[openssl.org #79] 0.9.7 Beta1 - Build problems on OpenVMS.
I just commited a fix. Thanks for the report. The next snapshot will contain the fix. [[EMAIL PROTECTED] - Tue Jun 4 22:13:18 2002]: > I downloaded beta1 to a OpenVMS V7.2-1 system > running DEC C V6.2-008. I ran into two build problems: > > 1. SSL-LIB.COM contains an ON ERROR statement > that does not have a THEN clause. Embarassing!!! > 2. TESTS.COM does not accept NONE as a valid TCPIP > option. You mean MAKETESTS.COM, I'm sure :-). > I have included the complete build log below. -- Richard Levitte [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #74] problem with openssl-0.9.7-beta1 & mkdef.pl
Thanks for the report, that was an error in production. If you grab the latest 0.9.7 snapshot, you'll probably see that things have improved... [[EMAIL PROTECTED] - Tue Jun 4 19:40:45 2002]: > Hi, > > I have winnt 4.0 sp6a , vc++ 6 and NASM version 0.98 > When I execute "ms\do_nasm" > > I have the following errors: > > > D:\proyecto\sw\openssl\openssl-0.9.7-beta1>perl util\mkdef.pl 16 libeay > 1>ms\libeay16.def > Warning: EVP_aes_128_cfb does not have a number assigned > Warning: EVP_aes_128_ofb does not have a number assigned > Warning: EVP_aes_192_cfb does not have a number assigned > Warning: EVP_aes_192_ofb does not have a number assigned > Warning: EVP_aes_256_cfb does not have a number assigned > Warning: EVP_aes_256_ofb does not have a number assigned > > D:\proyecto\sw\openssl\openssl-0.9.7-beta1>perl util\mkdef.pl 32 libeay > 1>ms\libeay32.def > Warning: EVP_aes_128_cfb does not have a number assigned > Warning: EVP_aes_128_ofb does not have a number assigned > Warning: EVP_aes_192_cfb does not have a number assigned > Warning: EVP_aes_192_ofb does not have a number assigned > Warning: EVP_aes_256_cfb does not have a number assigned > Warning: EVP_aes_256_ofb does not have a number assigned > > > after that I have not problem to compile and run openssl > some ideas? > > thanks in advance > > __ > OpenSSL Project http://www.openssl.org > Development Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] -- Richard Levitte [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #71] [Fwd: Bug#141360: libssl-dev: gcc warning: redundant declaration of ERR_load_PEM_strings()]
I'm sure you read pem2.h and therefore the reason it exists. If you have a better idea on solving the circular dependency problem described, we're all ears. However, double declaration isn't an error, at least if the declarations are exactly the same. Until someone comes up with a better solution to break the circular dependency mentioned above, I don't see that this really needs to get fixed. I'll add the keyword "nice to have" to this ticket... -- Richard Levitte [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #70] [Fwd: Bug#144586: libssl-dev: Typo in BN_rand(3ssl) man page]
BN_pseudo_rand_range() was given in the synopsis exactly as you requested, since 0.9.6c (or at least, that's what I can make out by checking with our repository). I must say that I have some difficulty doing anything with this report because of that... -- Richard Levitte [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: [openssl.org #64] can't compile demos/maurice/loadkeys.c
Thanks for the quick response! Judith -Original Message- From: Richard Levitte via RT [mailto:[EMAIL PROTECTED]] Sent: Wednesday, June 05, 2002 7:23 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: [openssl.org #64] can't compile demos/maurice/loadkeys.c The fix is to add an extra NULL argument at the end of the argument list in both places where this error occurs. I've just commited a patch, so the above fix will be present in 0.9.6e. [[EMAIL PROTECTED] - Fri May 31 09:32:25 2002]: > > I've just installed openssl-0.9.6c on Linux, and I'm trying to figure out > the libcrypto API set by looking at the 'demos' examples. > > Compiling the maurice examples gives the compilation error > In function ReadPublicKey: too few arguments to function PEM_ASN1_read, > > > and indeed, the function signature in pem.h is: > char *PEM_ASN1_read(char *(*d2i)(), const char *name, > FILE *fp, char **x, > pem_password_cb *cb, > void *u); > > but is't invoked as: > FILE *fp... X509 *x509; EVP_PKEY *pkey; > x509 = (X509 *)PEM_ASN1_read ((char *(*)())d2i_X509, > PEM_STRING_X509, > fp, NULL, NULL); > > so one can sort of see the compiler's point. Perhaps tthe API set have > changed since the examples were written? Are there other changes that > compilers won't pick up? Any other sources of information on how to use the > API? > > Regards, > Judith > __ > OpenSSL Project http://www.openssl.org > User Support Mailing List[EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] -- Richard Levitte [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: [openssl.org #77] Openssl 0.9.6d coredumps
Hi Jarmo,
how did you generate your private key?
When I asn1parse it it looks very different from my openssl generated.
First it has an AlgorithmIdentifier ("rsaEncryption") where mine doesn't
have one. And then it only has 6 integers (probably Modulus, pubKey,
privKey, exp1, exp2 and coeff) where mine has 8
(Modulus, pubKey, privKey, P, Q, exp1, exp2 and coeff)
Maybe this helps...
Robert
-Original Message-
From: Jarmo Järvenpää via RT [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, June 04, 2002 7:50 PM
Cc: [EMAIL PROTECTED]
Subject: [openssl.org #77] Openssl 0.9.6d coredumps
Hi all,
I've tried to use the following certificate and private key to sign my
own requested certificate but for some reason, openssl coredumps.
Coredumps occur also when trying to obtain information from private key
(with commands like pkcs8, rsa).
Any idea why this is happening? (I can provide the coredump file if
necessary)
-BEGIN PRIVATE KEY-
MIIB5DANBgkqhkiG9w0BAQEFADCCAdECgYBTAI9HrMBfEfuTiT9NyUD2jGsWIi1YKqsLt3SdTwi
9Bh/k7/x68GpTRcAzDpklvs4ZaJBXwiJxs6cLJabV+dCHZnH9X3SSrn8Hz1zYrcNgkHqm3Jx6jE
aZxjN4MwRQd3KOjwmdZAvHd3+5IXRZPbmYdM1gC0QMiQpCP8rXXJzkZwIBIwKBgANzDplBB1Roe
ioJsYI8Oo3nP6ErT66NaNqV65QrLj5hVcWw30WbnLBYAqsD7m1JwhUBBVVvIgNlOM/sSW1MNeGs
RTOxpo6hbqe6WRqqtTEIopyOx/RUNM33NQ6Rfvo27/Sop4/xUe8DUQsnYJ0pJ5QStwOjlSXo9KV
mT3nkuQYLAkEAgwz57Wdk9dGOxyYKHsWTk2Y4NlV87/+/QNRO5Wfl/YNKIDuHxLFTin7netad7X
MFp43TPtBaNceNzx1UmctmuwJBAKIj149VZaw21RQ2vONV4R1Ll3qblnIQPnjyesCdBbABVVSOH
gCW7K0ytUMY9aH+N8rrxTw+0h3D6ILVHbMtXEUCQCwSZx1ZSpxyRU6/6SWMZDibdjxd5Zh03GZh
XxLSxzoiRyMygmB65OS5wFncscrd9CYmlpMpAKmatE7G0p+IrVE=
-END PRIVATE KEY-
...
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
[openssl.org #64] can't compile demos/maurice/loadkeys.c
The fix is to add an extra NULL argument at the end of the argument list in both places where this error occurs. I've just commited a patch, so the above fix will be present in 0.9.6e. [[EMAIL PROTECTED] - Fri May 31 09:32:25 2002]: > > I've just installed openssl-0.9.6c on Linux, and I'm trying to figure out > the libcrypto API set by looking at the 'demos' examples. > > Compiling the maurice examples gives the compilation error > In function ReadPublicKey: too few arguments to function PEM_ASN1_read, > > > and indeed, the function signature in pem.h is: > char *PEM_ASN1_read(char *(*d2i)(), const char *name, > FILE *fp, char **x, > pem_password_cb *cb, > void *u); > > but is't invoked as: > FILE *fp... X509 *x509; EVP_PKEY *pkey; > x509 = (X509 *)PEM_ASN1_read ((char *(*)())d2i_X509, > PEM_STRING_X509, > fp, NULL, NULL); > > so one can sort of see the compiler's point. Perhaps tthe API set have > changed since the examples were written? Are there other changes that > compilers won't pick up? Any other sources of information on how to use the > API? > > Regards, > Judith > __ > OpenSSL Project http://www.openssl.org > User Support Mailing List[EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] -- Richard Levitte [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #78] Memleak in libcrypto
Sorry, I fail to see the problem here. As far as I understand the code, *pval points at the ASN.1 blob that is the result of parsing the attribute string you're citing. Surely you don't want that to be freed before you even got to use it, do you? Or do I misunderstand something here? [[EMAIL PROTECTED] - Tue Jun 4 19:51:11 2002]: > There is a memleak in libcrypto: > > 1) In crypto/asn1/tasn_new.c:149 in function > asn1_item_ex_combine_new > *pval is never freed, it should be freed at > v3_conf:166 > in function do_ext_nconf, it seems like the "it" > associated > function does not do the job properly: > > This problem shows up for an extension entry > authorityInfoAccess = > caIssuers;URI:http://www.openssl.org/root.crt > > > > Call stack: > > asn1_item_ex_combine_new > ASN1_template_new > asn1_item_ex_combine_new > ASN1_item_ex_new > ASN1_item_new > ACCESS_DESCRIPTION_new > v2i_AUTHORITY_INFO_ACCESS > do_ext_nconf > X509V3_EXT_nconf > > ___ > Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français ! > Yahoo! Mail : http://fr.mail.yahoo.com > __ > OpenSSL Project http://www.openssl.org > Development Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] -- Richard Levitte [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #68] OpenSSL 0.9.7 beta1: gcc version check broken for gcc 3.1
Change commited. -- Richard Levitte [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #72] [Fwd: Bug#135297: Typo in SSL_CTX_set_cert_store(3ssl)]
Thanks, fixed. Lutz __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: cpp0 cannot allocate ...
On Wed, Jun 05, 2002 at 02:31:35AM +0700, Satria Bakti (13297096) wrote: > I'm working on AES code in openssl. After some > modifications on AES code, I tried to compile it > using 'make' command, but it failed. Here's > the message : > > cpp0 cannot allocate 56915764 bytes after allocating > 481876 bytes It seems, that the C-preprocessor has problems with allocating memory. Probably it cannot parse the code. > I'm using i585 166Mhz machine, gcc-2.96, running on > Linux 2.4.2-2. Was gcc-2.96 an official release of gcc? Wasn't it an experimental version? Try to update to gcc-3.0 or downgrade to gcc-2.95.x. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
cpp0 cannot allocate ...
Hi, I'm working on AES code in openssl. After some modifications on AES code, I tried to compile it using 'make' command, but it failed. Here's the message : cpp0 cannot allocate 56915764 bytes after allocating 481876 bytes I'm using i585 166Mhz machine, gcc-2.96, running on Linux 2.4.2-2. Is there any way to solve this problem ? Any help would be appreciated. Thanks. -satria- -- __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #78] Memleak in libcrypto
There is a memleak in libcrypto: 1) In crypto/asn1/tasn_new.c:149 in function asn1_item_ex_combine_new *pval is never freed, it should be freed at v3_conf:166 in function do_ext_nconf, it seems like the "it" associated function does not do the job properly: This problem shows up for an extension entry authorityInfoAccess = caIssuers;URI:http://www.openssl.org/root.crt Call stack: asn1_item_ex_combine_new ASN1_template_new asn1_item_ex_combine_new ASN1_item_ex_new ASN1_item_new ACCESS_DESCRIPTION_new v2i_AUTHORITY_INFO_ACCESS do_ext_nconf X509V3_EXT_nconf ___ Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français ! Yahoo! Mail : http://fr.mail.yahoo.com __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #77] Openssl 0.9.6d coredumps
Hi all, I've tried to use the following certificate and private key to sign my own requested certificate but for some reason, openssl coredumps. Coredumps occur also when trying to obtain information from private key (with commands like pkcs8, rsa). Any idea why this is happening? (I can provide the coredump file if necessary) -BEGIN PRIVATE KEY- MIIB5DANBgkqhkiG9w0BAQEFADCCAdECgYBTAI9HrMBfEfuTiT9NyUD2jGsWIi1YKqsLt3SdTwi 9Bh/k7/x68GpTRcAzDpklvs4ZaJBXwiJxs6cLJabV+dCHZnH9X3SSrn8Hz1zYrcNgkHqm3Jx6jE aZxjN4MwRQd3KOjwmdZAvHd3+5IXRZPbmYdM1gC0QMiQpCP8rXXJzkZwIBIwKBgANzDplBB1Roe ioJsYI8Oo3nP6ErT66NaNqV65QrLj5hVcWw30WbnLBYAqsD7m1JwhUBBVVvIgNlOM/sSW1MNeGs RTOxpo6hbqe6WRqqtTEIopyOx/RUNM33NQ6Rfvo27/Sop4/xUe8DUQsnYJ0pJ5QStwOjlSXo9KV mT3nkuQYLAkEAgwz57Wdk9dGOxyYKHsWTk2Y4NlV87/+/QNRO5Wfl/YNKIDuHxLFTin7netad7X MFp43TPtBaNceNzx1UmctmuwJBAKIj149VZaw21RQ2vONV4R1Ll3qblnIQPnjyesCdBbABVVSOH gCW7K0ytUMY9aH+N8rrxTw+0h3D6ILVHbMtXEUCQCwSZx1ZSpxyRU6/6SWMZDibdjxd5Zh03GZh XxLSxzoiRyMygmB65OS5wFncscrd9CYmlpMpAKmatE7G0p+IrVE= -END PRIVATE KEY- The matching public key: (this seems to work) -BEGIN CERTIFICATE- MIICRzCCAbCgAwIBAgIEATEF8TANBgkqhkiG9w0BAQQFADBVMQswCQYDVQQGEwJGSTEoMCYGA1U EChMfVGhlIEZpbm5pc2ggQmFua2VycyBBc3NvY2lhdGlvbjEcMBoGA1UECxMTQ2xpZW50IENBIF VudHJ1c3RlZDAeFw0wMDA2MTQwNjMwMDBaFw0yNzEwMzEwODMwMDBaMFUxCzAJBgNVBAYTAkZJM SgwJgYDVQQKEx9UaGUgRmlubmlzaCBCYW5rZXJzIEFzc29jaWF0aW9uMRwwGgYDVQQLExNDbGll bnQgQ0EgVW50cnVzdGVkMIGcMA0GCSqGSIb3DQEBAQUAA4GKADCBhgKBgFMAj0eswF8R+5OJP03 JQPaMaxYiLVgqqwu3dJ1PCL0GH+Tv/HrwalNFwDMOmSW+zhlokFfCInGzpwslptX50Idmcf1fdJ KufwfPXNitw2CQeqbcnHqMRpnGM3gzBFB3co6PCZ1kC8d3f7khdFk9uZh0zWALRAyJCkI/ytdcn ORnAgEjoycwJTAPBgNVHQ8BAf8EBQMDB4AAMBIGA1UdEwEB/wQIMAYBAf8CAQIwDQYJKoZIhvcN AQEEBQADgYEAUQu1peUXTmTBcNvNXAc8bQ5TDW8vL5Sl9zPNJsWD99pAqjIyMXLx02+96g46fUA ujxTzsVFNlnJ+tbejvTDZcWqSc6r/H1TeGOc14HAAFIRGV3ifI65Kj3XAHYRAuaVQtb69DAvWxM 7VINWzZp1Ip3kM1MC1J7GjlbW5yyxDiGM= -END CERTIFICATE- Regards, Jarmo __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #75] DJGPP (DOS) Patch for 0.9.7
Here is a slightly redone patch so that openssl-0.9.7 compiles under
DJGPP. This is against the June 1 snapshot. I removed the part of the
patch relating to Cygwin, since the Cygwin settings in Configure have
now changed. This configures, builds, and does "make test" without
problem, except for the usual inability to load "random state", since
there is no built-in method of gathering entropy under DJGPP.
There are some problems building under Cygwin, related to the use of
assembly code. So as not to confuse issues, I'll send a separate post
about that. While Cygwin builds with warnings, an attempt to use the
assembly code in DJGPP led to errors that stopped the compilation.
Doug
--- openssl-0.9.7/e_os.h.orig Sat Apr 6 12:02:18 2002
+++ openssl-0.9.7/e_os.hThu Apr 18 18:42:26 2002
@@ -191,6 +191,14 @@
#if (defined(WINDOWS) || defined(MSDOS))
+# ifdef __DJGPP__
+#include
+#include
+#define _setmode setmode
+#define _O_TEXT O_TEXT
+#define _O_BINARY O_BINARY
+# endif /* __DJGPP__ */
+
# ifndef S_IFDIR
#define S_IFDIR_S_IFDIR
# endif
@@ -336,7 +344,7 @@
/*/
#ifdef USE_SOCKETS
-# if defined(WINDOWS) || defined(MSDOS)
+# if (defined(WINDOWS) || defined(MSDOS)) && !defined(__DJGPP__)
/* windows world */
#ifdef OPENSSL_NO_SOCK
@@ -423,7 +431,9 @@
#define SSLeay_Write(a,b,c)write((a),(b),(c))
#define SHUTDOWN(fd){ shutdown((fd),0); closesocket((fd)); }
#define SHUTDOWN2(fd) { shutdown((fd),2); closesocket((fd)); }
+#ifndef INVALID_SOCKET
#define INVALID_SOCKET (-1)
+#endif /* INVALID_SOCKET */
# endif
#endif
--- openssl-0.9.7/install.djgpp.origThu Apr 18 18:42:26 2002
+++ openssl-0.9.7/install.djgpp Thu Apr 18 18:42:26 2002
@@ -0,0 +1,32 @@
+
+
+ INSTALLATION ON THE DOS PLATFORM WITH DJGPP
+ ---
+
+ Openssl has been ported to DOS, but only with long filename support. If
+ you wish to compile on native DOS with 8+3 filenames, you will have to
+ tweak the installation yourself, including renaming files with illegal
+ or duplicate names.
+
+ You should have a full DJGPP environment installed, including the
+ latest versions of DJGPP, GCC, BINUTILS, BASH, etc. This package
+ requires that PERL and BC also be installed.
+
+ All of these can be obtained from the usual DJGPP mirror sites, such as
+ "ftp://ftp.simtel.net/pub/simtelnet/gnu/djgpp";. You also need to have
+ the WATT-32 networking package installed before you try to compile
+ openssl. This can be obtained from "http://www.bgnett.no/~giva/";. The
+ Makefile assumes that the WATT-32 code is in directory "watt32" under
+ $DJDIR.
+
+ To compile openssl, start your BASH shell. Then configure for DOS by
+ running "./Configure" with appropriate arguments. The basic syntax for
+ DOS is:
+ ./Configure no-threads --prefix=$DJDIR DJGPP
+
+ You may run out of DPMI selectors when running in a DOS box under
+ Windows. If so, just close the BASH shell, go back to Windows, and
+ restart BASH. Then run "make" again.
+
+ Building openssl under DJGPP has been tested with DJGPP 2.03,
+ GCC 2.952, GCC 2.953, perl 5.005_02 and perl 5.006_01.
--- openssl-0.9.7/Configure.orig2002-05-30 10:08:08.0 -0800
+++ openssl-0.9.7/Configure 2002-06-02 15:23:38.0 -0800
@@ -513,6 +513,9 @@
"Cygwin-pre1.3", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486
-Wall::(unknown):CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::win32",
"Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486
-Wall:::CYGWIN32::BN_LLONG ${x86_gcc_des}
${x86_gcc_opts}:${x86_out_asm}:win32:cygwin-shared:::.dll",
+# DJGPP
+"DJGPP", "gcc:-I/dev/env/DJDIR/watt32/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer
+-O2 -Wall:::MSDOS:-L/dev/env/DJDIR/watt32/lib -lwatt:BN_LLONG ${x86_gcc_des}
+${x86_gcc_opts}::",
+
# Ultrix from Bernhard Simon <[EMAIL PROTECTED]>
"ultrix-cc","cc:-std1 -O -Olimit 1000 -DL_ENDIAN::(unknown):::",
"ultrix-gcc","gcc:-O3 -DL_ENDIAN::(unknown):::",
@@ -894,6 +897,7 @@
my $IsWindows=scalar grep /^$target$/,@WinTargets;
$exe_ext=".exe" if ($target eq "Cygwin");
+$exe_ext=".exe" if ($target eq "DJGPP");
$openssldir="/usr/local/ssl" if ($openssldir eq "" and $prefix eq "");
$prefix=$openssldir if $prefix eq "";
@@ -901,7 +905,7 @@
chop $prefix if $prefix =~ /\/$/;
$openssldir=$prefix . "/ssl" if $openssldir eq "";
-$openssldir=$prefix . "/" . $openssldir if $openssldir !~ /^\//;
+$openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/;
print "IsWindows=$IsWindows\n";
@@ -1226,6 +1230,50 @@
close(IN);
close(OUT);
+my $dir;
+my $crypt1;
+my $crypt2;
+my $crypt3;
+my $crypt4;
+my $crypt5;
+my $crypt6;
+my $symlink_exists;
+mkdir ('include/openssl', 0777) unless -d 'include/openssl';
+$symlink_exists=eval {symlink("",""); 1};
+foreach $dir (@skip) {
+$crypt1=join('','crypto/
[openssl.org #76] Cygwin problems with 0.9.7
Building 0.9.7 (snapshot from June 1) with Cygwin led to several
warnings during compilation related to the assembly code now included
by default. Despite the warnings, it passed the tests in "make test".
Does something need to get fixed? These warnings under Cygwin's port of
GCC were errors under the DJGPP port of GCC.
Doug
(cd asm; /usr/local/bin/perl md5-586.pl cpp >mx86unix.cpp)
gcc -E -DOUT asm/mx86unix.cpp | as -o asm/mx86-out.o
{standard input}: Assembler messages:
{standard input}:57: Warning: .type pseudo-op used outside of .def/.endef ignored.
{standard input}:57: Warning: rest of line ignored; first ignored character is `_'
{standard input}:731: Warning: .size pseudo-op used outside of .def/.endef ignored.
{standard input}:731: Warning: rest of line ignored; first ignored character is `_'
(cd asm; /usr/local/bin/perl sha1-586.pl cpp >sx86unix.cpp)
gcc -E -DOUT asm/sx86unix.cpp | as -o asm/sx86-out.o
{standard input}: Assembler messages:
{standard input}:58: Warning: .type pseudo-op used outside of .def/.endef ignored.
{standard input}:58: Warning: rest of line ignored; first ignored character is `_'
{standard input}:1947: Warning: .size pseudo-op used outside of .def/.endef ignored.
{standard input}:1947: Warning: rest of line ignored; first ignored character is `_'
{standard input}:1952: Warning: .type pseudo-op used outside of .def/.endef ignored.
{standard input}:1952: Warning: rest of line ignored; first ignored character is `_'
{standard input}:2003: Warning: .size pseudo-op used outside of .def/.endef ignored.
{standard input}:2003: Warning: rest of line ignored; first ignored character is `_'
(cd asm; /usr/local/bin/perl rmd-586.pl cpp >rm86unix.cpp)
gcc -E -DOUT asm/rm86unix.cpp | as -o asm/rm86-out.o
{standard input}: Assembler messages:
{standard input}:57: Warning: .type pseudo-op used outside of .def/.endef ignored.
{standard input}:57: Warning: rest of line ignored; first ignored character is `_'
{standard input}:2017: Warning: .size pseudo-op used outside of .def/.endef ignored.
{standard input}:2017: Warning: rest of line ignored; first ignored character is `_'
(cd asm; /usr/local/bin/perl des-586.pl cpp >dx86unix.cpp)
gcc -E -DOUT asm/dx86unix.cpp | as -o asm/dx86-out.o
{standard input}: Assembler messages:
{standard input}:63: Warning: .type pseudo-op used outside of .def/.endef ignored.
{standard input}:63: Warning: rest of line ignored; first ignored character is `_'
{standard input}:1353: Warning: .size pseudo-op used outside of .def/.endef ignored.
{standard input}:1353: Warning: rest of line ignored; first ignored character is `_'
{standard input}:1358: Warning: .type pseudo-op used outside of .def/.endef ignored.
{standard input}:1358: Warning: rest of line ignored; first ignored character is `_'
{standard input}:2576: Warning: .size pseudo-op used outside of .def/.endef ignored.
{standard input}:2576: Warning: rest of line ignored; first ignored character is `_'
{standard input}:2581: Warning: .type pseudo-op used outside of .def/.endef ignored.
{standard input}:2581: Warning: rest of line ignored; first ignored character is `_'
{standard input}:2699: Warning: .size pseudo-op used outside of .def/.endef ignored.
{standard input}:2699: Warning: rest of line ignored; first ignored character is `_'
{standard input}:2704: Warning: .type pseudo-op used outside of .def/.endef ignored.
{standard input}:2704: Warning: rest of line ignored; first ignored character is `_'
{standard input}:2822: Warning: .size pseudo-op used outside of .def/.endef ignored.
{standard input}:2822: Warning: rest of line ignored; first ignored character is `_'
{standard input}:2827: Warning: .type pseudo-op used outside of .def/.endef ignored.
{standard input}:2827: Warning: rest of line ignored; first ignored character is `_'
{standard input}:3010: Warning: .size pseudo-op used outside of .def/.endef ignored.
{standard input}:3010: Warning: rest of line ignored; first ignored character is `_'
{standard input}:3015: Warning: .type pseudo-op used outside of .def/.endef ignored.
{standard input}:3015: Warning: rest of line ignored; first ignored character is `_'
{standard input}:3202: Warning: .size pseudo-op used outside of .def/.endef ignored.
{standard input}:3202: Warning: rest of line ignored; first ignored character is `_'
(cd asm; /usr/local/bin/perl crypt586.pl cpp >yx86unix.cpp)
gcc -E -DOUT asm/yx86unix.cpp | as -o asm/yx86-out.o
{standard input}: Assembler messages:
{standard input}:58: Warning: .type pseudo-op used outside of .def/.endef ignored.
{standard input}:58: Warning: rest of line ignored; first ignored character is `_'
{standard input}:976: Warning: .size pseudo-op used outside of .def/.endef ignored.
{standard input}:976: Warning: rest of line ignored; first ignored character is `_'
(cd asm; /usr/local/bin/perl rc4-586.pl cpp >rx86unix.cpp)
gcc -E -DOUT asm/rx86unix.cpp | as -o asm/rx86-out.o
{standard input}: Assembler messages:
{standard input}
[openssl.org #68] config & gcc 3.1
GCC 3.1 and higher output different syntax on option "--version": | $ gcc-3.0.4 --version | 3.0.4 | $ gcc-3.1 --version | gcc (GCC) 3.1 | Copyright (C) 2002 Free Software Foundation, Inc. | This is free software; see the source for copying conditions. There is NO | warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. This unfortunately breaks our "config" script. I patched "config" the following way to make it working again. I people think this does not break anything else (I personally do not think it breaks) this should be comitted to CVS. --- config.orig Fri Mar 15 17:47:23 2002 +++ config Tue Jun 4 09:00:37 2002 @@ -381,9 +381,11 @@ # figure out if gcc is available and if so we use it otherwise # we fallback to whatever cc does on the system -GCCVER=`(gcc --version) 2>/dev/null` +GCCVER=`(gcc --version) 2>/dev/null | head -1` if [ "$GCCVER" != "" ]; then CC=gcc + # then strip off whatever prefix GCC 3.1 and higher prepends the number with... + GCCVER=`echo $GCCVER | sed 's/^gcc (GCC) //'` # then strip off whatever prefix Cygnus prepends the number with... GCCVER=`echo $GCCVER | sed 's/^[a-z]*\-//'` # peak single digit before and after first dot, e.g. 2.95.1 gives 29 Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #74] problem with openssl-0.9.7-beta1 & mkdef.pl
Hi, I have winnt 4.0 sp6a , vc++ 6 and NASM version 0.98 When I execute "ms\do_nasm" I have the following errors: D:\proyecto\sw\openssl\openssl-0.9.7-beta1>perl util\mkdef.pl 16 libeay 1>ms\libeay16.def Warning: EVP_aes_128_cfb does not have a number assigned Warning: EVP_aes_128_ofb does not have a number assigned Warning: EVP_aes_192_cfb does not have a number assigned Warning: EVP_aes_192_ofb does not have a number assigned Warning: EVP_aes_256_cfb does not have a number assigned Warning: EVP_aes_256_ofb does not have a number assigned D:\proyecto\sw\openssl\openssl-0.9.7-beta1>perl util\mkdef.pl 32 libeay 1>ms\libeay32.def Warning: EVP_aes_128_cfb does not have a number assigned Warning: EVP_aes_128_ofb does not have a number assigned Warning: EVP_aes_192_cfb does not have a number assigned Warning: EVP_aes_192_ofb does not have a number assigned Warning: EVP_aes_256_cfb does not have a number assigned Warning: EVP_aes_256_ofb does not have a number assigned after that I have not problem to compile and run openssl some ideas? thanks in advance __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #73] make failing under MAC OS X (darwin)
cc -o openssl -DMONOLITH -I../include -fPIC -DTHREADS -D_REENTRANT -O3 -D_DARWIN -DB_ENDIAN openssl.o verify.o asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o errstr.o ca.o pkcs7.o crl2p7.o crl.o rsa.o rsautl.o dsa.o dsaparam.o x509.o genrsa.o gendsa.o s_server.o s_client.o speed.o s_time.o apps.o s_cb.o s_socket.o app_rand.o version.o sess_id.o ciphers.o nseq.o pkcs12.o pkcs8.o spkac.o smime.o rand.o -L.. -lssl -L.. -lcrypto /usr/bin/ld: Undefined symbols: _ENGINE_by_id _ENGINE_free _ENGINE_set_default _ENGINE_load_private_key _ENGINE_ctrl _RSA_set_default_openssl_method /usr/bin/ld: warning unused multiple definitions of symbol _crypt /usr/lib/libcrypto.dylib(fcrypt.o) definition of _crypt /usr/lib/libSystem.dylib(crypt.o) unused definition of _crypt make[1]: *** [openssl] Erreur 1 make: *** [sub_all] Erreur 1 __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Prime number returns NULL ( BN_generate_prime)
> "Bill" == Bill Pringlemeir <[EMAIL PROTECTED]> writes: Praveen> Lutz thanks . Your guess is right. I tried with error option Praveen> and I got this printed. Praveen> "RSA key error: PRNG not seeded" [snip] Bill> the function `bitShaker' and my simple RNG for default data Bill> [providing it is interesting ;-]. I tried to follow some Bill> FreeBSD entropy code. I also hope that the bit time Bill> accumulation that I have done with the driver is `random Bill> enough'. * random.c -- A (strong?) random number generator for SunSolaris * * Version 0.6, last modified 16-Nov-2000 * * Copyright (c) Andreas Maier, 2000. All rights reserved. * Andreas Maier <[EMAIL PROTECTED]> Actually the only code was from this section, /* * SHA transform algorithm, taken from code written by Peter Gutmann, * and placed in the public domain. */ This is the file that the macros were taken from. I think that the driver is significantly different from this source. It wasn't FreeBSD but Solaris. Andreas used a much bigger buffer. I don't really think this is necessary as I just want to distribute runs... although the code I provided distributes runs over smaller areas (128 bits). Perhaps a bigger buffer should be used. Regards, Bill Pringlemeir. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Prime number returns NULL ( BN_generate_prime)
Praveen> Lutz thanks . Your guess is right. I tried with error option
Praveen> and I got this printed.
Praveen> "RSA key error: PRNG not seeded"
You must modify rand_win32.c or whatever you are using to seed the
PRNG. This is found at the end of the file. I have written a
"DEV_RANDOM" for vxWorks. It is attached. I would appreciate it if
anyone with mathematical skills could look at the function `bitShaker'
and my simple RNG for default data [providing it is interesting ;-].
I tried to follow some FreeBSD entropy code. I also hope that the bit
time accumulation that I have done with the driver is `random enough'.
vxWorks has a driver model that is much like `simple Unix'. The
functions open, close, write, read and ioctl are returned from a
create function. For this driver, the data sent to the `write'
function doesn't matter. It just accumulates a time delta since the
last call. It attempt to determine the number of bits difference
between the calls and adds these bits to the entropy data. This data
is then shuffled with the `bitShaker' function. The entropy data is
stored to a file occasionally (DEV_RANDOM_DEFAULT). This file is read
when the driver initializes. If the file is empty a simple RNG with
primes and seeds are used. A device can also be distributed with
different DEV_RANDOM_DEFAULT upon distribution.
I am not 100% sure that the buffer sizes that I have chosen provide
enough data to seed SSL. It is currently 1k of data. I believe that
this was the same amount that was provided by the support code that
generated a random file.
For use with openSSL, a driver that receives user input or some other
source of random time events, writes to the device. The RAND_poll()
function then just reads this device. In my device, I have made calls
in a keyboard and touch screen driver.
If anyone else uses this driver, I would appreciate *INFORMED* feed
back on errors in it's operation.
Regards,
Bill Pringlemeir.
[modified rand_win32.c to rand_vx.c]
#include
#define DEVRANDOM DEV_RANDOM
int RAND_poll(void)
{
FILE *fh;
/* Use a random entropy pool device. Linux, FreeBSD and OpenBSD
* have this. Use /dev/urandom if you can as /dev/random may block
* if it runs out of random entries. */
if ((fh = fopen(DEVRANDOM, "r")) != NULL)
{
unsigned char tmpbuf[ENTROPY_NEEDED];
int n;
setvbuf(fh, NULL, _IONBF, 0);
n=fread((unsigned char *)tmpbuf,1,ENTROPY_NEEDED,fh);
fclose(fh);
RAND_add(tmpbuf,sizeof tmpbuf,n);
memset(tmpbuf,0,n);
}
return 1;
}
[end modified rand_win32.c to rand_vx.c]
[start random.h]
#ifndef __RANDOM_H__
#define __RANDOM_H__
/* Size of the random buffer size (power of two). */
#define RANDOM_SIZE 256
/* The entropy acumulated size. */
typedef u_long ENTROPY;
#define EBITS (sizeof(ENTROPY)*8)
/* Name of the Random file. */
#define DEV_RANDOM "/random"
/* Random seed file. */
#define DEV_RANDOM_DEFAULT "/SSL/Client.rnd"
/* Ioctl options */
#define RANDOM_SET_DATA (15007)
#define RANDOM_GET_DATA (15008)
#define RANDOM_GET_OUT (15009)
#ifdef __cplusplus
extern "C" {
#endif
/* Prototypes. */
int randomDevCreate(char *name);
#ifdef __cplusplus
}
#endif /*__cplusplus */
#endif /*__RANDOM_H__ */
[end random.h]
[start random.c]
/*
modification history
01a,08feb01,wjp Created
*/
/*
* DESCRIPTION: This module gets time values when some unpredictable
* event happens, for instance keyboard or touch screen presses. The
* time is used by the SSL library to generate random keys. It is up
* to the unpredictable data sources to open this file and write bytes
* when the data is received.
*
* The data is hashed/shaken to spread any non-random data that might
* be received from these sources.
*
*/
/* Includes */
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include "random.h"
#define RAND_DEBUG(x, args...)
#ifndef RAND_DEBUG
#include
#define RAND_DEBUG ptr_rand_debug
void rand_debug(char * fmt, int a, int b, int c, int d, int e, int f)
{
logMsg(fmt,a,b,c,d,e,f);
}
void (*ptr_rand_debug)() = (void(*)())rand_debug;
#undef LOCAL
#define LOCAL
#endif
/* Forward declarations */
typedef struct
{
DEV_HDR devHdr;/* device super class. */
size_t in;/* incoming randomness. */
size_t out; /* outgoing randomness for reads. */
size_t bit; /* bits of incoming randomness. */
int clean; /* Wrote out new file? */
ENTROPY shaker[4]; /* mixes the random data. */
ENTROPY random[RANDOM_SIZE]; /* random data. */
SEM_ID read_sem; /* single read at a time. */
SEM_ID write_sem; /* single write at a time. */
Re: Prime number returns NULL ( BN_generate_prime)
Lutz
thanks . Your guess is right. I tried with error option and I got this
printed.
"RSA key error: PRNG not seeded"
This is my simple code. could not find out documentation on how to seed
PRNG.
Here is my test program.
==
int genarateKeys()
{
RSA *rsa, *pub_rsa,*priv_rsa;
unsigned char md[MD5_DIGEST_LENGTH];
unsigned char buffer[1024], *rsaret;
ERR_load_crypto_strings();
CRYPTO_malloc_init();
rsa = RSA_generate_key(512, RSA_F4, callback, NULL);
...
}
==
I could see that , rsa is returning null.
Can you please tell me where and how I can see PRNG.
Thanks
Praveen
List: openssl-dev
Subject: Re: Prime number returns NULL ( BN_generate_prime)
From: Lutz Jaenicke <[EMAIL PROTECTED]>
Date: 2002-06-01 11:53:37
[Download message RAW]
On Fri, May 31, 2002 at 06:59:05PM -0700, Praveen Dulam wrote:
> Hi
>
> I am testng my application on Vxworks.
> I am calling rsa = RSA_generate_key(512, RSA_F4, NULL, NULL);
> this is barfing.
>
> When I debugged I could see the
> rsa->p=BN_generate_prime(NULL,bitsp,0,NULL,NULL,callback,cb_arg);
> is resturning NULL.
>
> Can some one let me know if I miss some thing ...
OpenSSL records errors it finds in its error queue. Please use the
ERR_get_error() family of functions to get an indication about
what was wrong.
Best regards,
Lutz
PS. If I should give a guess, without digging deeper into it, all
key-generation routines require random numbers. Did you seed the
PRNG?
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
[PATCH] config & gcc 3.1
GCC 3.1 and higher output different syntax on option "--version": | $ gcc-3.0.4 --version | 3.0.4 | $ gcc-3.1 --version | gcc (GCC) 3.1 | Copyright (C) 2002 Free Software Foundation, Inc. | This is free software; see the source for copying conditions. There is NO | warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. This unfortunately breaks our "config" script. I patched "config" the following way to make it working again. I people think this does not break anything else (I personally do not think it breaks) this should be comitted to CVS. --- config.orig Fri Mar 15 17:47:23 2002 +++ config Tue Jun 4 09:00:37 2002 @@ -381,9 +381,11 @@ # figure out if gcc is available and if so we use it otherwise # we fallback to whatever cc does on the system -GCCVER=`(gcc --version) 2>/dev/null` +GCCVER=`(gcc --version) 2>/dev/null | head -1` if [ "$GCCVER" != "" ]; then CC=gcc + # then strip off whatever prefix GCC 3.1 and higher prepends the number with... + GCCVER=`echo $GCCVER | sed 's/^gcc (GCC) //'` # then strip off whatever prefix Cygnus prepends the number with... GCCVER=`echo $GCCVER | sed 's/^[a-z]*\-//'` # peak single digit before and after first dot, e.g. 2.95.1 gives 29 Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Memleak in libcrypto
There is a memleak in libcrypto: 1) In crypto/asn1/tasn_new.c:149 in function asn1_item_ex_combine_new *pval is never freed, it should be freed at v3_conf:166 in function do_ext_nconf, it seems like the "it" associated function does not do the job properly: This problem shows up for an extension entry authorityInfoAccess = caIssuers;URI:http://www.openssl.org/root.crt Call stack: asn1_item_ex_combine_new ASN1_template_new asn1_item_ex_combine_new ASN1_item_ex_new ASN1_item_new ACCESS_DESCRIPTION_new v2i_AUTHORITY_INFO_ACCESS do_ext_nconf X509V3_EXT_nconf ___ Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français ! Yahoo! Mail : http://fr.mail.yahoo.com __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
problem with openssl-0.9.7-beta1 & mkdef.pl
Hi, I have winnt 4.0 sp6a , vc++ 6 and NASM version 0.98 When I execute "ms\do_nasm" I have the following errors: D:\proyecto\sw\openssl\openssl-0.9.7-beta1>perl util\mkdef.pl 16 libeay 1>ms\libeay16.def Warning: EVP_aes_128_cfb does not have a number assigned Warning: EVP_aes_128_ofb does not have a number assigned Warning: EVP_aes_192_cfb does not have a number assigned Warning: EVP_aes_192_ofb does not have a number assigned Warning: EVP_aes_256_cfb does not have a number assigned Warning: EVP_aes_256_ofb does not have a number assigned D:\proyecto\sw\openssl\openssl-0.9.7-beta1>perl util\mkdef.pl 32 libeay 1>ms\libeay32.def Warning: EVP_aes_128_cfb does not have a number assigned Warning: EVP_aes_128_ofb does not have a number assigned Warning: EVP_aes_192_cfb does not have a number assigned Warning: EVP_aes_192_ofb does not have a number assigned Warning: EVP_aes_256_cfb does not have a number assigned Warning: EVP_aes_256_ofb does not have a number assigned after that I have not problem to compile and run openssl some ideas? thanks in advance __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
