_ecb.obj crypto\aes\aes_ecb.c aes_ecb.c ... -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4486 Please log in as guest with password guest if prompted diff --git a/Configurations/windows-makefile.tmpl b/Configurations/windows-makefile.tmpl index 0b8ac72..6f97315 100644 --- a/Configurations/windows-makefile.tmpl +++ b/Configurations/windows-makefile.tmpl @@ -218,7 +218,7 @@ uninstall_runtime: # Building targets ### -configdata.pm: {- $config{build_file_template} -} $(SRCDIR)\Configure +configdata.pm: "{- $config{build_file_template} -}" $(SRCDIR)\Configure @echo "Detected changed: $?" @echo "Reconfiguring..." $(PERL) $(SRCDIR)\Configure reconf -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] Testing for a type with a define in e_os2.h?
> # if defined(OPENSSL_SYS_UEFI) && !defined(ssize_t) # define ossl_ssize_t > int # define OSSL_SSIZE_MAX INT_MAX # endif It's testing for a #define, not a typedef. -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4487] Dirty compile under Windows 7 and MSVC 2012 (four to six non-trivial)
There's a somewhat dirty compile under Windows 7 Pro x64 and Visual Studio 2012. cl -DDSO_WIN32 -DOPENSSL_THREADS -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_P IC -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENS SL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES _ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPOLY1305_ASM " -DENGINESDIR=\"%ProgramFiles(x86)%\\OpenSSL\\lib\\engines\"" "-DOPENSSLDIR=\"%Co mmonProgramFiles(x86)%\\SSL\"" -W3 -wd4090 -Gs0 -GF -Gy -nologo -DOPENSSL_SYS_WI N32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DUNICODE -D_UNI CODE /MT /Ox /O2 /Ob2 /Zl /Zi /Fdlib -D_WINDLL /I ..\..\Jeffrey /I Walton\openss l\include /I . /I include -c /Fossl\record\rec_layer_s3.obj ssl\record\rec_layer _s3.c rec_layer_s3.c ssl\record\rec_layer_s3.c(843) : warning C4146: unary minus operator applied to unsigned type, result still unsigned ssl\record\rec_layer_s3.c(1250) : warning C4146: unary minus operator applied to unsigned type, result still unsigned ** cl -DDSO_WIN32 -DOPENSSL_THREADS -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_P IC -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENS SL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES _ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPOLY1305_ASM " -DENGINESDIR=\"%ProgramFiles(x86)%\\OpenSSL\\lib\\engines\"" "-DOPENSSLDIR=\"%Co mmonProgramFiles(x86)%\\SSL\"" -W3 -wd4090 -Gs0 -GF -Gy -nologo -DOPENSSL_SYS_WI N32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DUNICODE -D_UNI CODE /MT /Ox /O2 /Ob2 /Zl /Zi /Fdlib -D_WINDLL /I ..\..\Jeffrey /I Walton\openss l\include /I . /I include -c /Fossl\record\rec_layer_d1.obj ssl\record\rec_layer _d1.c rec_layer_d1.c ssl\record\rec_layer_d1.c(572) : warning C4146: unary minus operator applied to unsigned type, result still unsigned ** cl -DDSO_WIN32 -DOPENSSL_THREADS -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_P IC -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENS SL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES _ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPOLY1305_ASM " -DENGINESDIR=\"%ProgramFiles(x86)%\\OpenSSL\\lib\\engines\"" "-DOPENSSLDIR=\"%Co mmonProgramFiles(x86)%\\SSL\"" -W3 -wd4090 -Gs0 -GF -Gy -nologo -DOPENSSL_SYS_WI N32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DUNICODE -D_UNI CODE /MT /Ox /O2 /Ob2 /Zl /Zi /Fdlib -D_WINDLL /I ..\..\Jeffrey /I Walton\openss l\include /I . /I crypto\include /I include /I crypto\bn\Walton\openssl\crypto\i nclude -c /Focrypto\x509\x509_def.obj crypto\x509\x509_def.c x509_def.c crypto\x509\x509_def.c(65) : warning C4129: 'P' : unrecognized character escape sequence crypto\x509\x509_def.c(65) : warning C4129: 'C' : unrecognized character escape sequence crypto\x509\x509_def.c(70) : warning C4129: 'P' : unrecognized character escape sequence crypto\x509\x509_def.c(70) : warning C4129: 'C' : unrecognized character escape sequence crypto\x509\x509_def.c(75) : warning C4129: 'P' : unrecognized character escape sequence crypto\x509\x509_def.c(75) : warning C4129: 'C' : unrecognized character escape sequence crypto\x509\x509_def.c(80) : warning C4129: 'P' : unrecognized character escape sequence crypto\x509\x509_def.c(80) : warning C4129: 'C' : unrecognized character escape sequence ** cl -DDSO_WIN32 -DOPENSSL_THREADS -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_P IC -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENS SL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES _ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPOLY1305_ASM " -DENGINESDIR=\"%ProgramFiles(x86)%\\OpenSSL\\lib\\engines\"" "-DOPENSSLDIR=\"%Co mmonProgramFiles(x86)%\\SSL\"" -W3 -wd4090 -Gs0 -GF -Gy -nologo -DOPENSSL_SYS_WI N32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DUNICODE -D_UNI CODE /MT /Ox /O2 /Ob2 /Zl /Zi /Fdlib -D_WINDLL /I ..\..\Jeffrey /I Walton\openss l\include /I . /I crypto\include /I include /I crypto\bn\Walton\openssl\crypto\i nclude /I crypto -c /Focrypto\cversion.obj crypto\cversion.c cversion.c crypto\cversion.c(100) : warning C4129: 'P' : unrecognized character escape sequ ence crypto\cversion.c(100) : warning C4129: 'C' : unrecognized character escape sequ ence crypto\cversion.c(107) : warning C4129: 'P' : unrecognized character escape sequ ence ** cl -DDSO_WIN32 -DOPENSSL_THREADS -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_P IC -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENS SL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES _ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPOLY1305_ASM " -DENGINESDIR=\"%ProgramFiles(x86)%\\OpenSSL\\lib\\engines\"" "-DOPENSSLDIR=\"%Co mmonProgramFiles(x86)%\\SSL\"" -W3
Re: [openssl-dev] [openssl.org #4485] big number tests and Math::BigInt changes
On Fri, Mar 25, 2016 at 7:05 PM, Richard Levitte via RT wrote: > I've attached a tentative patch for test/recipes/bc.pl. Would you be willing > to > try it out? OpenSSL master (c828cd7) experienced what appeared to be the same issue under Windows 7 Pro x64 with Strawberry PERL 5.22. The machine has Visual Studio 2008, Visual Studio 2010 and Visual Studio 2012, but I don't think it affects the issue. The patch cleared the issue for VC-WIN32 and VC-WIN64A. Jeff -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl.org #4485] big number tests and Math::BigInt changes
On Fri, Mar 25, 2016 at 7:05 PM, Richard Levitte via RT wrote: > I've attached a tentative patch for test/recipes/bc.pl. Would you be willing > to > try it out? OpenSSL master (c828cd7) experienced what appeared to be the same issue under Windows 7 Pro x64 with Strawberry PERL 5.22. The machine has Visual Studio 2008, Visual Studio 2010 and Visual Studio 2012, but I don't think it affects the issue. The patch cleared the issue for VC-WIN32 and VC-WIN64A. Jeff -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4485 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] Testing for a type with a define in e_os2.h?
Is this a real problem or a theoretical one? -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] Testing for a type with a define in e_os2.h?
On 27/03/2016 14:59, Salz, Rich wrote: # if defined(OPENSSL_SYS_UEFI) && !defined(ssize_t) # define ossl_ssize_t int # define OSSL_SSIZE_MAX INT_MAX # endif It's testing for a #define, not a typedef. Then I suppose this comes down to understanding precisely what the test is trying to achieve. Do you mean it's explicitly checking for ssize_t being a macro rather than the usual typedef? Does OpenSSL create it as a macro somewhere? POSIX requires ssize_t to be a type rather than a macro, defined in among other places. I don't know it there are non-POSIX or vaguely-similar-to-POSIX environments which define it as a macro. -- J. J. Farrell Not speaking for Oracle. -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl.org #4482] Wrong results with Poly1305 functions
On Fri, Mar 25, 2016 at 8:10 AM, Hanno Boeck via RT wrote: > Attached is a sample code that will test various inputs for the > Poly1305 functions of openssl... I'm seeing compiler conversion warnings about size_t to int truncation. Do you have any vectors that cross the 2GB boundary? Jeff -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4483] Re: [openssl.org #4482] Wrong results with Poly1305 functions
On Fri, Mar 25, 2016 at 8:10 AM, Hanno Boeck via RT wrote: > Attached is a sample code that will test various inputs for the > Poly1305 functions of openssl... I'm seeing compiler conversion warnings about size_t to int truncation. Do you have any vectors that cross the 2GB boundary? Jeff -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4483 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4485] big number tests and Math::BigInt changes
And merged, commit ce84456ddf4e57c18a84858755b8b90c183a270e. Closing this ticket. Vid Sat, 26 Mar 2016 kl. 06.35.55, skrev levitte: > Frankly, you did all the work. With your analysis, it became very easy to > figure out what needed to be done. Low hanging fruit ;-) > > So, thank you! > > Cheers, > Richard > > Vid Sat, 26 Mar 2016 kl. 02.38.47, skrev craigbe...@mac.com: > > Wow, that was fast. The patch looks good here: now all tests pass on > > systems with and without the Math::BigInt changes. Thanks! > > > > > On Mar 25, 2016, at 6:05 PM, Richard Levitte via RT > > > wrote: > > > > > > I've attached a tentative patch for test/recipes/bc.pl. Would you be > > > willing to > > > try it out? > > > > > > > > -- > > > Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4485 > > > Please log in as guest with password guest if prompted > > > > > > diff --git a/test/recipes/bc.pl b/test/recipes/bc.pl > > > index 29a4a8a..f7d4dc6 100644 > > > --- a/test/recipes/bc.pl > > > +++ b/test/recipes/bc.pl > > > @@ -46,7 +46,16 @@ sub __multiplier { > > > if ($operator eq "*") { > > > $operand1->bmul($operand2); > > > } elsif ($operator eq "/") { > > > + # Math::BigInt->bdiv() is documented to do floored > > > division, > > > + # i.e. 1 / -4 = -1, while bc and OpenSSL BN_div do > > > truncated > > > + # division, i.e. 1 / -4 = 0. We need to make the operation > > > + # work like OpenSSL's BN_div to be able to verify. > > > + my $neg = ($operand1->is_neg() > > > + ? !$operand2->is_neg() : $operand2->is_neg()); > > > + $operand1->babs(); > > > + $operand2->babs(); > > > $operand1->bdiv($operand2); > > > + if ($neg) { $operand1->bneg(); } > > > } elsif ($operator eq "%") { > > > # Here's a bit of a quirk... > > > # With OpenSSL's BN, as well as bc, the result of -10 % 3 > > > is -1 > > > > > > Craig A. Berry > > mailto:craigbe...@mac.com > > > > "... getting out of a sonnet is much more > > difficult than getting in." > > Brad Leithauser > > > -- > Richard Levitte > levi...@openssl.org -- Richard Levitte levi...@openssl.org -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4485 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] Changing/deleted ordinals for exported function in the Windows DLLs
In message on Sun, 27 Mar 2016 06:09:39 -0400, Jeffrey Walton said: noloader> It looks like ordinals are changing and/or being removed for functions noloader> exported by the Windows DLL. Its causing pain points for users in the noloader> field, and it appears to be trending. Confer: noloader> noloader> * WAMP OpenSSL ordinal 372 error, http://stackoverflow.com/q/36238887 noloader> * The Ordinal 112 could not be located in dynamic link library…, noloader> http://stackoverflow.com/q/36163468 I sure hope noone is using OpenSSL 1.1.0 in production. The .num files were recreated entirely just before beta1. So, if we assume that this is about 1.0.2, this is what I can grep: : ; egrep '\s(112|372)\s' util/*.num util/libeay.num:BN_MONT_CTX_free112 EXIST::FUNCTION: util/libeay.num:PEM_SealInit372 EXIST::FUNCTION:RSA util/ssleay.num:SSLv23_server_method112 EXIST::FUNCTION:RSA util/ssleay.num:SSL_CONF_cmd_argv 372 EXIST::FUNCTION: You notice the ":RSA" at the end? That means that if the library was created with the 'no-rsa' config option, those locations will be empty in the transfer table. I can't say for sure that's the case, but it's a possible lead to follow. Either way, it does seem to me that someone didn't keep the OpenSSL libraries in check, somehow. Btw, when it comes to OpenSSL 1.1.0, the DLLs have embedded version numbers in the file name. noloader> I think ordinals were meant to speed up loading of shared resources in noloader> the 16-bit Windows days. They fell out of favor circa Windows 95. noloader> According to Jeffrey Richter and in his book Programming Applications noloader> for Microsoft Windows, page 701 (http://www.amazon.com/dp/1572319968): noloader> noloader> The second form [of the function GetProcAddress] ... noloader> [and the] pszSymbolName parameter indicates the noloader> ordinal number of the symbol whose address you noloader> want... noloader> noloader> Again, let me reiterate that Microsoft strongly noloader> discourages the use of ordinals. noloader> noloader> Richter then goes on to discuss getting the wrong function address noloader> because ordinals have changed. noloader> noloader> It seems like the changes should have been caught in the engineering noloader> process during QA or testing. Perhaps an explicit step should be added noloader> to avoid the problems in the future? Possbly. Either way, it's a bit late in the game to make that change. Cheers, Richard -- Richard Levitte levi...@openssl.org OpenSSL Project http://www.openssl.org/~levitte/ -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] no-ui, warnings and errors
On 27/03/16 00:16, Jeffrey Walton wrote: > Is this a supported configuration (no-ui and apps)? Co-incidentally, Richard has a patch for no-ui that fixes these problems that is currently in review. Matt > > There's a fair number of warnings when configuring with no-ui: > > apps/enc.c:357:13: warning: implicit declaration of function > ‘EVP_read_pw_string’ [-Wimplicit-function-declaration] > i = EVP_read_pw_string((char *)strbuf, SIZE, prompt, enc); > > There's a few link problems, too: > > LD_LIBRARY_PATH=.: gcc -DDSO_DLFCN -DHAVE_DLFCN_H > -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC > -DOPENSSLDIR="/usr/local/ssl" -DENGINESDIR="/usr/local/lib/engines" > -Wall -O3 -m64 -DL_ENDIAN -ansi -o apps/openssl apps/app_rand.o > apps/apps.o apps/asn1pars.o apps/ca.o apps/ciphers.o apps/cms.o > apps/crl.o apps/crl2p7.o apps/dgst.o apps/dhparam.o apps/dsa.o > apps/dsaparam.o apps/ec.o apps/ecparam.o apps/enc.o apps/engine.o > apps/errstr.o apps/gendsa.o apps/genpkey.o apps/genrsa.o apps/nseq.o > apps/ocsp.o apps/openssl.o apps/opt.o apps/passwd.o apps/pkcs12.o > apps/pkcs7.o apps/pkcs8.o apps/pkey.o apps/pkeyparam.o apps/pkeyutl.o > apps/prime.o apps/rand.o apps/rehash.o apps/req.o apps/rsa.o > apps/rsautl.o apps/s_cb.o apps/s_client.o apps/s_server.o > apps/s_socket.o apps/s_time.o apps/sess_id.o apps/smime.o apps/speed.o > apps/spkac.o apps/srp.o apps/ts.o apps/verify.o apps/version.o > apps/x509.o -L. -lssl -L. -lcrypto -ldl > apps/apps.o: In function `ui_close': > apps.c:(.text+0x15): undefined reference to `UI_OpenSSL' > apps.c:(.text+0x1d): undefined reference to `UI_method_get_closer' > apps/apps.o: In function `ui_write': > apps.c:(.text+0x40): undefined reference to `UI_get_input_flags' > apps.c:(.text+0x4c): undefined reference to `UI_get0_user_data' > apps.c:(.text+0x59): undefined reference to `UI_get_string_type' > apps.c:(.text+0x66): undefined reference to `UI_OpenSSL' > apps.c:(.text+0x6e): undefined reference to `UI_method_get_writer' > apps.c:(.text+0x84): undefined reference to `UI_get0_user_data' > apps/apps.o: In function `ui_read': > apps.c:(.text+0xc0): undefined reference to `UI_get_input_flags' > apps.c:(.text+0xcc): undefined reference to `UI_get0_user_data' > apps.c:(.text+0xd9): undefined reference to `UI_get_string_type' > apps.c:(.text+0xe6): undefined reference to `UI_OpenSSL' > apps.c:(.text+0xee): undefined reference to `UI_method_get_reader' > apps.c:(.text+0x104): undefined reference to `UI_get0_user_data' > apps.c:(.text+0x11c): undefined reference to `UI_set_result' > apps/apps.o: In function `ui_open': > apps.c:(.text+0x135): undefined reference to `UI_OpenSSL' > apps.c:(.text+0x13d): undefined reference to `UI_method_get_opener' > apps/apps.o: In function `password_callback': > apps.c:(.text+0xca3): undefined reference to `UI_new_method' > apps.c:(.text+0xcbf): undefined reference to `UI_construct_prompt' > apps.c:(.text+0xce2): undefined reference to `UI_ctrl' > apps.c:(.text+0xd05): undefined reference to `UI_add_input_string' > apps.c:(.text+0xd38): undefined reference to `UI_ctrl' > apps.c:(.text+0xd44): undefined reference to `UI_process' > apps.c:(.text+0xd72): undefined reference to `UI_free' > apps.c:(.text+0xe5e): undefined reference to `UI_add_verify_string' > apps.c:(.text+0xe81): undefined reference to `UI_free' > apps/apps.o: In function `setup_ui_method': > apps.c:(.text+0x11da): undefined reference to `UI_create_method' > apps.c:(.text+0x11ee): undefined reference to `UI_method_set_opener' > apps.c:(.text+0x11ff): undefined reference to `UI_method_set_reader' > apps.c:(.text+0x1210): undefined reference to `UI_method_set_writer' > apps.c:(.text+0x1221): undefined reference to `UI_method_set_closer' > apps/apps.o: In function `destroy_ui_method': > apps.c:(.text+0x1241): undefined reference to `UI_destroy_method' > apps/enc.o: In function `enc_main': > enc.c:(.text+0xfbf): undefined reference to `EVP_read_pw_string' > enc.c:(.text+0x10f7): undefined reference to `EVP_read_pw_string' > apps/pkcs12.o: In function `pkcs12_main': > pkcs12.c:(.text+0x119a): undefined reference to `EVP_read_pw_string' > pkcs12.c:(.text+0x1733): undefined reference to `EVP_read_pw_string' > pkcs12.c:(.text+0x17d8): undefined reference to `EVP_read_pw_string' > apps/pkcs8.o:pkcs8.c:(.text+0x7e0): more undefined references to > `EVP_read_pw_string' follow > ./libcrypto.a(err_all.o): In function `err_load_crypto_strings_intern': > err_all.c:(.text+0x86): undefined reference to `ERR_load_UI_strings' > -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl.org #4392] [PATCH] Resolve DTLS cookie and version before session resumption.
On Mon, Mar 07, 2016 at 10:03:20PM +, David Benjamin via RT wrote: > Session resumption involves a version check, so version negotiation must > happen first. Currently, the DTLS implementation cannot do session > resumption in DTLS 1.0 because the ssl_version check always checks against > 1.2. > > Switching the order also removes the need to fixup ssl_version in DTLS > version negotiation. This has been fixed in the master branch. The 1.0.x branches look like they're affected too, so I'll leave this open. Kurt -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4392 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] Testing for a type with a define in e_os2.h?
On Sun, Mar 27, 2016 at 10:41 AM, Salz, Rich wrote: > Is this a real problem or a theoretical one? UEFI will be a problem on non 32-bit systems as it assume 32-bit environment. I don't know if there are any of them in the wild, however. non-UEFI code is a problem in some restricted environments, like ANSI. It will affect 32-bit and 64-bit code. I believe "defined(ossl_sszie_t)" may be missing the point for the non-UEFI code. Both are easy enough to fix once we know what to look for. Jeff -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] Testing for a type with a define in e_os2.h?
> # if defined(OPENSSL_SYS_UEFI) && !defined(ssize_t) # define ossl_ssize_t > int # define OSSL_SSIZE_MAX INT_MAX # endif > > It's testing for a #define, not a typedef. > > > Then I suppose this comes down to understanding precisely what the test is > trying to achieve. Do you mean it's explicitly checking for ssize_t being a > macro rather than the usual typedef? Does OpenSSL create it as a macro > somewhere? If I am parsing things correctly (in the big picture), ossl_ssize_t and OSSL_SSIZE_MAX are trying to bootstrap themselves. If ssize_t and SSIZE_MAX are available, ossl_ssize_t and OSSL_SSIZE_MAX should set themselves to existing types and define. Otherwise, ossl_ssize_t and OSSL_SSIZE_MAX provide their own definition. I think that's what's trying to be achieved. I can kinda understand the "if defined(ossl_ssize_t)". However, the base case - the first time its encountered undefined - may be missing the point. > POSIX requires ssize_t to be a type rather than a macro, defined in > among other places. I don't know it there are non-POSIX or > vaguely-similar-to-POSIX environments which define it as a macro. Its those non-Posix environments the pain point is experienced. ANSI is one of them. That's because the bootstrapping isn't quite right. I've also seem some interesting results on Android. The test rig is simple enough. It seems some of the older environments (maybe the newer ones too) don't undef SSIZE_MAX; rather, they set it to 0. Jeff $ cat test.cc #include #include #include /* gcc -x c -ansi test.cc -o test.exe */ int main(void) { #if defined(SSIZE_MAX) && (SSIZE_MAX != 0) #define my_ssize_t ssize_t #define MY_SSIZE_MAX SSIZE_MAX printf("SSIZE_MAX is defined, using ssize_t\n"); my_ssize_t t = MY_SSIZE_MAX; #else /* not SSIZE_MAX */ # if (__LP64__) #define my_ssize_t long #define MY_SSIZE_MAX LONG_MAX printf("SSIZE_MAX not defined, typing ssize_t to long\n"); my_ssize_t t = MY_SSIZE_MAX; # else #define my_ssize_t int #define MY_SSIZE_MAX INT_MAX printf("SSIZE_MAX not defined, typing ssize_t to int\n"); my_ssize_t t = MY_SSIZE_MAX; # endif #endif /* SSIZE_MAX */ return 0; } ** i686 without -ansi: $ ./test.exe SSIZE_MAX is defined, using ssize_t i686 with -ansi: $ ./test.exe SSIZE_MAX not defined, typing ssize_t to int x86_64 without -ansi: $ ./test.exe SSIZE_MAX is defined, using ssize_t x86_64 with -ansi: $ ./test.exe SSIZE_MAX not defined, typing ssize_t to long -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev