Re: [openssl-users] Warnings Compiling openssl 1.0.2d
If it's a simple matter of adding =0 in the declaration, we should just fix the darn thing. -- Senior Architect, Akamai Technologies IM: richs...@jabber.at Twitter: RichSalz ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Warnings Compiling openssl 1.0.2d
For the stragglers, I don't think its a stretch to ask C99 in 2015. We agreed to support Netware; does it have C99? Anyone know? ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Regarding the security of the keys
If some one build their own openssl and add few lines to print the keys during encrypt and decrypt and put in the library in the LD_LIBRARY_PATH, may result in compromising the security of the keys. Can anyone other than root do this? You have to trust root. They could just cat your keyfile anyway. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Not Before and Not After Date format for openssl API X509_gmtime_adj
This is important when creating root certs with expiry dates after 2038 Not an issue for openssl. As long as you use ASN1_TIME values, it's okay. Might be an issue if converting to time_t on 32-bit platforms. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Not Before and Not After Date format for openssl API X509_gmtime_adj
if ASN1_TINE_set_string() avoids that limitation, despite Victor's suggestion to never use it. It does avoid the limitation, using only |struct tm| to hold parsed fields, and not building a |time_t| from it. Not sure why Viktor doesn't like it. It seems to me it's the only portable thing to ues. -- Senior Architect, Akamai Technologies IM: richs...@jabber.at Twitter: RichSalz ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Vulnerability Disclosures
I wanted to suggest that when notifying of new vulnerabilities, in addition to the severity level, information is also provided about how widespread the issue is expected to be. I'd be concerned about doing that. While this one seemed pretty rare -- only folks running a release less than 30 days old in production -- as a general rule, it's impossible to tell. For example, we THINK that PSK isn't used much, but we have no idea -- it's real popular in the Internet of Things, for example. It seems safer to say nothing, then to say something misleading or wrong. We'd like to give as much information as possible, but not enough to expose the vulnerability exploit and not anything that could be misleading. It's a very hard point to triangulate. /r$ ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] OpenSSL Security Advisory - CVE-2015-1793
How deep does the certificate chain have to be? It does not matter. If I have 2 self-signed CA certificates, and a non-CA certificate is received for verification, will this hit the problem? Also, is it a condition of the bug that both CA certificates have to have the same subject names and keys, as suggested in the file? I think you are confused. The bug is not about CA's. It's about a non-CA fooling the runtime into treating it as if it were a CA and being able to issue a certificate. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] -Wconversion
Is it planned to tackle the warnings, for example by checking the involved code lines and (carefully) replace them by explicit casting to achieve clean compiles when using stricter warnings? Yes. Timetable TBD. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] [openssl-dev] OpenSSL Security Advisory
This issue affects OpenSSL versions 1.0.2c, 1.0.2b, 1.0.1n and 1.0.1o. In other words, if you are not using those specific releases -- i.e., the ones that came out less than 30 days ago -- you do not need to upgrade. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Old RSA_NET key format
OpenSSL is a critical part of security in too many places for us to take on any unnecessary technical debt. This is a somewhat empty argument as long as no one bothers to properly determine if a piece of code is a debt or an asset. I claim that we are being careful and doing the proper determination. Consensus seems to agree. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Old RSA_NET key format
Because both methods confirm your prior decisions, you therefore conclude that you were always right in the first place. Provably wrong. I wanted to get rid of Netware support as the first example that comes to mind. As the second, I want to move all uses of RC4 and MD5 to LOW strength ciphers. Neither one of those things is happening. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Old RSA_NET key format
1. Is there any good reason to remove this code? Yes. If it's not tested, reviewed, or in general use, then it's more likely to be harmful (source of bugs) than useful. 2. Is this the OpenSSL name for the private key format used by older Microsoft Authenticate tools (and thus sometimes converted to/from PKCS#12 when switching tool chains)? I think only really old ISS, but that's why I asked. 3. Is this any of the formats used by SSH? No; the seven characters RSA_NET do not appear in the openssh source. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Old RSA_NET key format
That's an overly general criteria, and may be the source of your mysterious marauding of the APIs. Well there was no intent to be mysterious although I like the alliteration. We did mention it in the roadmap (https://openssl.org/about/roadmap.html) . Things are evaluated on a case-by-case basis, and I have often gone to the mailing list first. while the original eay DES API is only invokable from code that knows about it, and would thus not need to be removed for lack of use/testing. I disagree with this viewpoint. Suppose there's a bug in the eay DES API. How would we know? And since we only distribute source, who do we know who is using it? And how do we prevent people from adding new uses of it? I know you are unhappy with this part of the OpenSSL direction. -- Senior Architect, Akamai Technologies IM: richs...@jabber.at Twitter: RichSalz ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] SSL_CTX_load_verify_locations only with CAPath
Is surprising a better word than sub-optimal? If you and Dave didn't know about it (nor did I) then it's surprising. And therefore probably not a good thing. Yes it can be useful. But the openssl rehash program only read one PEM block per file. So we need to fix one of those things. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] SSL_CTX_load_verify_locations only with CAPath
I thought, as the doc has (always? long?) said, that CApath must have each cert (or CRL) in a separate file. But on checking I see that by_dir.c actually calls X509_load_{cert,crl}_file from by_file.c, which for PEM loads all certs (or crls) in a file to the working context. Thus a hashlink to only the 3rd cert in a file, where that 3rd cert is the only one you need, actually works even though not documented and I'm not sure intended. That's definitely sub-optimal. Can you open a ticket for this? ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] SSL_CTX_load_verify_locations only with CAPath
For some reason, the X509_NAME_hash function calculates a very different hash for the server certificate: Ah. Have you mixed openssl versions? At one point the hashing changed from md5 to sha1. That would explain why specifying a directory works, but a specific file doesn't. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Certificate serialnumber?
the question: where does the serial number for this certificate come from? is it random by default when nothing is said about it? It will be random if (a) the serial file does not exist; and (b) you specify the -create_serial flag. Otherwise it opens the file, reads the number (defaulting to zero if not exists) and increments it, updates the file, and uses that as the new serial number. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Certificate serialnumber?
Unless I'm misreading the code an absent serial number file is an error. I was looking at load_serial() in apps.c, with the |create| parameter. /r$ ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Minor portability fix for Solaris-11.1
./testssl[149]: local: not found [No such file or directory] ./testssl[150]: local: not found [No such file or directory] This is marked in RT 3907 and was fixed last week; it will be in the next releases. Thanks. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Old RSA_NET key format
We are thinking about removing the old RSA_NET format for private keys. This is used by very old Netscape and IIS. This would remove the d2i/i2d RSA_NET API's, and the nss format flag from the openssl program. It would not remove the SPKI stuff. If this would cause a problem for you, please respond soon. -- Senior Architect, Akamai Technologies IM: richs...@jabber.at Twitter: RichSalz ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] regarding the vulnerability CVE-2015-1788
The link you posted, and quoted from, says which versions are vulnerable and which ones are fixed. You could run a diff between them to isolate the fix. Or you could just upgrade. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] libtlssep
I am writing to introduce a new TLS library which presently makes use of OpenSSL: libtlssep. Libtlssep has two aims: (1) to provide a simpler API to application developers and (2) to encourage the decomposition of applications into at least two processes, one of which isolates access to secret cryptographic keys. This is interesting work; thanks for posting about it! You might also be interested in the libtls project in OpenBSD, which has very similar goals. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Query on TLS1.2 and use of DES ciphers
Deprecated means discouraged, not disallowed. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Suggested way to add option to both SSL_CTX* and SSL*?
I looked at how SSL_CTX_set_cipher_list and SSL_set_cipher_list operate, but they don't use SSL_{CTX}_ctrl. That API probably predates the ctrl. It's a trade-off; you lose type-safety but have less to document :) What is the suggested way to control the functionality through a flag? Probably the _ctrl API. Problem is we're running out of bits. Let's see what drH thinks. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Cygwin untar of 1.0.1n gives tar: A lone zero block at 46120
$ tar zxf openssl-1.0.1n.tar.gz tar: A lone zero block at 46120 Perhaps this? http://askubuntu.com/questions/169223/tar-a-lone-zero-block-at-343398 ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] The behavior change of command line utility -- 'openssl'
I wonder if this is an expected behavior change or it is a bug. As Dave Thompson said, you haven't yet shown that there is a bug or change. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] OpenSSL.cnf File path
WARNING: can't open config file: /usr/local/ssl/openssl.cnf Set OPENSSL_CONF in your environment. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Do you use EGD or PRNGD?
We are thinking of removing support for EGD (entropy-gathering daemon) in the next release. None of our supported platforms have needed it for some time. If this will cause an issue for you, please reply soon. -- Senior Architect, Akamai Technologies IM: richs...@jabber.at Twitter: RichSalz ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] [openssl-dev] Do you use EGD or PRNGD?
While HP NonStop is not officially supported, I have been helping to maintain a fork for the platform since December and are current through 1.0.2a. We do use prngd. I am looking for ways to get back on the official platform list, looking for alternatives to prngd for that platform, and trying get vendor by- in in this area. Thanks for the info. One possibility is to have a separate program use prngd and write it to a RANDFILE that openssl uses. Probably servers are the most important users, and you could/should have one file per server ... ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Do you use EGD or PRNGD?
Thanks for the info! it should be noted that a networked variant of the EGD protocol has been used by at least one hardware RNG vendor, though I am unsure if the builtin EGD code in OpenSSL could ever talk directly to that variant anyway. I don't think so, since all the code does is open a unix-domain socket. Two other platforms I can think of as potentially affected are Solaris 2.4+ without the /dev/random patch Yeah, my inclination is to say get the patch. and CE installations without MS CryptoAPI The EGD code doesn't work on Windows; we use heap-walk to seed it there. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] OpenSSL Behaviour under low bandwidth
I've tested with s_client between my PC and an AWS EC2 instance. I've also tried using s_tunnel and nmap/ncat. The results appear the same. Using wireshark I see a lot of TCP retransmissions. That sounds like a network issue. Try testing using something like netcat and see if you also get TCP retransmissions. -- Senior Architect, Akamai Technologies IM: richs...@jabber.at Twitter: RichSalz ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] OpenSSL Behaviour under low bandwidth
“It does” Does that mean you have the same behavior? If so, it is possible that your simulator is, well, not great. But this doesn’t seem an openssl issue. Not sure where to suggest you go for help. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Testing OpenSSL based solution
What Mr. Salz refers to by Verification should be okay is probably this: Yes and Mr. Salz greatly appreciates Mr. Bohm's elaboration. :) Lest the humor be misunderstood: yes, you're right, thanks for explaining. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Testing OpenSSL based solution
You can't easily have test vectors for DSA signatures since they include a random. Any test vector would have to include the random, and any API would have to be able to accept the random as part of the sign API. Verification should be okay. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] statistics in COMP_CTX
Is anyone using the counters maintained in COMP_CTX? unsigned long compress_in; unsigned long compress_out; unsigned long expand_in; unsigned long expand_out; We're making that structure opaque in 1.1, and are wondering if we need an API (two, probably) to make those numbers available... -- Senior Architect, Akamai Technologies IM: richs...@jabber.at Twitter: RichSalz ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] minor documentation errors
After getting into building and especially configuring my own CA again I'm nearly at the end and I've noticed some errors in the documentation I want to report. I like the again :) 3) On https://www.openssl.org/docs/apps/req.html the option -subj is listed twice with a slightly different explanation That's a bug, we'll fix it. Thanks. 1) On https://www.openssl.org/docs/apps/ca.html for the -md option not all possible values (sha256, sha384, etc.) are list but just md5, sha1 and mdc2 2) On https://www.openssl.org/docs/apps/req.html for the -[digest] option not all possible values are listed 4) On https://www.openssl.org/docs/apps/req.html for the default_md option not all possible values are listed (shouldn't this reference the -[digest] option) 5) On https://www.openssl.org/docs/apps/x509.html not all available options are listed in -md2|-md5|-sha1|-mdc2 Getting this correct is incredibly painful, as it depends on the configuration options chosen when building openssl, and right now the manpages are not affected by the config. Our plan for this is to say any supported digest. That will be updated in a couple of days, and then pushed to the website in hour or so later. I also would like to ask if there's a newer version (or subtree) of openssl that is cleaned up. I don't know what you mean by this. Currently there are many ways of creating a CSR, signing a certificate, etc. I think this is confusing everybody. The CA script is a wrapper around the various commands, and is reasonable. But we're not planning on removing any of the current mechanisms. Ivan Ristic has a really great, free, OpenSSL cookbook that might be useful: https://www.feistyduck.com/books/openssl-cookbook/ ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Performance problems with OpenSSL and threading
You can private message me the patch and I can benchmark it for you. Please let me know what release version or hash on git that it will cleanly apply. Do you know what release this will be going in? It is this commit 3e47caff4830d2a117eda15b57a5feab89b846ae on master. A quick check shows that running the patch against 1.0.2 is mostly straightforward, except that the header files moved, so you might need to tweak those. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Performance problems with OpenSSL and threading
I will just grab master then. Will this change be in the next 1.0.2 release? No. Released branches only get bug-fixes. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Regarding the Support for TLS 1.3
I would like to know whether OpenSSL supports TLS 1.3, if supported from which version of OpenSSL the implementation started. Since TLS 1.3 is not even done yet, no. If I had to guess, I'd say it won't be done for at least six months. /r$, IETF TLS WG member ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] [openssl-dev] openssl 20150503 SNAP issue
SNAP releases are just that, snapshots. If you see the same problem twice, say, it is worth reporting. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Performance problems with OpenSSL and threading
Lock #1 is CRYPTO_LOCK_ERR, which I believe is used for logging errors. It appears your application is generating a lot of errors for some reason. Never tried it myself, but you probably can't disable this lock with multiple threads running. You should take a look at the error log to identify the cause of the errors. Then resolve the issue, whatever it may be. I have a rewrite of the error-stack stuff that halves the number of locks. If you want to try it, drop me a line. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] OCSP: ocsp.omniroot.com/baltimore/... - what is it exactly?
My webserver is getting flooded with queries like: ocsp.omniroot.com 124.205.254.7 - - [30/Apr/2015:19:24:30 +0200] GET /baltimoreroot/MEowSKADAgEAMEEwPzA9MAkGBSsOAwIaBQAEFMEvRXbt FVnssF26ib%2BdgHjlI9QTBBTlnVkwgkdYzKz6CFQ2hns6tQRN8AIEByekag%3D %3D HTTP/1.1 301 184 - ocspd/1.0.3 Well, that stinks. url-decoding (%2b is + and %3d is =), and then base64 decoding it can give you the OCSP request: ; ./openssl ocsp -text -reqin x.der OCSP Request Data: Version: 1 (0x0) Requestor List: Certificate ID: Hash Algorithm: sha1 Issuer Name Hash: C12F4576ED1559ECB05DBA89BF9D8078E523D413 Issuer Key Hash: E59D5930824758CCACFA085436867B3AB5044DF0 Serial Number: 0727A46A Is it possible to say what Common name / fqdn / certificate is queried in such requests? Not really. The protocol assumes that the requestor has the cert, and the server has the serial#, so the protocol sends the minimal information. Sorry. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Is it possible to add a Client Hostname to an SSL Client Certificate?
But once I showed my work to people in my company, one of them asked me why did I choose not to add the client hostname to the Client Certificate, thus making it usable only by that specific client. You put to put the client name or ipaddr in the subjectAltName extension field. Then you'd have to put code on your server to verify that. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] FIPS: SSL 3.0 now forbidden in latest NDCPP update
If they have counterparts in TLS that could be used, why wouldn't the TLS version show up instead ? Because they are *the same* TLS did not take old ciphers and renumber or rename them. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Generating RSA PrivateKey and PublicKey programmaticallly
A pair means two. An RSA keypair is two keys, the public key and the private key. You cannot have one without the other, and you cannot generate them separately. You can, of course, store and use them separately, and must do so. -- Senior Architect, Akamai Technologies IM: richs...@jabber.at Twitter: RichSalz ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] How do I uninitialize OpenSSL properly?
Unfortunately this didn't solve my problem, but at least I narrowed it down. The leaks are caused by my call to SSL_CTX_load_verify_locations, which is essentially X509_STORE_load_locations. Doesn't freeing the SSL_CTX_free release that data? If not, please file an RT ticket. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] [openss-users] How to correctly shutdown for connection to avoid memory leak
If you used BIO_NOCLOSE then you have to close the BIO. Yes, after shutdown is done, call SSL_free() ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Can't connect to site, OpenSSL returns error
So why does it work for me? Well, who knows when the remote server wants to see SNI? It could be based on url, ipaddress, etc. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Can't connect to site, OpenSSL returns error
It is weird that it worked for you. Anyway I found a way how to fix it (if I can call it a fix). The key is to provide a flag -servername to enable SNI (Server Name Indication). It's not wrong to call it a fix. The server you are talking to is configured to require SNI, apparently. This is not an openssl issue/bug. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Certificate template information
I have need to identify a Microsoft generated certificate's template name, I believe as part of oid 1.3.6.1.4.1.311.21.7 Where, in a cert OtherName field? ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] How do I uninitialize OpenSSL properly?
This isn't paid support; two days isn't a long time to wait :) Is this on process exit? If so, does it really matter? You might look at the apps_startup and apps_shutdown functions in apps/openssl.c on the master branch. /r$ -- Senior Architect, Akamai Technologies IM: richs...@jabber.at Twitter: RichSalz ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Can't connect to site, OpenSSL returns error
And it returns this kind of error error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error The site uses TLS 1.1, AES_128_CBC_SHA1, ECDHE-ECDSA. Perhaps there is a middlebox in the way that gets version negotiation wrong. Try adding the -tls1 flag. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Web Services Security: SOAP Message Security 1.0 (WS-Security 2004)” Signature Value
WS-Security? Blast from the past … ☺ To fill in the BinarySecurityToken field, take the PEM version of the cert, strip off the leading and trailing marker lines ---BEGIN… and output that. To generate the signature look at the pkeyutl app. (Sorry, don’t remember any other details) -- Senior Architect, Akamai Technologies IM: richs...@jabber.at Twitter: RichSalz ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Delete a post to openssl-user mailing list
Can a message be removed by the system administrator of the openssl-user email forum? There are several places that archive openssl mailing lists. My original post about NULL EVP_PKEY was flag by my company as a security risk. That seems erroneous to me. I have been directed to remove the post if possible. Not really possible. You can try to track down all the archive sites (some are listed on www.openssl.org, but probably not all). ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] How to find patches for a particular OpenSSL version?
I am currently using openssl 1.0.1e (compiling from source), and I was wondering whether I needed to put in any patch files with it as well. Does anybody know? Let's assume I can't just use a later version's tarball. There are no patch files. Letter releases, 1.0.1f, 1.0.1g, etc., are only bugfixes. You could read through the commit log, find which changes fixed bugs that you care about, get those commits, and apply them by hand. Ugh. That's going to take a very long time. You should reconsider your assumption. -- Senior Architect, Akamai Technologies IM: richs...@jabber.at Twitter: RichSalz ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Compiling for multiple platforms?
Is there a way to specify where objects and binaries go? Or, alternatively, where the source lives (rather like OpenSSH's --srcdir option)? Not currently. This might change as the make system is being reviewed and overhauled. Until then, rsync is your best option, as long as all your platforms look like unix :) -- Senior Architect, Akamai Technologies IM: richs...@jabber.at Twitter: RichSalz ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] NULL EVP_PKEY
I am having a problem reading a password protected private key file (.pem) using the OpenSSL library (programmatically). Can you read it using the openssl command-line tool? -- Senior Architect, Akamai Technologies IM: richs...@jabber.at Twitter: RichSalz ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] How to add CT Precertificate SCTs to a server certificate?
How do we use `openssl req` and a CONF file to add the information (assuming we already have the certified timestamps)? Ouch, that's gonna be nasty. Look at ASN1_generate_nconf.pod Most likely have to use the SEQUENCE type, recursively. Ouch indeed. A patch to let you specify the DER directly would be useful. -- Senior Architect, Akamai Technologies IM: richs...@jabber.at Twitter: RichSalz ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] How to add CT Precertificate SCTs to a server certificate?
A patch to let you specify the DER directly would be useful. No patch required: Looks like a doc bug then. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] How to add CT Precertificate SCTs to a server certificate?
https://www.openssl.org/docs/apps/x509v3_config.html#ARBITRARY- EXTENSIONS Oops. I on ly looked at asn1_generate. Should there be a cross-link? ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] CTX_free crash
Sometimes, the program crashes when doing an SSL_CTX_free; before the crash, ctx is an invalid pointer, that's why I can get a valid value from SSL_CTX_get_max_cert_list (ctx), so it's not a double free problem. You mean it's a VALID pointer? We'll need a more detailed backtrace. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] OpenSSL 1.0.2 Solaris 32 bit build is broken
You could mail it to RT and then it will at least be logged and not forgotten. But no response within four days isn't surprising. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] FIPS mode restrictions and DES
If I may, I'd like to ask about including the Linux kernel in the validation. As the old joke goes, if you have to ask, you can't afford it. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] FIPS mode restrictions and DES
In other words, is the only practical and viable option regarding this to re-implement crypt() using EVP methods ? - thanks. Yes. That would be so much easier than anything you can imagine. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] removing compression?
Jakob, Thanks very much for the detailed response! I'm still not convinced that tls-layer compression is a good thing. You seem to be saying it could possibly be made to work, but ... do I have that view right? -- Senior Architect, Akamai Technologies IM: richs...@jabber.at Twitter: RichSalz ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] AES-GCM processing time
At the very least, you need to measure many encryptions and take the average. +1 Also look at the openssl speed app. -- Senior Architect, Akamai Technologies IM: richs...@jabber.at Twitter: RichSalz ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] removing compression?
Yes, some others have spoken up so compression at the TLS layer will stay. The ability to add new compression methods at run-time is likely to go away. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] removing compression?
I'm not sure if/how SPDY differs from HTTP/2 (other than I know they are different but aligned). I Google just turned off spdy for official http/2. http://blog.chromium.org/2015/02/hello-http2-goodbye-spdy-http-is_9.html ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] updating list of server account password
Perhaps you don't want to post this kind of thing to a global mailing list for all users of openssl? -- Senior Architect, Akamai Technologies IM: richs...@jabber.at Twitter: RichSalz -Original Message- From: MAGANA, ANDREAS S I CTR USAF AFMC 72 ABW/SCOOT [mailto:andreas.magana@us.af.mil] Sent: Monday, April 06, 2015 11:53 AM To: mike nicholas Cc: openssl-users@openssl.org; ESRY JR. DON; Matt Zagrabelny Subject: Re: [openssl-users] updating list of server account password //SIGNED// Andy Magaña UNIX Systems Administrator Diligent Contractor, 72nd Air Base Wing Tinker Air Force Base, Oklahoma Commercial: (405) 734-0341 -Original Message- From: mike nicholas [mailto:xmikenichol...@gmail.com] Sent: Monday, April 06, 2015 10:48 AM To: MAGANA, ANDREAS S I CTR USAF AFMC 72 ABW/SCOOT Cc: ESRY JR. DON; openssl-users@openssl.org; Matt Zagrabelny Subject: Re: updating list of server account password So the else if will only run if the first if is not true, that doesn't seem right,. On Apr 3, 2015 2:52 PM, MAGANA, ANDREAS S I CTR USAF AFMC 72 ABW/SCOOT andreas.magana@us.af.mil wrote: Hello Mike, Don and Matt, At the point I am at this list of servers in my script I would really need someone with more experience to see if I even have the right scripting. #!/usr/bin/perl use strict; use Expect; my $timeout = 60; my @servers = qw( remotehost03 remotehost04 remotehost05 remotehost06 ); for my $server (@servers) { # do your thing with $server change_password($server); } sub change_password { my $system = shift; my $filename = /var/tmp/expect_script.log; my $ssh = Expect-new('ssh amagana@' . $system); $ssh-debug(1); $ssh-expect ( $timeout, [ qr/Password:/], [ qr/Are you sure you want to continue connecting \(yes\/no\)?/] ); if ($ssh-match() =~ m/Are you sure you want to continue connecting \(yes\/no\)?/ ) { $ssh-send(yes\r); } elsif ($ssh-match() =~ m/Password:/ ) { $ssh-send(mypassword\n); } #$ssh-log_file($filename, 'w'); $ssh-expect(60, '$'); $ssh-send(su - root\n); $ssh-expect(60, 'Password:'); $ssh-send(rootpassword\n); $ssh-expect(60, '#'); $ssh-send(passwd amagana\n); $ssh-expect(60, 'New Password:'); $ssh-send(mynewpassword\n); $ssh-expect(60, 'Re-enter new Password:'); $ssh-send(mynewpassword\n); $ssh-expect(60, '#'); $ssh-close(); Mike, If that does not seem right what can I change it to make it right? Respectfully, #!/usr/bin/perl use strict; use Expect; my $timeout = 60; my $filename = /var/tmp/expect_script.log; my $ssh = Expect-new('ssh amagana@remotehost'); $ssh-debug(1); $ssh-expect ( $timeout, [ qr/Password:/], [ qr/Are you sure you want to continue connecting \(yes\/no\)?/] ); if ($ssh-match() =~ m/Are you sure you want to continue connecting \(yes\/no\)?/ ) { $ssh-send(yes\r); } elsif ($ssh-match() =~ m/Password:/ ) { $ssh-send(mypassword\n); } #$ssh-log_file($filename, 'w'); $ssh-expect(60, '$'); $ssh-send(su - root\n); $ssh-expect(60, 'Password:'); $ssh-send(rootpassword\n); $ssh-expect(60, '#'); $ssh-send(passwd amagana\n); $ssh-expect(60, 'New Password:'); $ssh-send(mynewpassword\n); $ssh-expect(60, 'Re-enter new Password:'); $ssh-send(mynewpassword\n); $ssh-expect(60, '#'); $ssh-close(); //SIGNED// Andy Magaña UNIX Systems Administrator Diligent Contractor, 72nd Air Base Wing Tinker Air Force Base, Oklahoma Commercial: (405) 734-0341 -Original Message- From: mike nicholas [mailto:xmikenichol...@gmail.com] Sent: Wednesday, April 01, 2015 9:46 AM To: MAGANA, ANDREAS S I CTR USAF AFMC 72 ABW/SCOOT Cc: ESRY JR., DON; Matt Zagrabelny; expectperl- disc...@lists.sourceforge.net Subject: Re: [Expectperl-discuss] expect.pm not updating password Try something like this: my $exp = new Expect; $exp-log_stdout(1); $username = XX; $exp-spawn( ssh -l ${username} ${ip} ) or die cannot spawn $command: $! \n; $exp-log_file(./${log_dir}/$ip\_info.log); print \nspawning ssh connection to $ip on $time\n\n; $exp-log_file-print( \nspawning ssh connection to $ip on $time\n\n ); $exp-expect(8, [
Re: [openssl-users] removing compression?
by randomly interspersing flush commands into the data stream (description and example implementation https://github.com/wnyc/breach_buster)? It's not perfect but for some use cases better than having no compression at all. Flushing the stream seems like an application-level thing to do, and not something openssl generally does. It might be better than having no compression at all, the question is do we need compression in openssl at all? :) ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Modulus field in text display of a certificate
Modulus: 00:9a:18:ca:4b:94:0d:00:2d:af:03:29:8a:f0:0f: The leading zero is so that you don't confuse it with a sign bit. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] removing compression?
I am thinking about removing compression and would like to know what the community thinks. At a minimum, I am going to remove the ability to add compression at run-time. This was never really documented. Moving forward, if someone wants to add a new compression scheme they will need to modify the OpenSSL source. This means COMP_METHOD becomes an internal datatype. But on a larger scale, does anyone use TLS compression? It has certainly caused problems with HTTP (see http://en.wikipedia.org/wiki/CRIME). And the best practice these days is to do it at the application layer, and feed the compressed bytes down to TLS. If this will cause problems for you, please post on the list, ideally within the next week. Thanks. -- Senior Architect, Akamai Technologies IM: richs...@jabber.at Twitter: RichSalz ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] HTTP / HTTPS on same port
It is a hack. Most people do it the other way and look for a G or P as the first letter. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Certification Path Building / non-hierachical PKI
Are there any plans or patches for such a feature? We have no plans for this. -- Senior Architect, Akamai Technologies IM: richs...@jabber.at Twitter: RichSalz ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Is RC4-MD5 disabled on Openssl-1.0.1h
I am wondering is this newly introduced?. No it's not new. Application compiled with openssl-0.9.8d used to work when Cipher string has '+'.or ':' That release is nearly 10 years old (Sep 2006) And are you sure it worked? + tended to mean add, so :+ worked... -- Senior Architect, Akamai Technologies IM: richs...@jabber.at Twitter: RichSalz ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] ChaCha20/Poly1305 in OpenSSL?
I see Adam Langley's patch here: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9a8646510b Any ideas why it was not accepted or not merged? (I'm assuming it was not merged because it was rejected for some reason). I thought his patch came before the IETF final doc, which changed some things. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] What global object I use in application lifetime
From document, I think CTX can be initialize only once. But I do not know g_ssl can be initialize only once? I can reuse g_ssl for 1000 differnt URLs? Please correct me if anything. Thanks! You need to create a new SSL object every time you want to do a connect. /r$ -- Senior Architect, Akamai Technologies IM: richs...@jabber.at Twitter: RichSalz ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] ChaCha20/Poly1305 in OpenSSL?
It's unlikely to appear in 1.0.2 as it's a new feature. CloudFlare has posted patches that seem like they would drop in easily, for folks that want to do it; see https://blog.cloudflare.com/do-the-chacha-better-mobile-performance-with-cryptography/ -- Senior Architect, Akamai Technologies IM: rs...@jabber.me Twitter: RichSalz ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] [openssl-announce] Forthcoming OpenSSL releases
The extra work is also documented (in a place not linked from the wiki) for those who maintain a git fork of the OpenSSL repository. I just tossed together https://wiki.openssl.org/index.php/Code_reformatting Found off the main page, https://wiki.openssl.org/index.php/Main_Page#Internals_and_Development But I have not yet seen a meaningful recipe for those of us who maintain a traditional set of feature patches against the released tarballs, nicely organized for future contribution. Folks had months of warning that this was going to happen. And, frankly, patches did not come flooding into the team. But I hope the above link helps. /r$ ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] TLS 1.2 message hiding.
Ok, so TLS does not handle this. The current draft of the TLS 1.3 specification includes a field to pad every data record. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] TLS 1.2 message hiding.
I'm using TLS 1.2 with compression and was wondering if OpenSSL implements ways to hide the exact length of the message (may be using RFC 6066). No. What in 6066 were you thinking of trying to use? ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] How to make a rehandshake(renegotiation)?
Many servers have disabled client-initiated renegotation. I thought you were testing your client/server. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Delay of email delivery for the list
Guess I'll mention this here. After the mailing list changes, MARC stopped archiving the OpenSSL lists, e.g. Thanks, I'll get in touch with them. -- Senior Architect, Akamai Technologies IM: rs...@jabber.me Twitter: RichSalz ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] How to make a rehandshake(renegotiation)?
Does OpenSSL support renegotiation? Yes. You probably need more than that. :) Take a look at the apps/s_client and look for the 'R' constant to see how to do client-initiated reneg. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Delay of email delivery for the list
I see some delay about 30-40 min for my emails. They arrive and I see them in the incoming messages in the list only after 30-40 min. And one email was delivered for 2 hours. Is it normal for the openssl-users@openssl.org? It happens sometimes. Some time ago I see an email with message: Welcome to the openssl- us...@mta.opensslfoundation.net mailing list! The OpenSSL domains got shuffled around a bit. Everything should be openssl.org now. -- Senior Architect, Akamai Technologies IM: rs...@jabber.me Twitter: RichSalz ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] How to disable all EXPORT Ciphers?
How to I disable all EXPORT Ciphers from OpenSSL? Will the use of string kEDH:ALL:!ADH:!DES:!LOW:!EXPORT:+SSLv2:@STRENGTH ; openssl ciphers -v kEDH:ALL:!ADH:!DES:!LOW:!EXPORT:+SSLv2:@STRENGTH | grep EXP ; Yes. But really, SSLv2? Really? You have clients that haven't been updated since the last century? -- Senior Architect, Akamai Technologies IM: rs...@jabber.me Twitter: RichSalz ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] SSL_read preserving message boundaries.
As far as I know SSL_read will only return data from 1 record. But there is no requirement that each write translates into one record. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] SSL_read preserving message boundaries.
So this is preserving message boundaries. How do I get the complete message just like with TCP? No, it just happened that way. TLS does not preserve message boundaries. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] OpenSSL and detecting whether bugs have been patched
if (!openssl_is_patched(CVE-2014-0160”)) { complain_vociferously(); } That's an interesting idea. Of course the CVE list would grow, so perhaps arrays of ints are better Int OPENSSL_cve_fixed(int year, int vuln);; ? ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Openssl upgrade
I am facing unknown digest error from ASN1 while verifying certificate from client using PKCS7_verify. Is this a cert you generated with the old openssl code? I believe there is an issue with OID's, but am not sure. Maybe somebody else can recall. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] has anyone developed a standalone test for CVE-2014-8730?
I've found one on-line tester for CVE-2014-8730 here: You sure that's the one you want? That is only for F5. See https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.html ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Getting General SSL Help
I like https://www.feistyduck.com/ -- Principal Security Engineer, Akamai Technologies IM: rs...@jabber.memailto:rs...@jabber.me Twitter: RichSalz ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Meaning of OCSP_NOEXPLICIT for OCSP_basic_verify()
As there is no documentation and as noone seems to know the meaning of the -no_explicit for openssl ocsp, should I file a documentation defect in RT for that? yes, please. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Meaning of OCSP_NOEXPLICIT for OCSP_basic_verify()
As there is no documentation and as noone seems to know the meaning of the -no_explicit for openssl ocsp, should I file a documentation defect in RT for that? yes, please. Never mind, Stephen already fixed the doc in master :) ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] FIPS, continuous tests, and error reporting
For that matter and in a general sense, so far I've seen that many encryption methods do not return any error code. How does error reporting generally works ? Really? Which ones? ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] FIPS, continuous tests, and error reporting
For instance, any of the void DES_*_encrypt(). This cursory observation is also supported by a vendor application code such as: Ah, okay. Those functions are 'just math' They depend on no external state. They can't fail. It's shifts and masking, etc. This is basically why I'm wondering about how errors propagate in the OpenSSL library. Functions that can fail return a status. Those that are just math are often void. There's an error stack where functions can put more detailed status, and it propagates; see ERR_get_error, ERR_clear_error, etc., for details. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] 1.0.1 upgrade issue
Is there a chance you can interrupt and get a backtrace to see where it’s hanging? -- Principal Security Engineer, Akamai Technologies IM: rs...@jabber.memailto:rs...@jabber.me Twitter: RichSalz From: Mike Collins [mailto:mikec1...@gmail.com] Sent: Wednesday, February 18, 2015 3:54 PM To: openssl-users@openssl.org Subject: Re: [openssl-users] 1.0.1 upgrade issue Thanks Jay. My build script is doing the same. Not sure where to go next except to update libc to a newer version. Due to the toolchain (not created by me) it may be a major undertaking. Mike From: Jay Foster jayf0s...@roadrunner.commailto:jayf0s...@roadrunner.com To: openssl-users@openssl.orgmailto:openssl-users@openssl.org Cc: Date: Wed, 18 Feb 2015 10:30:40 -0800 Subject: Re: [openssl-users] 1.0.1 upgrade issue I'm building against libc6 (glibc 2.9) and kernel 3.2.6. Are you skipping the 'make depend' step? My build script does, './Configure args', 'make depend', 'make'. Jay On 2/18/2015 8:03 AM, Mike Collins wrote: Thanks for the suggestions Jay but am still not having much luck. Does 1.0.1 have any minimum requirements for the libc version or kernel version? I am currently building against libc version 2.5 with the kernel at 2.6.30. Mike -- Forwarded message -- From: Jay Foster jayf0s...@roadrunner.commailto:jayf0s...@roadrunner.com To: openssl-users@openssl.orgmailto:openssl-users@openssl.org Cc: Date: Fri, 13 Feb 2015 08:48:12 -0800 Subject: Re: [openssl-users] 1.0.1 upgrade issue I have successfully built OpenSSL 1.0.0..., 1.0.1..., and 1.0.2 also on an ARM926EJ linux based system. I used the 'no-ssl2 no-ssl3 linux-armv4 shared' options (plus some others). I found that it works with and without the ARM assembly accelerations (no-asm option), even though the ARM926EJ is an arm5te. It works fine with lighttpd and passes the OpenSSL tests. I assume you are also using the appropriate '--cross-compile-prefix=prefix' option. You might try adding -mlittle-endian -mcpu=arm926ej-s -DL_ENDIAN to the CFLAGS, although that should be redundant (the compiler should already know this). Also, make sure there are no '-nostdinc' (or similar) type compiler options creeping in. These change the search order of header files, which can cause OpenSSL to be built against the (old) headers in your tool chain, rather than it's local (current) headers. I did discover that with 1.0.2, I also needed to add '-DOPENSSL_USE_BUILD_DATE' to the CFLAGS to get the 'openssl version -a' command to report a useful build date. Jay On 2/13/2015 7:29 AM, Mike Collins wrote: I am upgrading an embedded linux board's BSP from 1.0.0m to 1.0.1l due to a requirement for TLS v1.1. Version 1.0.1 will cross compile without errors using my 1.0.0 configuration but I have identified the following errors on the board (so far) with the build using 1.0.1: 1.) Cannot create a RSA key 2.) Trying to connect to the board's Lighttpd web server via https will timeout with PKCS #11 error 3.) Curl https POST calls fail with RSA padding error. Board has a ARM926EJ based processor and I am using a Codesourcery Lite toolchain. Configure settings (besides --prefix, etc) are shared, no-asm, linux-generic32, no-ssl2. All the other packages on the board have been rebuilt against the new openssl version. I am looking at the key creation first since that may be causing the other issues. If I try to create a key from the board command line using openssl genrsa -out testkey.pem 2048 I get a response of Generating RSA private key, 2048 bit long modulus. At this point it seems to get stuck in a loop; I am seeing the progress indicators (.) but it will never finish creating the key. I have let it run 10-15 minutes without completion; it just keeps displaying successive progress indicators. I can do Ctrl-C and it will exit. I don't think so but are there any dependency changes from 1.0.0 to 1.0.1? I noticed 1.0.2 has been released so tried that as well but have the same result as 1.0.1 Mike ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] [openssl-dev] Proposed cipher changes for post-1.0.2
From: Michael Wojcik [mailto:michael.woj...@microfocus.com] Thanks for the detailed and thoughtful response. I only want to respond to a few of your points. One is simply that we're seeing a lot of OpenSSL roadmap announcements. That's good in the sense that before the funding boost, progress was of course much slower and communication much less frequent. On the other hand, it's worrying because those changes have consequences for developers working with OpenSSL, and so we need to account for them in our plans. It seems to me that now folks are being told what is coming (or planned, or might, or we want to) a pretty long time in advance. I don't think that's ever happened before. I understand the stress this can cause -- how will we handle it -- but at least there's advance notice now, which there never was before. Also, keep in mind that the big flurry of activity is happening in master, which isn't going to be released until, at best, year-end. That's a pretty long time. And we are working pretty hard to keep the community informed and engaged. And while those announcements are generally couched as requests for feedback, arguments against them usually don't seem to carry much weight. I disagree with this. On the platform issue, Netware was kept and nodbody else raised an issue. On the #ifdef issue, Brian Smith raised a concern and Richard reassured him. On the API issue, Jakob is upset; some of that is, supposedly, addressed by overall retaining the crypto API's, and some of it we just disagree. On the cipher strength, the discussion is still ongoing and I haven't seen much support for Viktor's viewpoint. Have I missed any? -- Principal Security Engineer, Akamai Technologies IM: rs...@jabber.me Twitter: RichSalz ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] [openssl-dev] Proposed cipher changes for post-1.0.2
I agree with Viktor. His suggestion (keep RC4 in MEDIUM, suppress it explicilty in DEFAULT) is a good one that maintains important backward compatibility while providing the desired removal of RC4 by default. There's no advantage to moving RC4 to LOW. Sure there is: it's an accurate description of the quality of protection provided by the algorithm. :) It's also compatible with our documentation, which as was pointed out, always uses the word currently to describe the magic keywords. And it's also planned for the next version which won't be available until near the end of the year. And it's also compliant with the expected publication of the IETF RFC's that talk about TLS configuration and attacks. Postfix can work lay the groundwork to be future-compliant by changing its default configuration to be HIGH:MEDIUM:RC4. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] [openssl-dev] Proposed cipher changes for post-1.0.2
All sorts of things can be done. Clearly, in the Brave New World of well- funded OpenSSL, they'll have to be, because it's apparent that we're going to see a lot of disruptive change made on the flimsiest of pretexts, with objections from the user community brushed aside. That's your prerogative, of course, and anyone's free to fork OpenSSL. But it's a shame. I am surprised by the strength of your reaction. Hmm. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users