[openssl-dev] 1.0.2j on solaris 10 sparc
I did a 64 bit build of 1.0.2j on my solaris 10 box and to my suprise the tests failed. Looks like an issue with bad_dtls_test.c . $ dbx ./bad_dtls_test For information about new features see `help changes' To remove this message, put `dbxenv suppress_startup_message 7.6' in your .dbxrc Reading bad_dtls_test Reading ld.so.1 Reading libssl.so.1.0 Reading libcrypto.so.1.0 Reading libsocket.so.1 Reading libnsl.so.1 Reading libdl.so.1 Reading libz.so.1 Reading libc.so.1 (dbx) run Running: bad_dtls_test (process id 17346) Reading libc_psr.so.1 signal BUS (invalid address alignment) in _time at 0x7e5c1944 0x7e5c1944: _time+0x0014: stx %o0, [%i0] Current function is main (optimized) 776 time((void *)server_random); (dbx) . Except for that, the tests are fine. -- Tim RiceMultitalents t...@multitalents.net -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] Upcoming build system change
On Sat, 23 Jan 2016, Corinna Vinschen wrote: > diff -upr origsrc/openssl-1.1-rc1/util/mkbuildinf.pl > src/openssl-1.1-rc1/util/mkbuildinf.pl > --- origsrc/openssl-1.1-rc1/util/mkbuildinf.pl2016-01-23 > 21:02:18.386710976 +0100 > +++ src/openssl-1.1-rc1/util/mkbuildinf.pl2016-01-23 21:15:19.705883094 > +0100 > @@ -1,4 +1,4 @@ > -#!/usr/local/bin/perl > +#!/usr/bin/perl A more portable fix would be #!/usr/bin/env perl -- Tim RiceMultitalents(707) 456-1146 t...@multitalents.net ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] Do you use EGD or PRNGD?
On Mon, 1 Jun 2015, Salz, Rich wrote: > We are thinking of removing support for EGD (entropy-gathering daemon) > in the next release. None of our supported platforms have needed it for > some time. If this will cause an issue for you, please reply soon. There is one currently shipping system I am aware of that does need PRNGD. OpenServer 5 from XinuOS. > -- > Senior Architect, Akamai Technologies > IM: richs...@jabber.at Twitter: RichSalz > -- Tim RiceMultitalents t...@multitalents.net ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: Makedepend bug?
On Tue, 1 Jul 2014, Ben Laurie wrote: > Aha! Well done. > > I suspect there's not really any reason to support makedepend anymore > - should perhaps just switch to always using gcc/clang for > dependencies? So now gcc/clang is required to build OpenSSL? -- Tim RiceMultitalents t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #3269] 1.0.2 beta1 on UnixWare
On Thu, 27 Feb 2014, Andy Polyakov via RT wrote: | >> Comment first two line and replace elsif with if, i.e. | >> | >> #if (defined($base) && $sym eq "OPENSSL_ia32cap_P" && !$::macosx) | >> #{ &::lea($dst,&::DWP("$sym-$reflabel",$base));} | >> if (($::pic && ($::elf || $::aout)) || $::macosx) | >> { if (!defined($base)) | >> | >> What happens? | > | > The build continues. | | There were a number of commits that address even this problem. I'd | suggest to checkout or wait for next 1.0.2 snapshot and test. Having not yet figured out how to update all my OpenSSL trees after the conversion to git, I downloaded openssl-1.0.2-stable-SNAP-20140228.tar.gz and tested. All test now pass on UnixWare 7.1.4 and OpenServer 6 using native compilers. Thanks. -- Tim RiceMultitalents(707) 456-1146 t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #3269] 1.0.2 beta1 on UnixWare
On Thu, 27 Feb 2014, Andy Polyakov via RT wrote: | >> Comment first two line and replace elsif with if, i.e. | >> | >> #if (defined($base) && $sym eq "OPENSSL_ia32cap_P" && !$::macosx) | >> #{ &::lea($dst,&::DWP("$sym-$reflabel",$base));} | >> if (($::pic && ($::elf || $::aout)) || $::macosx) | >> { if (!defined($base)) | >> | >> What happens? | > | > The build continues. | | There were a number of commits that address even this problem. I'd | suggest to checkout or wait for next 1.0.2 snapshot and test. Having not yet figured out how to update all my OpenSSL trees after the conversion to git, I downloaded openssl-1.0.2-stable-SNAP-20140228.tar.gz and tested. All test now pass on UnixWare 7.1.4 and OpenServer 6 using native compilers. Thanks. -- Tim RiceMultitalents(707) 456-1146 t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #3269] 1.0.2 beta1 on UnixWare
On Wed, 26 Feb 2014, Tim Rice wrote: | On Wed, 26 Feb 2014, Andy Polyakov via RT wrote: | | > #if (defined($base) && $sym eq "OPENSSL_ia32cap_P" && !$::macosx) | > #{ &::lea($dst,&::DWP("$sym-$reflabel",$base));} | > if (($::pic && ($::elf || $::aout)) || $::macosx) | > { if (!defined($base)) | > | > What happens? | | The build continues. | | Now to track down the next error. | I took a couple @'s out of Makefile to get more info | .. | making all in crypto/cmac... | if [ -n "libcrypto.so.1.0.0 libssl.so.1.0.0" ]; then \ | (cd ..; make libcrypto.so.1.0.0); \ | fi | [ -z "" ] || cc -Kpic -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -Kthread -DDSO_DLFCN -DHAVE_DLFCN_H -Kpentium_pro -D__i386__ -O -DFILIO_H -Kalloca -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -Iinclude \ | -DFINGERPRINT_PREMAIN_DSO_LOAD -o fips_premain_dso \ | fips_premain.c fipscanister.o \ | libcrypto.a -lsocket -lnsl | if [ "svr5-shared" != "" ]; then \ | if [ "" = "libcrypto" ]; then \ | FIPSLD_LIBCRYPTO=libcrypto.a ; \ | FIPSLD_CC="cc"; CC=/usr/local/ssl/fips-2.0/bin/fipsld; \ | export CC FIPSLD_CC FIPSLD_LIBCRYPTO; \ | fi; \ | make -e SHLIBDIRS=crypto CC="${CC:-cc}" build-shared; \ | touch -c fips_premain_dso; \ | else \ | echo "There's no support for shared libraries on this platform" >&2; \ | exit 1; \ | fi | *** Error code 1 (bu21) | UX:make: ERROR: fatal error. | .. | | Still looking. It turns out to be the "touch -c". It returns 1 on UnixWare if the file does not exist. --- Makefile.org.old2014-02-03 07:00:13.0 -0800 +++ Makefile.org2014-02-26 13:55:36.430461665 -0800 @@ -303,7 +303,7 @@ export CC FIPSLD_CC FIPSLD_LIBCRYPTO; \ fi; \ $(MAKE) -e SHLIBDIRS=crypto CC="$${CC:-$(CC)}" build-shared; \ - touch -c fips_premain_dso$(EXE_EXT); \ + touch -c fips_premain_dso$(EXE_EXT) ||:; \ else \ echo "There's no support for shared libraries on this platform" >&2; \ exit 1; \ Tests pass now. -- Tim RiceMultitalents t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #3269] 1.0.2 beta1 on UnixWare
On Wed, 26 Feb 2014, Tim Rice wrote: | On Wed, 26 Feb 2014, Andy Polyakov via RT wrote: | | > #if (defined($base) && $sym eq "OPENSSL_ia32cap_P" && !$::macosx) | > #{ &::lea($dst,&::DWP("$sym-$reflabel",$base));} | > if (($::pic && ($::elf || $::aout)) || $::macosx) | > { if (!defined($base)) | > | > What happens? | | The build continues. | | Now to track down the next error. | I took a couple @'s out of Makefile to get more info | .. | making all in crypto/cmac... | if [ -n "libcrypto.so.1.0.0 libssl.so.1.0.0" ]; then \ | (cd ..; make libcrypto.so.1.0.0); \ | fi | [ -z "" ] || cc -Kpic -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -Kthread -DDSO_DLFCN -DHAVE_DLFCN_H -Kpentium_pro -D__i386__ -O -DFILIO_H -Kalloca -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -Iinclude \ | -DFINGERPRINT_PREMAIN_DSO_LOAD -o fips_premain_dso \ | fips_premain.c fipscanister.o \ | libcrypto.a -lsocket -lnsl | if [ "svr5-shared" != "" ]; then \ | if [ "" = "libcrypto" ]; then \ | FIPSLD_LIBCRYPTO=libcrypto.a ; \ | FIPSLD_CC="cc"; CC=/usr/local/ssl/fips-2.0/bin/fipsld; \ | export CC FIPSLD_CC FIPSLD_LIBCRYPTO; \ | fi; \ | make -e SHLIBDIRS=crypto CC="${CC:-cc}" build-shared; \ | touch -c fips_premain_dso; \ | else \ | echo "There's no support for shared libraries on this platform" >&2; \ | exit 1; \ | fi | *** Error code 1 (bu21) | UX:make: ERROR: fatal error. | .. | | Still looking. It turns out to be the "touch -c". It returns 1 on UnixWare if the file does not exist. --- Makefile.org.old2014-02-03 07:00:13.0 -0800 +++ Makefile.org2014-02-26 13:55:36.430461665 -0800 @@ -303,7 +303,7 @@ export CC FIPSLD_CC FIPSLD_LIBCRYPTO; \ fi; \ $(MAKE) -e SHLIBDIRS=crypto CC="$${CC:-$(CC)}" build-shared; \ - touch -c fips_premain_dso$(EXE_EXT); \ + touch -c fips_premain_dso$(EXE_EXT) ||:; \ else \ echo "There's no support for shared libraries on this platform" >&2; \ exit 1; \ Tests pass now. -- Tim RiceMultitalents t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #3269] 1.0.2 beta1 on UnixWare
On Wed, 26 Feb 2014, Andy Polyakov via RT wrote: > > --- Xopenssl-1.0.1f/crypto/aes/aes-586.s2014-02-24 23:09:12.771751012 > > -0800 > > +++ openssl-1.0.2-beta1/crypto/aes/aes-586.s2014-02-24 > > 22:07:47.869751012 -0800 > > @@ -994,8 +1000,7 @@ > > call.L004pic_point > > .L004pic_point: > > popl%ebp > > - leal_GLOBAL_OFFSET_TABLE_+[.-.L004pic_point](%ebp),%eax > > - movlOPENSSL_ia32cap_P@GOT(%eax),%eax > > + lealOPENSSL_ia32cap_P-.L004pic_point(%ebp),%eax > > leal.LAES_Te-.L004pic_point(%ebp),%ebp > > leal764(%esp),%ebx > > subl%ebp,%ebx > > Aha! Try following. In crypto/perlasm/x86gas.pl you'll find ::picmeup, > which starts with > > if (defined($base) && $sym eq "OPENSSL_ia32cap_P" && !$::macosx) > { &::lea($dst,&::DWP("$sym-$reflabel",$base));} > elsif (($::pic && ($::elf || $::aout)) || $::macosx) > { if (!defined($base)) > > Comment first two line and replace elsif with if, i.e. > > #if (defined($base) && $sym eq "OPENSSL_ia32cap_P" && !$::macosx) > #{ &::lea($dst,&::DWP("$sym-$reflabel",$base));} > if (($::pic && ($::elf || $::aout)) || $::macosx) > { if (!defined($base)) > > What happens? The build continues. Now to track down the next error. I took a couple @'s out of Makefile to get more info .. making all in crypto/cmac... if [ -n "libcrypto.so.1.0.0 libssl.so.1.0.0" ]; then \ (cd ..; make libcrypto.so.1.0.0); \ fi [ -z "" ] || cc -Kpic -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -Kthread -DDSO_DLFCN -DHAVE_DLFCN_H -Kpentium_pro -D__i386__ -O -DFILIO_H -Kalloca -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -Iinclude \ -DFINGERPRINT_PREMAIN_DSO_LOAD -o fips_premain_dso \ fips_premain.c fipscanister.o \ libcrypto.a -lsocket -lnsl if [ "svr5-shared" != "" ]; then \ if [ "" = "libcrypto" ]; then \ FIPSLD_LIBCRYPTO=libcrypto.a ; \ FIPSLD_CC="cc"; CC=/usr/local/ssl/fips-2.0/bin/fipsld; \ export CC FIPSLD_CC FIPSLD_LIBCRYPTO; \ fi; \ make -e SHLIBDIRS=crypto CC="${CC:-cc}" build-shared; \ touch -c fips_premain_dso; \ else \ echo "There's no support for shared libraries on this platform" >&2; \ exit 1; \ fi *** Error code 1 (bu21) UX:make: ERROR: fatal error. .. Still looking. -- Tim RiceMultitalents(707) 456-1146 t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #3269] 1.0.2 beta1 on UnixWare
On Wed, 26 Feb 2014, Andy Polyakov via RT wrote: > > --- Xopenssl-1.0.1f/crypto/aes/aes-586.s2014-02-24 23:09:12.771751012 > > -0800 > > +++ openssl-1.0.2-beta1/crypto/aes/aes-586.s2014-02-24 > > 22:07:47.869751012 -0800 > > @@ -994,8 +1000,7 @@ > > call.L004pic_point > > .L004pic_point: > > popl%ebp > > - leal_GLOBAL_OFFSET_TABLE_+[.-.L004pic_point](%ebp),%eax > > - movlOPENSSL_ia32cap_P@GOT(%eax),%eax > > + lealOPENSSL_ia32cap_P-.L004pic_point(%ebp),%eax > > leal.LAES_Te-.L004pic_point(%ebp),%ebp > > leal764(%esp),%ebx > > subl%ebp,%ebx > > Aha! Try following. In crypto/perlasm/x86gas.pl you'll find ::picmeup, > which starts with > > if (defined($base) && $sym eq "OPENSSL_ia32cap_P" && !$::macosx) > { &::lea($dst,&::DWP("$sym-$reflabel",$base));} > elsif (($::pic && ($::elf || $::aout)) || $::macosx) > { if (!defined($base)) > > Comment first two line and replace elsif with if, i.e. > > #if (defined($base) && $sym eq "OPENSSL_ia32cap_P" && !$::macosx) > #{ &::lea($dst,&::DWP("$sym-$reflabel",$base));} > if (($::pic && ($::elf || $::aout)) || $::macosx) > { if (!defined($base)) > > What happens? The build continues. Now to track down the next error. I took a couple @'s out of Makefile to get more info .. making all in crypto/cmac... if [ -n "libcrypto.so.1.0.0 libssl.so.1.0.0" ]; then \ (cd ..; make libcrypto.so.1.0.0); \ fi [ -z "" ] || cc -Kpic -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -Kthread -DDSO_DLFCN -DHAVE_DLFCN_H -Kpentium_pro -D__i386__ -O -DFILIO_H -Kalloca -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -Iinclude \ -DFINGERPRINT_PREMAIN_DSO_LOAD -o fips_premain_dso \ fips_premain.c fipscanister.o \ libcrypto.a -lsocket -lnsl if [ "svr5-shared" != "" ]; then \ if [ "" = "libcrypto" ]; then \ FIPSLD_LIBCRYPTO=libcrypto.a ; \ FIPSLD_CC="cc"; CC=/usr/local/ssl/fips-2.0/bin/fipsld; \ export CC FIPSLD_CC FIPSLD_LIBCRYPTO; \ fi; \ make -e SHLIBDIRS=crypto CC="${CC:-cc}" build-shared; \ touch -c fips_premain_dso; \ else \ echo "There's no support for shared libraries on this platform" >&2; \ exit 1; \ fi *** Error code 1 (bu21) UX:make: ERROR: fatal error. .. Still looking. -- Tim RiceMultitalents(707) 456-1146 t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: OpenSSL version 1.0.2 beta 1 released on AIX, IRIX, Solaris/SPARC
On Wed, 26 Feb 2014, Zoltan Arpadffy wrote: [snip] > *SCO OpenServer* > > bash-3.2# uname -a > SCO_SV scosysv 5 6.0.0 i386 > bash-3.2# gcc --version > 2.95.2 > bash-3.2# what /bin/cc > /bin/cc: > OpenServer 6.0.0 legend/bl14z 2005-06-09:built on scout > [snip] > > unixware-7 - FAILED > cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include > -DOPENSSL_THREADS -Kthread -DDSO_DLFCN -DHAVE_DLFCN_H -O -DFILIO_H -Kalloca > -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m > -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM > -DWHIRLPOOL_ASM -DGHASH_ASM -c -o sha256-586.o sha256-586.s > UX:as: ERROR: sha256-586.s:28:defined relocatable values from the same section > required, op - Andy's commit will fix this. http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=d00ae7cf7019847c5d35728b01b22461a01bb336 > *** Error code 1 (bu21) > UX:make: ERROR: fatal error. > *** Error code 1 (bu21) > UX:make: ERROR: fatal error. > *** Error code 1 (bu21) > UX:make: ERROR: fatal error. > > NOTE: it is very weird that it configures as unixware-7 and unixware-7-gcc Not weird at all. OpenServer 6 is UnixWare (SVR5) under the hood. [snip] -- Tim RiceMultitalents t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #3269] 1.0.2 beta1 on UnixWare
On Wed, 26 Feb 2014, Andy Polyakov wrote: > > I am sorry, but it did not help: > > It surely did:-) x86cpuid did compile, didn't it:-) It's just that > *another* problem surfaced. > > > bash-2.05a# /usr/bin/perl ./Configure unixware-7-gcc no-sse2 > > gcc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include > > -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN > > -DFILIO_H -O3 -fomit-frame-pointer -march=pentium -Wall > > -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m > > -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM > > -DWHIRLPOOL_ASM -DGHASH_ASM -c sha_dgst.c > > UX:as: ERROR: /var/tmp/ccYUTbOr.s:191:unknown instruction: bswapl > > UX:as: ERROR: /var/tmp/ccYUTbOr.s:196:unknown instruction: bswapl I don't have gcc on any of my UnixWare boxes but I tried this on a OpenServe 6 machine (uses uixware build) with a gcc on it and it compiled fine. I added the -S option to look at the .s file and it does have bswapl lines in it. Here is a small snip. movl%eax, 112(%esp) /APP bswapl %ebp /NO_APP addl%ebp, %edx movl%ebp, 108(%esp) /APP bswapl %eax /NO_APP movl%eax, 112(%esp) Then doing a gcc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include \ -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN \ -DFILIO_H -O3 -fomit-frame-pointer -march=pentium -Wall \ -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m \ -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM \ -DWHIRLPOOL_ASM -DGHASH_ASM -c sha_dgst.s worked too. > I.e. assembler doesn't recognize even bswap. Well, when it comes to > out-of-date platforms, there is [invisible] line past which one gets > reluctant to address problems. Instead one rather opts for existing > tweaks. There is always option to pass no-asm, but in this case you > should also be able to pass 386 to avoid fancy instructions. [Option I'm > reluctant to implement is to manually encode bswap in > crypto/perlasm/x86asm.pl]. Maybe Tim can shed some light how come does > it work for him, i.e. maybe there are assembler updates... On my UnixWare 7.1.4 MP4 boxes I have UX:cc: INFO: Optimizing C Compilation System (CCS) 4.2 05/13/08 (uw714mp4.bl3h) UX:ld: INFO: Optimizing C Compilation System (CCS) 4.2 05/13/08 (uw714mp4.bl3h) UX:as: INFO: Optimizing C Compilation System (CCS) 4.2 05/13/08 (uw714mp4.bl3h) UnixWare 7.1.4+ has UX:cc: INFO: Optimizing C Compilation System (CCS) 4.2 04/24/13 (uw714mp5.bl3s) UX:ld: INFO: Optimizing C Compilation System (CCS) 4.2 04/24/13 (uw714mp5.bl3s) UX:as: INFO: Optimizing C Compilation System (CCS) 4.2 04/24/13 (uw714mp5.bl3s) -- Tim RiceMultitalents(707) 456-1146 t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #3269] 1.0.2 beta1 on UnixWare
On Wed, 26 Feb 2014, Andy Polyakov via RT wrote: | > Platform: UnixWare 7.1.4 MP4 | > OpenSSL 1.0.2 beta1 | > | > It looks like the latest assembler changes to sha and aes break | > on USL assemblers. | > | > -- | > making all in crypto/sha... | > cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include -DOPENSSL_THREADS -Kthread -DDSO_DLFCN -DHAVE_DLFCN_H -D__i386__ -O -DFILIO_H -Kalloca -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -c -o sha256-586.o sha256-586.s | > UX:as: ERROR: sha256-586.s:28:defined relocatable values from the same section required, op - | > *** Error code 1 (bu21) | > UX:make: ERROR: fatal error. | > -- | | http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=d00ae7cf7019847c5d35728b01b22461a01bb336 I can confirm that commit works here. | > -- | > making all in crypto/aes... | > cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include -DOPENSSL_THREADS -Kthread -DDSO_DLFCN -DHAVE_DLFCN_H -D__i386__ -O -DFILIO_H -Kalloca -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -c -o aes-586.o aes-586.s | > UX:as: ERROR: aes-586.s:1003:defined relocatable values from the same section required, op - | > UX:as: ERROR: aes-586.s:2195:defined relocatable values from the same section required, op - | > UX:as: ERROR: aes-586.s:2251:defined relocatable values from the same section required, op - | > *** Error code 1 (bu21) | > UX:make: ERROR: fatal error. | > -- | | But how did it work in 1.0.0? I mean this is not code that appeared in | 1.0.2. Interesting. I've been running a 1.0.1f-dev version on one of my UnixWare 7.1.4 boxes for quite soem time now. $ /opt/bin/openssl version -a OpenSSL 1.0.1f-dev 14 May 2013 built on: Mon May 27 15:49:18 PDT 2013 platform: unixware-7 options: bn(64,32) rc4(8x,mmx) des(ptr,risc1,16,long) idea(int) blowfish(idx) compiler: cc -Kpic -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -Kthread -DDSO_DLFCN -DHAVE_DLFCN_H -Kpentium_pro -D__i386__ -O -DFILIO_H -Kalloca -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM OPENSSLDIR: "/etc/ssl" crypto/aes/asm/aes-586.pl has not changes between the version I am running and the released 1.0.1f but gdiff -ru openssl-1.0.1f/crypto/aes/asm/aes-586.pl \ openssl-1.0.2-beta1/crypto/aes/asm/aes-586.pl produces a 496 line file. Doing a diff -u on the crypto/aes/aes-586.s files shows the changes that chokes the assembler. --- Xopenssl-1.0.1f/crypto/aes/aes-586.s2014-02-24 23:09:12.771751012 -0800 +++ openssl-1.0.2-beta1/crypto/aes/aes-586.s2014-02-24 22:07:47.869751012 -0800 @@ -994,8 +1000,7 @@ call.L004pic_point .L004pic_point: popl%ebp - leal_GLOBAL_OFFSET_TABLE_+[.-.L004pic_point](%ebp),%eax - movlOPENSSL_ia32cap_P@GOT(%eax),%eax + lealOPENSSL_ia32cap_P-.L004pic_point(%ebp),%eax leal.LAES_Te-.L004pic_point(%ebp),%ebp leal764(%esp),%ebx subl%ebp,%ebx @@ -2185,8 +2192,7 @@ call.L010pic_point .L010pic_point: popl%ebp - leal_GLOBAL_OFFSET_TABLE_+[.-.L010pic_point](%ebp),%eax - movlOPENSSL_ia32cap_P@GOT(%eax),%eax + lealOPENSSL_ia32cap_P-.L010pic_point(%ebp),%eax leal.LAES_Td-.L010pic_point(%ebp),%ebp leal764(%esp),%ebx subl%ebp,%ebx @@ -2242,8 +2248,7 @@ call.L013pic_point .L013pic_point: popl%ebp - leal_GLOBAL_OFFSET_TABLE_+[.-.L013pic_point](%ebp),%eax - movlOPENSSL_ia32cap_P@GOT(%eax),%eax + lealOPENSSL_ia32cap_P-.L013pic_point(%ebp),%eax cmpl$0,40(%esp) leal.LAES_Te-.L013pic_point(%ebp),%ebp jne .L014picked_te Thanks for all your help. | | > It does not seem to like lines like | > lealOPENSSL_ia32cap_P-.L001K256(%ebp),%edx | | Yes, it seems so. | -- Tim RiceMultitalents(707) 456-1146 t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #3269] 1.0.2 beta1 on UnixWare
On Wed, 26 Feb 2014, Andy Polyakov via RT wrote: | > Platform: UnixWare 7.1.4 MP4 | > OpenSSL 1.0.2 beta1 | > | > It looks like the latest assembler changes to sha and aes break | > on USL assemblers. | > | > -- | > making all in crypto/sha... | > cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include -DOPENSSL_THREADS -Kthread -DDSO_DLFCN -DHAVE_DLFCN_H -D__i386__ -O -DFILIO_H -Kalloca -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -c -o sha256-586.o sha256-586.s | > UX:as: ERROR: sha256-586.s:28:defined relocatable values from the same section required, op - | > *** Error code 1 (bu21) | > UX:make: ERROR: fatal error. | > -- | | http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=d00ae7cf7019847c5d35728b01b22461a01bb336 I can confirm that commit works here. | > -- | > making all in crypto/aes... | > cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include -DOPENSSL_THREADS -Kthread -DDSO_DLFCN -DHAVE_DLFCN_H -D__i386__ -O -DFILIO_H -Kalloca -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -c -o aes-586.o aes-586.s | > UX:as: ERROR: aes-586.s:1003:defined relocatable values from the same section required, op - | > UX:as: ERROR: aes-586.s:2195:defined relocatable values from the same section required, op - | > UX:as: ERROR: aes-586.s:2251:defined relocatable values from the same section required, op - | > *** Error code 1 (bu21) | > UX:make: ERROR: fatal error. | > -- | | But how did it work in 1.0.0? I mean this is not code that appeared in | 1.0.2. Interesting. I've been running a 1.0.1f-dev version on one of my UnixWare 7.1.4 boxes for quite soem time now. $ /opt/bin/openssl version -a OpenSSL 1.0.1f-dev 14 May 2013 built on: Mon May 27 15:49:18 PDT 2013 platform: unixware-7 options: bn(64,32) rc4(8x,mmx) des(ptr,risc1,16,long) idea(int) blowfish(idx) compiler: cc -Kpic -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -Kthread -DDSO_DLFCN -DHAVE_DLFCN_H -Kpentium_pro -D__i386__ -O -DFILIO_H -Kalloca -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM OPENSSLDIR: "/etc/ssl" crypto/aes/asm/aes-586.pl has not changes between the version I am running and the released 1.0.1f but gdiff -ru openssl-1.0.1f/crypto/aes/asm/aes-586.pl \ openssl-1.0.2-beta1/crypto/aes/asm/aes-586.pl produces a 496 line file. Doing a diff -u on the crypto/aes/aes-586.s files shows the changes that chokes the assembler. --- Xopenssl-1.0.1f/crypto/aes/aes-586.s2014-02-24 23:09:12.771751012 -0800 +++ openssl-1.0.2-beta1/crypto/aes/aes-586.s2014-02-24 22:07:47.869751012 -0800 @@ -994,8 +1000,7 @@ call.L004pic_point .L004pic_point: popl%ebp - leal_GLOBAL_OFFSET_TABLE_+[.-.L004pic_point](%ebp),%eax - movlOPENSSL_ia32cap_P@GOT(%eax),%eax + lealOPENSSL_ia32cap_P-.L004pic_point(%ebp),%eax leal.LAES_Te-.L004pic_point(%ebp),%ebp leal764(%esp),%ebx subl%ebp,%ebx @@ -2185,8 +2192,7 @@ call.L010pic_point .L010pic_point: popl%ebp - leal_GLOBAL_OFFSET_TABLE_+[.-.L010pic_point](%ebp),%eax - movlOPENSSL_ia32cap_P@GOT(%eax),%eax + lealOPENSSL_ia32cap_P-.L010pic_point(%ebp),%eax leal.LAES_Td-.L010pic_point(%ebp),%ebp leal764(%esp),%ebx subl%ebp,%ebx @@ -2242,8 +2248,7 @@ call.L013pic_point .L013pic_point: popl%ebp - leal_GLOBAL_OFFSET_TABLE_+[.-.L013pic_point](%ebp),%eax - movlOPENSSL_ia32cap_P@GOT(%eax),%eax + lealOPENSSL_ia32cap_P-.L013pic_point(%ebp),%eax cmpl$0,40(%esp) leal.LAES_Te-.L013pic_point(%ebp),%ebp jne .L014picked_te Thanks for all your help. | | > It does not seem to like lines like | > lealOPENSSL_ia32cap_P-.L001K256(%ebp),%edx | | Yes, it seems so. | -- Tim RiceMultitalents(707) 456-1146 t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #3269] 1.0.2 beta1 on UnixWare
Platform: UnixWare 7.1.4 MP4 OpenSSL 1.0.2 beta1 It looks like the latest assembler changes to sha and aes break on USL assemblers. -- making all in crypto/sha... cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include -DOPENSSL_THREADS -Kthread -DDSO_DLFCN -DHAVE_DLFCN_H -D__i386__ -O -DFILIO_H -Kalloca -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -c -o sha256-586.o sha256-586.s UX:as: ERROR: sha256-586.s:28:defined relocatable values from the same section required, op - *** Error code 1 (bu21) UX:make: ERROR: fatal error. -- -- making all in crypto/aes... cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include -DOPENSSL_THREADS -Kthread -DDSO_DLFCN -DHAVE_DLFCN_H -D__i386__ -O -DFILIO_H -Kalloca -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -c -o aes-586.o aes-586.s UX:as: ERROR: aes-586.s:1003:defined relocatable values from the same section required, op - UX:as: ERROR: aes-586.s:2195:defined relocatable values from the same section required, op - UX:as: ERROR: aes-586.s:2251:defined relocatable values from the same section required, op - *** Error code 1 (bu21) UX:make: ERROR: fatal error. -- It does not seem to like lines like lealOPENSSL_ia32cap_P-.L001K256(%ebp),%edx Thanks for your consideration. -- Tim RiceMultitalents(707) 456-1146 t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: OpenSSL Wiki
On Tue, 19 Mar 2013, Matt Caswell wrote: > Alternatively we just ditch pod altogether - but that would > lose the ability to create man pages (does anyone still read man > pages)? Yes, some of us still do. -- Tim RiceMultitalents t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: OpenSSL 1.0.1 on OpenServer 5.0.7
On Tue, 24 Jan 2012, Andy Polyakov wrote: > >> Unfortunately one of the tests core dumps. > >> Here is what gdb says. > >> ... > >> $ gdb -c core ./ssltest > >> #0 0x080d8590 in gcm_ghash_4bit_mmx () > > > > I would guess that it fails at pinsrw. Intel instructions reference Good guess. .. [snip] 0x80d857f :pxor 0x110(%esp,%edi,8),%mm7 0x80d8587 :and$0xf,%al 0x80d8589 :psllq $0x38,%mm3 0x80d858d :shr$0x4,%ebp 0x80d8590 :pinsrw $0x2,(%esi,%ebx,2),%mm2 0x80d8595 :pxor 0x10(%esp,%eax,8),%mm7 0x80d859a :rol$0x8,%edx 0x80d859d :pxor 0x90(%esp,%eax,8),%mm6 [snip] (gdb) info all-registers eax0x5 5 ecx0x8928b5da -1993820710 edx0x7627cf65 1982320485 ebx0x2a 42 esp0x8042c300x8042c30 ebp0x6 0x6 esi0x80d8b00135105280 edi0xc 12 eip0x80d85900x80d8590 eflags 0x210206 2163206 cs 0x17 23 ss 0x1f 31 ds 0x819001f135856159 es 0x1f 31 fs 0x0 0 gs 0x0 0 st00(raw 0x3591) st10(raw 0x05d80017080f) st20(raw 0x001f) st30(raw 0x) st40(raw 0x) st50(raw 0x) st6-0 (raw 0x815c227ac5f21f00) st70(raw 0x2ca1440d24f102a3) fctrl 0x1f 31 fstat 0x0 0 ftag 0x1f 31 fiseg 0x0 0 fioff 0xc 12 foseg 0x0 0 fooff 0x1f 31 fop0x0 0 (gdb) tim@sco507 47% .. > > doesn't tell when exactly this instruction was introduced, so I assumed > > it was MMX. But it might be that it was introduced with SSE. Try > > following. Open crypto/modes/gcm128.c in text editor, locate line that > > has '/* check MMX bit */' comment and replace '1<<23' with '1<<25'. Changing crypto/modes/gcm128.c gets test to pass. > > You must be running it on really old processor... Pentium II CPU ID 652 > Another test to perform is following. Revert back to '1<<23', then open > crypto/modes/asm/ghash-x86.pl in text editor and locate line that reads > 'if (0) {{ # "May" MMX version is kept for reference...". Replace '(0)' > with '(!$sse2)'... [ reverting crypto/modes/gcm128.c ] This change to crypto/modes/asm/ghash-x86.pl works also. ... ALL TESTS SUCCESSFUL. OPENSSL_CONF=apps/openssl.cnf util/opensslwrap.sh version -a OpenSSL 1.0.1-beta3-dev 21 Jan 2012 built on: Tue Jan 24 11:06:25 PST 2012 platform: sco5-gcc options: bn(64,32) rc4(4x,int) des(ptr,risc1,16,long) idea(int) blowfish(idx) compiler: gcc -DZLIB -DDSO_DLFCN -DHAVE_DLFCN_H -O3 -fomit-frame-pointer -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM OPENSSLDIR: "/usr/local/ssl" ... Thanks for your help. -- Tim RiceMultitalents t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
OpenSSL 1.0.1 on OpenServer 5.0.7
I rsync'd and pulled OpenSSL_1_0_1-stable today. With the strtoull() fix and this patch ... --- apps/apps.c.old 2011-12-12 11:02:32.593185016 -0800 +++ apps/apps.c 2012-01-05 22:31:30.011105020 -0800 @@ -109,7 +109,7 @@ * */ -#ifndef _POSIX_C_SOURCE +#if !defined(_POSIX_C_SOURCE) && defined(OPENSSL_SYS_VMS) #define _POSIX_C_SOURCE 2 /* On VMS, you need to define this to get the declaration of fileno(). The value 2 is to make sure no function defined --- crypto/ui/ui_openssl.c.old 2009-10-04 09:43:21.0 -0700 +++ crypto/ui/ui_openssl.c 2012-01-05 22:31:53.221105005 -0800 @@ -122,7 +122,7 @@ * sigaction and fileno included. -pedantic would be more appropriate for * the intended purposes, but we can't prevent users from adding -ansi. */ -#ifndef _POSIX_C_SOURCE +#if !defined(_POSIX_C_SOURCE) && defined(OPENSSL_SYS_VMS) #define _POSIX_C_SOURCE 2 #endif #include ... to deal with _POSIX_C_SOURCE issues OpenSSL builds on OpenServer 5.0.7 CONFIGURE_ARGS=sco5-gcc zlib no-sse2 Unfortunately one of the tests core dumps. Here is what gdb says. ... $ gdb -c core ./ssltest GNU gdb 5.2.1 Copyright 2002 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i586-pc-sco3.2v5.0"... Core was generated by `ssltest'. Program terminated with signal 4, Illegal instruction. Reading symbols from /usr/lib/libsocket.so.2...done. Loaded symbols for /usr/lib/libsocket.so.2 Reading symbols from /usr/lib/libnsl.so...done. Loaded symbols for /usr/lib/libnsl.so Reading symbols from /usr/lib/libz.so.1...done. Loaded symbols for /usr/lib/libz.so.1 Reading symbols from /usr/lib/libc.so.1...done. Loaded symbols for /usr/lib/libc.so.1 #0 0x080d8590 in gcm_ghash_4bit_mmx () (gdb) bt #0 0x080d8590 in gcm_ghash_4bit_mmx () #1 0x30201000 in ?? () Cannot access memory at address 0xe (gdb) ... Unfortunatly that's about all I knwow to do with gdb. -- Tim RiceMultitalents(707) 456-1146 t...@multitalents.net (707) 887-1469 __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: strtoull()
On Sat, 14 Jan 2012, Andy Polyakov wrote: > > More adventures with OpenServr 5. > > It looks like OpenSSL 1.0.1 uses strtoull(). > > Unfortunatly at least one very old (and currently being sold) platform > > does not have strtoull(). > > .. > > Undefined first referenced > > symbol in file > > strtoulllibcrypto.a(cryptlib.o) > > UX:i386ld: ERROR: Symbol referencing errors. No output written to openssl > > collect2: ld returned 1 exit status > > .. > > Shall we settle for http://cvs.openssl.org/chngview?cn=22017? Seems to take care of that linking problem. Now to track down a core dump running the test suite. Details in a new post. -- Tim RiceMultitalents(707) 456-1146 t...@multitalents.net (707) 887-1469 __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
OpenSSL 1.0.1 test results
LIB -DOPENSSL_THREADS -Kthread -DDSO_DLFCN -DHAVE_DLFCN_H -Kpentium_pro -D__i386__ -O -DFILIO_H -Kalloca -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM OPENSSLDIR: "/usr/local/ssl" -< OpenLinux 3.1.1 > ALL TESTS SUCCESSFUL. make[1]: Leaving directory `/usr/local/src/libs/openssl-1.0.1-cvs/test' OPENSSL_CONF=apps/openssl.cnf util/opensslwrap.sh version -a OpenSSL 1.0.1-beta1 03 Jan 2012 built on: Tue Jan 3 17:52:22 PST 2012 platform: linux-elf options: bn(64,32) rc4(8x,mmx) des(ptr,risc1,16,long) idea(int) blowfish(idx) compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -Wa,--noexecstack -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM OPENSSLDIR: "/usr/local/ssl" -< OSX Tiger > ALL TESTS SUCCESSFUL. OPENSSL_CONF=apps/openssl.cnf util/opensslwrap.sh version -a OpenSSL 1.0.1-beta1 03 Jan 2012 built on: Tue Jan 3 19:29:59 PST 2012 platform: darwin-ppc-cc options: bn(64,32) rc4(ptr,char) des(idx,cisc,16,long) idea(int) blowfish(ptr) compiler: cc -fPIC -fno-common -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch ppc -O3 -DB_ENDIAN -Wa,-force_cpusubtype_ALL -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DAES_ASM OPENSSLDIR: "/usr/local/ssl" - -- Tim RiceMultitalents t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
strtoull()
More adventures with OpenServr 5. It looks like OpenSSL 1.0.1 uses strtoull(). Unfortunatly at least one very old (and currently being sold) platform does not have strtoull(). .. Undefined first referenced symbol in file strtoulllibcrypto.a(cryptlib.o) UX:i386ld: ERROR: Symbol referencing errors. No output written to openssl collect2: ld returned 1 exit status .. -- Tim RiceMultitalents(707) 456-1146 t...@multitalents.net (707) 887-1469 __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
_POSIX_C_SOURCE
Some things came up attempting to build on OpenServer 5 . gcc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include -fPIC -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DDSO_DLFCN -DHAVE_DLFCN_H -O3 -fomit-frame-pointer -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -c ui_openssl.c In file included from /usr/include/posix/signal.h:35, from /usr/include/signal.h:11, from ui_openssl.c:128: /usr/include/sys/signal.h:175: parse error before `siginfo_t' *** Error code 1 (bu21) *** Error code 1 (bu21) *** Error code 1 (bu21) . Same problem with apps/apps.c It comes from #ifndef _POSIX_C_SOURCE #define _POSIX_C_SOURCE 2 #endif The comments in apps/apps.c indicate it is needed for VMS and the comments in crypto/ui/ui_openssl.c say it is needed for "gcc -ansi". Was it VMS users using "gcc -ansi"? Can we restrict the _POSIX_C_SOURCE define to VMS? -- Tim RiceMultitalents t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: 1.0.0 / 1.0.1 binary compatability
On Tue, 3 Jan 2012, Allan Clark wrote: > Logically, depending on where the API is stable/constant, the SONAME maybe > should be 1.0, with soft links from the libXX.so.1.0 -> libXX.so.1.0.1 .. I'm > referring to the old design where the filename/SONAME/softlink was > used/intended to allow some backward compatibility or bring in a shim. I > know we all know that, I'm mentioning it for the backing logic to my comment. > > Tim, what platform are you on? Is this behaviour common cross-target or only > Tim's platform? I've only tried UnixWare, Solaris, OpenServer 5, & OSX Lion so far. All are 1.0.0 hence my post. -- Tim RiceMultitalents(707) 456-1146 t...@multitalents.net (707) 887-1469 __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
1.0.0 / 1.0.1 binary compatability
I notice the shared library names (and SONAME) are 1.0.0 on the OpenSSL 1.0.1 libraries. I'd just like verification that this is intentional and we can expect binaries built against the 1.0.0 shared libs to run fine using the 1.0.1 shared libs. Thanks. -- Tim RiceMultitalents t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: crypto/objects/obj_xref.h
On Tue, 3 Jan 2012, Dr. Stephen Henson wrote: > On Tue, Jan 03, 2012, Tim Rice wrote: > > > > > I was testing OpenSSL_1_0_1-stable today and got this > > . > > making all in crypto/objects... > > /usr/bin/perl objxref.pl obj_mac.num obj_xref.txt > obj_xref.h > > UX:sh (sh): ERROR: obj_xref.h: Cannot create > > . > > > > It looks like there is a autogenerated file in CVS. > > Those of us that build from a read-only source tree would appreciate it > > being removed. > > > > It's not that easy as that file is not autogenerated on all platforms. So I'm discovering as I start testing on my Solaris 10 box. OK, I'll update my build script to make r/w copies of the generated files. Hmm, consistent comments might be helpful in searching them out . tim@server01-UnixWare 119% grep GENER crypto/objects/*.h crypto/objects/obj_dat.h:/* THIS FILE IS GENERATED FROM objects.h by obj_dat.pl via the crypto/objects/obj_mac.h:/* THIS FILE IS GENERATED FROM objects.txt by objects.p l via the crypto/objects/obj_xref.h:/* AUTOGENERATED BY objxref.pl, DO NOT EDIT */ . > If the date is updated in CVS it should not be autogenerated again. > > Steve. > -- > Dr Stephen N. Henson. OpenSSL project core developer. > Commercial tech support now available see: http://www.openssl.org -- Tim RiceMultitalents t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
crypto/objects/obj_xref.h
I was testing OpenSSL_1_0_1-stable today and got this . making all in crypto/objects... /usr/bin/perl objxref.pl obj_mac.num obj_xref.txt > obj_xref.h UX:sh (sh): ERROR: obj_xref.h: Cannot create . It looks like there is a autogenerated file in CVS. Those of us that build from a read-only source tree would appreciate it being removed. Thanks. -- Tim RiceMultitalents t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: Release of OpenSSL 1.0.1 approaching...
On Fri, 9 Dec 2011, Andy Polyakov wrote: > http://cvs.openssl.org/chngview?cn=21817 Yes that works. Thanks. -- Tim RiceMultitalents t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: Release of OpenSSL 1.0.1 approaching...
On Fri, 9 Dec 2011, Andy Polyakov wrote: > > I assume the snapshots are built from the OpenSSL_1_0_1-stable CVS tag. > > > > On UnixWare 7.1.4 (i586-sco-unixware7) configured with > > ./config --prefix=/opt/mt/openssl-1.0.0 --openssldir=/etc/ssl zlib > > -Kpentium_pro > > I'm getting this error > > > > making all in crypto... > > cc -I. -I.. -I../include -DZLIB -DOPENSSL_THREADS -Kthread -DDSO_DLFCN > > -DHAVE_DLFCN_H -Kpentium_pro -D__i386__ -O -DFILIO_H -Kalloca > > -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m > > -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM > > -DWHIRLPOOL_ASM -DGHASH_ASM -c -o x86cpuid.o x86cpuid.s > > UX:as: ERROR: x86cpuid.s:311:unknown instruction: loopl > > What happens if you edit crypto/x86cpuid.s in text editor and replace > 'loopl' with 'loop'. Question is if assembler supports loop instruction > at all. The build continues and "make tests" passes. . ALL TESTS SUCCESSFUL. OPENSSL_CONF=apps/openssl.cnf util/opensslwrap.sh version -a OpenSSL 1.0.1-dev 16 Oct 2011 built on: Thu Dec 8 17:10:38 PST 2011 platform: unixware-7 options: bn(64,32) rc4(8x,mmx) des(ptr,risc1,16,long) idea(int) blowfish(idx) compiler: cc -DZLIB -DOPENSSL_THREADS -Kthread -DDSO_DLFCN -DHAVE_DLFCN_H -Kpentium_pro -D__i386__ -O -DFILIO_H -Kalloca -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM OPENSSLDIR: "/etc/ssl" . Thanks. -- Tim RiceMultitalents(707) 456-1146 t...@multitalents.net (707) 887-1469 __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: Release of OpenSSL 1.0.1 approaching...
On Fri, 9 Dec 2011, Dr. Stephen Henson wrote: > OpenSSL 1.0.1 is expected to be released in the next few weeks. [snip] > Users are encouraged to test recent snapshots of OpenSSL 1.0.1 and > report any problems via the request tracker (r...@openssl.org). I assume the snapshots are built from the OpenSSL_1_0_1-stable CVS tag. On UnixWare 7.1.4 (i586-sco-unixware7) configured with ./config --prefix=/opt/mt/openssl-1.0.0 --openssldir=/etc/ssl zlib -Kpentium_pro I'm getting this error making all in crypto... cc -I. -I.. -I../include -DZLIB -DOPENSSL_THREADS -Kthread -DDSO_DLFCN -DHAVE_DLFCN_H -Kpentium_pro -D__i386__ -O -DFILIO_H -Kalloca -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -c -o x86cpuid.o x86cpuid.s UX:as: ERROR: x86cpuid.s:311:unknown instruction: loopl *** Error code 1 (bu21) UX:make: ERROR: fatal error. *** Error code 1 (bu21) UX:make: ERROR: fatal error. -- Tim RiceMultitalents(707) 456-1146 t...@multitalents.net (707) 887-1469 __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #2545] Openssl-1.0.0d fails to install on MacBook Air
On Fri, 24 Jun 2011, DB Warner via RT wrote: > OpenSSL installs on a MacBook Pro but not on a MacBook Air. > > > *MacBook Pro, Mac OS X 10.6.7, 2.8 GHz Intel Core 2 Duo, 4GB 1067 MHz DDR3, > installed Xcode, MacPorts* > > ... downloaded openssl-1.0.0d.tar.gz > ./Configure darwin64-x86_64-cc --openssldir=/usr/bin/openssl ^^^ Do you really want your certs and keys in the directory /usr/bin/openssl ? -- Tim RiceMultitalents(707) 456-1146 t...@multitalents.net (707) 887-1469 __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: OpenSSL HEAD on UnixWare
On Sat, 12 Feb 2011, Andy Polyakov wrote: > > symbol in file > > gcm_ghash_clmul libcrypto.a(gcm128.o) > > gcm_gmult_clmul libcrypto.a(gcm128.o) > > gcm_init_clmul libcrypto.a(gcm128.o) > > UX:ld: ERROR: Symbol referencing errors. No output written to openssl > > *** Error code 1 (bu21) > > http://cvs.openssl.org/chngview?cn=20385. a. > - ALL TESTS SUCCESSFUL. OPENSSL_CONF=apps/openssl.cnf util/opensslwrap.sh version -a OpenSSL 1.1.0-dev 12 Feb 2010 built on: Sat Feb 12 22:21:27 PST 2011 platform: unixware-7 options: bn(64,32) rc4(4x,int) des(ptr,risc1,16,long) idea(int) blowfish(idx) compiler: cc -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -Kthread -DDSO_DLFCN -DHAVE_DLFCN_H -Kpentium_pro -D__i386__ -O -DFILIO_H -Kalloca -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM OPENSSLDIR: "/usr/local/ssl" - Much better. Thanks. -- Tim RiceMultitalents t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: OpenSSL HEAD on UnixWare
On Thu, 10 Feb 2011, Andy Polyakov wrote: > >>> Hopefully there is a more portable way to do the assembler on ghash-x86.s > > i: > > .value 5 > > .value seems to be working on other platforms too. Therefore > http://cvs.openssl.org/chngview?cn=20378. Cheers. a. We're making progress. The assembler no longer chokes on ghash-x86.s The generated ghash-x86.s seems to be missing some functions. ... ${LDCMD} ${LDFLAGS} -o ${APPNAME:=openssl} openssl.o verify.o asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o errstr.o ca.o pkcs7.o crl2p7.o crl.o rsa.o rsautl.o dsa.o dsaparam.o ec.o ecparam.o x509.o genrsa.o gendsa.o genpkey.o s_server.o s_client.o speed.o s_time.o apps.o s_cb.o s_socket.o app_rand.o version.o sess_id.o ciphers.o nseq.o pkcs12.o pkcs8.o pkey.o pkeyparam.o pkeyutl.o spkac.o smime.o cms.o rand.o engine.o ocsp.o prime.o ts.o ${LIBDEPS} ) Undefined first referenced symbol in file gcm_ghash_clmul libcrypto.a(gcm128.o) gcm_gmult_clmul libcrypto.a(gcm128.o) gcm_init_clmul libcrypto.a(gcm128.o) UX:ld: ERROR: Symbol referencing errors. No output written to openssl *** Error code 1 (bu21) ... $ egrep 'gcm_ghash_clmul|gcm_gmult_clmul|gcm_init_clmul' crypto/modes/ghash-x86.s $ ... -- Tim RiceMultitalents(707) 887-1469 t...@multitalents.net (707) 456-1146 __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: OpenSSL HEAD on UnixWare
On Wed, 9 Feb 2011, Andy Polyakov wrote: > > Hopefully there is a more portable way to do the assembler on ghash-x86.s > > could you compile following snippet: > > shor i=5; > > generate assembler output with cc -S and submit it? a. I'm guessing you mean short i=5; .. .file "x.c" .version"01.01" .data .globl i .align 2 i: .value 5 .type i,"object" .size i,2 .ident "acomp: (CCS) 4.2 05/13/08 (uw714mp4.bl3h)" /REGAL 0 EXTDEF i 2 .. -- Tim RiceMultitalents t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
OpenSSL HEAD on UnixWare
It's been a while since I attempted to build HEAD on my UnixWare 7.1.4 box so I gave it a try. Unfortunately it blows up on crypto/modes/ghash-x86.s cc -I.. -I../.. -I../asn1 -I../evp -I../../include -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -Kthread -DDSO_DLFCN -DHAVE_DLFCN_H -Kpentium_pro -D__i386__ -O -DFILIO_H -Kalloca -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -c -o ghash-x86.o ghash-x86.s UX:as: ERROR: ghash-x86.s:917:unknown directive: .word UX:as: ERROR: ghash-x86.s:918:unknown directive: .word [snip more errors] Hopefully there is a more portable way to do the assembler on ghash-x86.s -- Tim RiceMultitalents(707) 887-1469 t...@multitalents.net (707) 456-1146 __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #2153] OpenSSL 1.0.0 on UnixWare
On Sun, 24 Jan 2010, The default queue via RT wrote: > > CVS OpenSSL_1_0_0-stable pulled 20 Jan 2010 > > On UnixWare 7.1.4 w/ MP4, If I build OpenSSL without static libs it > builds and tests fine. > . > ALL TESTS SUCCESSFUL. > OPENSSL_CONF=apps/openssl.cnf util/opensslwrap.sh version -a > OpenSSL 1.0.0-beta6-dev 20 Jan 2010 > built on: Sat Jan 23 11:10:13 PST 2010 > platform: unixware-7 > options: bn(64,32) rc4(1x,char) des(ptr,risc1,16,long) idea(int) > blowfish(idx) > compiler: cc -DZLIB -DOPENSSL_THREADS -Kthread -DDSO_DLFCN -DHAVE_DLFCN_H > -Kpentium_pro -D__i386__ -O -DFILIO_H -Kalloca -DOPENSSL_BN_ASM_PART_WORDS > -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM > -DRMD160_ASM -DAES_ASM -DWHIRLPOOL_ASM > OPENSSLDIR: "/etc/ssl" > . > > If I add the shared option to config it will build but tests fail. > . > enveloped content test streaming S/MIME format, 3 recipients, keyid: OK > enveloped content test streaming PEM format, KEK: verify error > *** Error code 1 (bu21) > UX:make: ERROR: fatal error. > . It looks like I've uncovered a compiler optimization bug. If I remove the -Kpentium_pro option all test pass. .. ALL TESTS SUCCESSFUL. OPENSSL_CONF=apps/openssl.cnf util/opensslwrap.sh version -a OpenSSL 1.0.0-beta6-dev 20 Jan 2010 built on: Mon Jan 25 09:09:25 PST 2010 platform: unixware-7 options: bn(64,32) rc4(1x,char) des(ptr,risc1,16,long) idea(int) blowfish(idx) compiler: cc -Kpic -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -Kthread -DDSO_DLFCN -DHAVE_DLFCN_H -D__i386__ -O -DFILIO_H -Kalloca -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DWHIRLPOOL_ASM OPENSSLDIR: "/etc/ssl" .. For reference Optimizing C Compilation System (CCS) 4.2 05/13/08 (uw714mp4.bl3h) Now I need to come up with a small reproducable test case and report it to the vendor. -- Tim RiceMultitalents(707) 887-1469 t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2154] OpenSSL 0.9.8 on UnixWare
CVS OpenSSL_0_9_8-stable pulled 20 Jan 2010 On UnixWare 7.1.4 w/ MP4, OpenSSL 0.9.8 builds and tests fine with both static and dynamic libs. . OpenSSL 0.9.8m-dev 20 Jan 2010 built on: Sat Jan 23 18:42:02 PST 2010 platform: unixware-7 options: bn(64,32) md2(char) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(idx) compiler: cc -Kpic -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -Kthread -DDSO_DLFCN -DHAVE_DLFCN_H -Kpentium_pro -D__i386__ -O -DFILIO_H -Kalloca -DOPENSSL_BN_ASM_PART_WORDS -DSHA1_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM OPENSSLDIR: "/etc/ssl" . On UnixWare 7.1.1 w/ MP5, OpenSSL 0.9.8 builds and tests fine with both static and dynamic libs. . OpenSSL 0.9.8m-dev 20 Jan 2010 built on: Sat Jan 23 18:43:24 PST 2010 platform: unixware-7 options: bn(64,32) md2(char) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(idx) compiler: cc -Kpic -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -Kthread -DDSO_DLFCN -DHAVE_DLFCN_H -D__i386__ -O -DFILIO_H -Kalloca -DOPENSSL_BN_ASM_PART_WORDS -DSHA1_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM OPENSSLDIR: "/etc/ssl" . -- Tim RiceMultitalents(707) 887-1469 t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2153] OpenSSL 1.0.0 on UnixWare
CVS OpenSSL_1_0_0-stable pulled 20 Jan 2010 On UnixWare 7.1.4 w/ MP4, If I build OpenSSL without static libs it builds and tests fine. . ALL TESTS SUCCESSFUL. OPENSSL_CONF=apps/openssl.cnf util/opensslwrap.sh version -a OpenSSL 1.0.0-beta6-dev 20 Jan 2010 built on: Sat Jan 23 11:10:13 PST 2010 platform: unixware-7 options: bn(64,32) rc4(1x,char) des(ptr,risc1,16,long) idea(int) blowfish(idx) compiler: cc -DZLIB -DOPENSSL_THREADS -Kthread -DDSO_DLFCN -DHAVE_DLFCN_H -Kpentium_pro -D__i386__ -O -DFILIO_H -Kalloca -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DWHIRLPOOL_ASM OPENSSLDIR: "/etc/ssl" . If I add the shared option to config it will build but tests fail. . enveloped content test streaming S/MIME format, 3 recipients, keyid: OK enveloped content test streaming PEM format, KEK: verify error *** Error code 1 (bu21) UX:make: ERROR: fatal error. . I've attached uw714-shared-testlog.gz On UnixWare 7.1.1 w/ MP5, OpenSSL fails to build because of the #define _XOPEN_SOURCE 500 line in test/ssltest.c (really ssl/ssltest.c) It we wrap it in a #ifdef OPENSSL_SYS_VMS it builds and tests fine both shared and static. -- Tim RiceMultitalents(707) 887-1469 t...@multitalents.net uw714-shared-testlog.gz Description: Binary data
Re: [PATCH 14/14] Cleanup some compile time warnings/magic numbers.
On Wed, 1 Jul 2009, David McCullough wrote: > Jivin Tim Rice lays it down ... > > On Tue, 30 Jun 2009, David McCullough wrote: > > > > > > > > Cleanup some compile time warnings/magic numbers. > > > > > > --- > > > diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c > > > index 186eb36..1e5d3a3 100644 > > > --- a/crypto/engine/eng_cryptodev.c > > > +++ b/crypto/engine/eng_cryptodev.c > > > @@ -70,9 +70,9 @@ struct dev_crypto_state { > > > int d_fd; > > > > > > #ifdef USE_CRYPTODEV_DIGESTS > > > - char dummy_mac_key[20]; > > > + char dummy_mac_key[HASH_MAX_LEN]; > > [snip] > > > > Where is HASH_MAX_LEN defined? > > It comes from the "cryptodev.h" provided by *BSD and ocf-linux, Sorry, my brain must not have been fully awake on my last post. I was thinking that that code would fail on platforms that don't have HASH_MAX_LEN defined but there staring me in the face is the fact that it's warped in a #ifdef USE_CRYPTODEV_DIGESTS. Oh well, back to the paying work. > Cheers, > Davidm > > -- Tim RiceMultitalents(707) 887-1469 t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #1821] Extensive use of @commands in Makefile makes troubleshooting challenging
On Tue, 30 Jun 2009, Philip Prindeville via RT wrote: > Tim Rice via RT wrote: > > On Mon, 29 Jun 2009, Philip A. Prindeville wrote: > > > >> Stephen Henson via RT wrote: > >>> It's not the @ command which might be non-portable IMHO but the > >>> expansion of $(Q) into @. > >> I guess I still don't understand the issue. On the platforms that don't > >> support this, it could be left undefined or set to the empty string... > >> > >> -Philip > > > > It is easy to understand if you try it on a make other than GNU make. > > Using your original post as an example: > > - > > $ cat Makefile > > > > QUIET=y > > ifeq ($(QUIET),y) > > Q:=@ > > else > > Q:= > > endif > > > > all: > > $(Q)echo "done" > > > > $ make > > UX:make: ERROR: Must be a separator on rules line 4 (bu39). > > $ gmake > > done > > $ > > - > > > > Right, so on a non-GNU make system, you'd never build with "QUIET=y"... the > Configure script should be able to take care of that. > > I'm still not understanding what the problem is. So are you proposing something like . $ cat Makefile QUIET= ifeq ($(QUIET),y) Q:=@ else Q:= endif all: $(Q)echo "done" $ make UX:make: ERROR: Must be a separator on rules line 3 (bu39). . Or without QUIET= . $ cat Makefile ifeq ($(QUIET),y) Q:=@ else Q:= endif all: $(Q)echo "done" $ make UX:make: ERROR: Must be a separator on rules line 3 (bu39). $ . Please provide a working example. > -Philip > -- Tim RiceMultitalents t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #1821] Extensive use of @commands in Makefile makes troubleshooting challenging
On Mon, 29 Jun 2009, Philip A. Prindeville wrote: > Stephen Henson via RT wrote: > > > > It's not the @ command which might be non-portable IMHO but the > > expansion of $(Q) into @. > > I guess I still don't understand the issue. On the platforms that don't > support this, it could be left undefined or set to the empty string... > > -Philip It is easy to understand if you try it on a make other than GNU make. Using your original post as an example: - $ cat Makefile QUIET=y ifeq ($(QUIET),y) Q:=@ else Q:= endif all: $(Q)echo "done" $ make UX:make: ERROR: Must be a separator on rules line 4 (bu39). $ gmake done $ - -- Tim RiceMultitalents t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [PATCH 14/14] Cleanup some compile time warnings/magic numbers.
On Tue, 30 Jun 2009, David McCullough wrote: > > Cleanup some compile time warnings/magic numbers. > > --- > diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c > index 186eb36..1e5d3a3 100644 > --- a/crypto/engine/eng_cryptodev.c > +++ b/crypto/engine/eng_cryptodev.c > @@ -70,9 +70,9 @@ struct dev_crypto_state { > int d_fd; > > #ifdef USE_CRYPTODEV_DIGESTS > - char dummy_mac_key[20]; > + char dummy_mac_key[HASH_MAX_LEN]; [snip] Where is HASH_MAX_LEN defined? -- Tim RiceMultitalents t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #1821] Extensive use of @commands in Makefile makes troubleshooting challenging
On Mon, 29 Jun 2009, Philip A. Prindeville wrote: > Stephen Henson via RT wrote: > > > > It's not the @ command which might be non-portable IMHO but the > > expansion of $(Q) into @. > > I guess I still don't understand the issue. On the platforms that don't > support this, it could be left undefined or set to the empty string... > > -Philip It is easy to understand if you try it on a make other than GNU make. Using your original post as an example: - $ cat Makefile QUIET=y ifeq ($(QUIET),y) Q:=@ else Q:= endif all: $(Q)echo "done" $ make UX:make: ERROR: Must be a separator on rules line 4 (bu39). $ gmake done $ - -- Tim RiceMultitalents t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
long long
It looks like (at least) the 1.0.0 branch requires a compiler that can handle the long long (or some 64bit) data type. The native compiler on SCO OpenServer 5 (sco5-cc target) does not support long long. I first noticed this in crypto/whrlpool/wp_block, then engines/ccgost/gosthash.h. There may be others. If OpenSSL now requires a 64bit data type, that's OK. As that is not the case in earlier versions, it should be mentioned in the release notes. On that platform we do have a couple of options. A person could use gcc or load the UDK (Universal Development Kit) which is same compilers used on UnixWare and OpenServr 6 and does support long long. -- Tim RiceMultitalents(707) 887-1469 t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [patch] OpenSSL-1.0.0-beta2 SCO OpenServer 5
On Wed, 22 Apr 2009, Brad House wrote: [snip] > That said, you're right -DSOCKLEN_T=int would work because of the > #elif !defined(SOCKLEN_T), so I propose just patching Configure then > (as attached), so someone doesn't have to know to manually pass that > on the command line. > > -Brad > > P.S. - I only patched the sco5-gcc line since that is the only thing > I can currently test, but I'm pretty sure the same thing should be > applied to the sco5-cc line. If it is applied to sco5-gcc it should be applied to sco5-cc. -- Tim RiceMultitalents(707) 887-1469 t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [patch] OpenSSL-1.0.0-beta2 SCO OpenServer 5
On Wed, 22 Apr 2009, Brad House wrote: > I've attached a trivial patch to correct the build of OpenSSL > on SCO OpenServer 5. SCO 5 doesn't define socklen_t, this > patch works around that. --- diff -ruN openssl-1.0.0-beta2.orig/crypto/bio/b_sock.c openssl-1.0.0-beta2/crypto/bio/b_sock.c --- openssl-1.0.0-beta2.orig/crypto/bio/b_sock.c2009-04-03 12:44:40.0 -0400 +++ openssl-1.0.0-beta2/crypto/bio/b_sock.c 2009-04-22 14:58:05.0 -0400 @@ -808,7 +808,7 @@ if (addr == NULL) goto end; #ifdef EAI_FAMILY -# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_BEOS_BONE) || defined(OPENSSL_SYS_MSDOS) +# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_BEOS_BONE) || defined(OPENSSL_SYS_MSDOS) || defined(_SCO_ELF) # define SOCKLEN_T size_t # elif !defined(SOCKLEN_T) # define SOCKLEN_T socklen_t --- Two problems with that patch. 1) _SCO_ELF is defined in gcc but not the native cc. 2) SOCKLEN_T should be int on OpenServer 5. You can run "./config -DSOCKLEN_T=int" to get the desired result. -- Tim RiceMultitalents(707) 887-1469 t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #1888] socklen_t
On Fri, 3 Apr 2009, Stephen Henson via RT wrote: > > [...@multitalents.net - Fri Apr 03 09:08:23 2009]: > > > > > > OpenSSL_1_0_0-stable and HEAD use socklen_t. > > Some platforms do not have the socklen_t data type. > > > > I propose the following patch (also attached) so a person could > >./config --socklen_t=int > > > > There isn't any real need for a specific configuration file option. > Passing -DSOCKLEN_T=int config should work. OK, the Configure changes are overkill but we still need the crypto/bio/b_sock.c patch to be able to pass -DSOCKLEN_T=int > If there is a known platform where the socklen_t logic doesn't work we > should really covert in in the header. The problem comes in where a platform may or may not have socklen_t depending on which version. In the case of UnixWare 7, 7.1.1 does not have it but the current 7.1.4 does. Although it would be safe to set SOCKLEN_T to size_t on all the unixware-* targets in Configure. The sco5-* targets would need SOCKLEN_T to be int. -- Tim RiceMultitalents(707) 887-1469 t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #1888] socklen_t
OpenSSL_1_0_0-stable and HEAD use socklen_t. Some platforms do not have the socklen_t data type. I propose the following patch (also attached) so a person could ./config --socklen_t=int . --- openssl-1.0.0/Configure.old 2009-02-19 01:43:18.0 -0800 +++ openssl-1.0.0/Configure 2009-04-02 14:28:35.421293044 -0700 @@ -40,6 +40,9 @@ # # --cross-compile-prefix Add specified prefix to binutils components. # +# --socklen_t For systems without socklen_t data type. Set to int or +# size_t as appropriate for your platform. +# # no-hw-xxx do not compile support for specific crypto hardware. # Generic OpenSSL-style methods relating to this support # are always compiled but return NULL if the hardware @@ -613,6 +616,7 @@ my $exe_ext=""; my $install_prefix=""; my $cross_compile_prefix=""; +my $socklen_t=""; my $no_threads=0; my $threads=0; my $no_shared=0; # but "no-shared" is default @@ -834,6 +838,10 @@ { $cross_compile_prefix=$1; } + elsif (/^--socklen_t=(.*)$/) + { + $socklen_t=$1; + } else { print STDERR $usage; @@ -1371,6 +1379,11 @@ } $cmll_obj=$cmll_encunless ($cmll_obj =~ /.o$/); +if ($socklen_t) + { + $cflags="$cflags -DSOCKLEN_T=$socklen_t"; + } + # "Stringify" the C flags string. This permits it to be made part of a string # and works as well on command lines. $cflags =~ s/([\\\"])/\\\1/g; --- openssl-1.0.0/crypto/bio/b_sock.c.old 2008-01-03 14:43:01.0 -0800 +++ openssl-1.0.0/crypto/bio/b_sock.c 2009-04-02 14:02:28.116173005 -0700 @@ -811,7 +811,9 @@ # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_BEOS_BONE) || defined(OPENSSL_SYS_MSDOS) # define SOCKLEN_T size_t # else +# ifndef SOCKLEN_T # define SOCKLEN_T socklen_t +# endif #endif do { char h[NI_MAXHOST],s[NI_MAXSERV]; . -- Tim RiceMultitalents(707) 887-1469 t...@multitalents.net --- openssl-1.0.0/Configure.old 2009-02-19 01:43:18.0 -0800 +++ openssl-1.0.0/Configure 2009-04-02 14:28:35.421293044 -0700 @@ -40,6 +40,9 @@ # # --cross-compile-prefix Add specified prefix to binutils components. # +# --socklen_t For systems without socklen_t data type. Set to int or +# size_t as appropriate for your platform. +# # no-hw-xxx do not compile support for specific crypto hardware. # Generic OpenSSL-style methods relating to this support # are always compiled but return NULL if the hardware @@ -613,6 +616,7 @@ my $exe_ext=""; my $install_prefix=""; my $cross_compile_prefix=""; +my $socklen_t=""; my $no_threads=0; my $threads=0; my $no_shared=0; # but "no-shared" is default @@ -834,6 +838,10 @@ { $cross_compile_prefix=$1; } + elsif (/^--socklen_t=(.*)$/) + { + $socklen_t=$1; + } else { print STDERR $usage; @@ -1371,6 +1379,11 @@ } $cmll_obj=$cmll_encunless ($cmll_obj =~ /.o$/); +if ($socklen_t) + { + $cflags="$cflags -DSOCKLEN_T=$socklen_t"; + } + # "Stringify" the C flags string. This permits it to be made part of a string # and works as well on command lines. $cflags =~ s/([\\\"])/\\\1/g; --- openssl-1.0.0/crypto/bio/b_sock.c.old 2008-01-03 14:43:01.0 -0800 +++ openssl-1.0.0/crypto/bio/b_sock.c 2009-04-02 14:02:28.116173005 -0700 @@ -811,7 +811,9 @@ # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_BEOS_BONE) || defined(OPENSSL_SYS_MSDOS) # define SOCKLEN_T size_t # else +# ifndef SOCKLEN_T # define SOCKLEN_T socklen_t +# endif #endif do { char h[NI_MAXHOST],s[NI_MAXSERV];
Re: [openssl.org #1883] OpenSSL 1.0.0 on UnixWare 7.1.4
On Thu, 2 Apr 2009, Stephen Henson via RT wrote: > > [openssl-...@openssl.org - Thu Apr 02 08:15:41 2009]: > > > > The struct timeval is found in sys/time.h on this platform. > > In the 1.0.0 version of apps/ocsp.c the USE_SOCKETS define has been > > removed so sys/time.h is not included from e_os.h as it was in 0.9.8. > > I don't think it was so much removed as never added in the first place. > I've added it now, please check the next snapshot. Ah yes, I was comparing to 0.9.8 not HEAD. Builds and tests OK on UnixWare 7.1.4 and OpenServer 6.0.0 now. P.S. We'll need USE_SOCKETS in HEAD too. Thanks. -- Tim RiceMultitalents(707) 887-1469 t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
OpenSSL 1.0.0 on UnixWare 7.1.4
On UnixWare 7.1.4 . cc -DMONOLITH -I.. -I../include -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -Kthread -DDSO_DLFCN -DHAVE_DLFCN_H -Kpentium_pro -D__i386__ -O -DFILIO_H -Kalloca -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DWHIRLPOOL_ASM -c ocsp.c UX:acomp: ERROR: "ocsp.c", line 1268: incomplete struct/union/enum timeval: tv UX:acomp: ERROR: "ocsp.c", line 1294: undefined struct/union member: tv_usec UX:acomp: WARNING: "ocsp.c", line 1295: improper member use: tv_sec UX:acomp: ERROR: "ocsp.c", line 1316: undefined struct/union member: tv_usec UX:acomp: WARNING: "ocsp.c", line 1317: improper member use: tv_sec *** Error code 1 (bu21) . The struct timeval is found in sys/time.h on this platform. In the 1.0.0 version of apps/ocsp.c the USE_SOCKETS define has been removed so sys/time.h is not included from e_os.h as it was in 0.9.8. Here is one possible fix . --- apps/ocsp.c.old 2009-02-06 08:43:52.0 -0800 +++ apps/ocsp.c 2009-04-01 22:04:40.722240006 -0700 @@ -66,6 +66,7 @@ #include #include #include +#include /* needed for struct timeval */ #include "apps.h" /* needs to be included before the openssl headers! */ #include #include . -- Tim RiceMultitalents(707) 887-1469 t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: FIPS_selftest_rng fails on Solaris10 x86
On Sat, 14 Feb 2009, RussMitch wrote: > Steve, you were correct, it was a compiler bug. I was using Sun Studio 11, > which didn't work, switched over to Sun Studio 10, and now all of the tests > pass, including the test/fips_test_suite tests. Thanks for your help. These may help. http://developers.sun.com/sunstudio/downloads/patches/ss11_patches.html http://developers.sun.com/sunstudio/downloads/patches/ss12_patches.jsp -- Tim RiceMultitalents(707) 887-1469 t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #1821] Extensive use of @commands in Makefile makes troubleshooting challenging
On Mon, 26 Jan 2009, Philip Prindeville via RT wrote: > When doing a version bump on distros (especially distros that may have > required some patching to accommodate this package), the "silent death" > of commands that run and fail without emitting any output makes it > especially difficult to figure out what died and why. > > I'd recommend using something like: Nice idea. Now if you can only make it portable. It needs to work with the system makes for all the platforms that OpenSSL supports. > QUIET=y > ifeq ($(QUIET),y) > Q:=@ > else > Q:= > endif > > in the makefiles, and allowing one to override QUIET from the command line. -- Tim RiceMultitalents(707) 887-1469 t...@multitalents.net __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: typo/bug in s3_srvr.c
On Tue, 24 Jul 2007, Ryan Smith wrote: > True, but the result of "( anything | non-zero value)" will be a non-zero > value and a non-zero value evaluates to true, yes?. If EVP_PKT_SIGN were > zero, then the statement would be equivalent to: > > if ((peer != NULL) && (type)) That'll teach tm to post when my mind is not fully present. OK, I'll quietly go back to the otehr 5 things I'm working on this morning. -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: typo/bug in s3_srvr.c
On Tue, 24 Jul 2007, Ryan Smith wrote: > Line 2250 of s3_srvr.c has the following conditional statement: > > if ((peer != NULL) && (type | EVP_PKT_SIGN)) > > As EVP_PKT_SIGN is non-zero, this boils down to: > > if ((peer != NULL) && (TRUE)) But that is a bit wise OR not a logical OR. > > or just: > > if (peer != NULL) > > Should the line be: > > if ((peer != NULL) && (type & EVP_PKT_SIGN)) > > or am I missing something? > > > --Ryan Smith > -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: AES endianness difference in 0.9.8d?
On Mon, 2 Oct 2006, Bruce Stephens wrote: > Bruce Stephens <[EMAIL PROTECTED]> writes: > > [...] > > > Ah, I see a problem. > > > > The SPARC one fails the AES-128-ECB(encrypt) test: > > OK, on another box (with more up to date compiler and OS patches) it > passes, so it's probably a toolchain problem. The working one probably has 120760-09, 121015-02, & 121017-04. (Sun Studio 11 patches) -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Openssl 0.9.8x on SCO Openserver 5
On Sun, 1 Oct 2006, Roger Cornelius wrote: > On 09/30/2006 12:05, Tim Rice wrote: > > On Fri, 29 Sep 2006, Roger Cornelius wrote: > > > > Native compiler works here (w/ the HACK mentioned above) but you > > I just tried gcc. (don't need no-sha512 w/ gcc) > > All tests pass > > Regardless of what I do, I'm unable to get past the core dumping sh512t > test mentioned in my original message when building with gcc. How are > you invoking config? Do you have MP5 installed? Are you using version > 5.0.7Kj of the GNU dev tools that SCO provides? For what it's worth, I > had this problem pre-MP5 and with the previous version of the gnu dev > tools. Ethier "./config zlib" or "./config zlib-dynamic" works fine here (w/ the HACK mentioned earlier). I'm still on MP4. I'll load MP5 when I get some free time. I'm running the version of GNU dev tools in my media kit, 5.0.7g (gcc 2.95.3) Where did 5.0.7Kj come from? -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Openssl 0.9.8x on SCO Openserver 5
On Fri, 29 Sep 2006, Roger Cornelius wrote: > (I've attempted to break long lines below so mail/news readers won't.) > > I'm attempting to build openssl 0.9.8d on SCO Openserver 507 w/MP5. > I've tried using both gcc 2.95.3 and the SCO native compiler. With gcc, > make fails when compiling ui_openssl.c: > > gcc -I.. -I../.. -I../../include -fPIC -DOPENSSL_PIC -DZLIB_SHARED \ > -DZLIB -DOPENSSL_THREADS -DDSO_DLFCN -DHAVE_DLFCN_H -I/u/include \ > -R/u/lib:/u/gnu/lib -s -O3 -fomit-frame-pointer \ > -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DSHA1_ASM \ > -DMD5_ASM -DRMD160_ASM -DAES_ASM -c -o ui_openssl.o ui_openssl.c > In file included from /usr/include/posix/signal.h:35, > from /usr/include/signal.h:11, > from ui_openssl.c:126: > /usr/include/sys/signal.h:175: syntax error before `siginfo_t' Same problem with native compiler. > I worked around this with this small patch to sys/signal.h: Instead of patching sys/signal.h you could patch crypto/ui/ui_openssl.c to comment out the "#define _POSIX_C_SOURCE 1" line. That will allow OpenServer 5 to include sys/siginfo.h where siginfo_t is. I don't have time right now to come up with a "correct" solution that will not break other platforms. > If I build using SCO's native compiler, the compile dies here: > > cc -I. -I.. -I../include -Kpic -DOPENSSL_PIC -DZLIB_SHARED -DZLIB \ > -DOPENSSL_THREADS -DDSO_DLFCN -DHAVE_DLFCN_H -I/u/include \ > -R/u/lib:/u/gnu/lib -s -belf -DOPENSSL_BN_ASM_PART_WORDS \ > -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM \ > -c -o x86cpuid-elf.o x86cpuid-elf.s > UX:i386as: ERROR: x86cpuid-elf.s:144:invalid operand combination: pxor Native compiler works here (w/ the HACK mentioned above) but you need to specify no-sse2 and no-sha512 at configure time. I just tried gcc. (don't need no-sha512 w/ gcc) All tests pass -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Proxy module
On Fri, 29 Sep 2006, Kyle Hamilton wrote: > Next, create a diff -c (contextual diff) against the current CVS, > including changes to the makefiles. diff -u is even better. -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #1337] Bug: Crash in openssl0.9.8b in obj_name_cmp
On Sat, 27 May 2006, [EMAIL PROTECTED] via RT wrote: > > I am using Openssh 3.8.1p1 on Solaris 2.8 compiled with gcc 3.2.3. I have > nsswitch configured to use file and PADLs ldap module. > When I use nss_ldap without SSL In can login without problem, but with SSL > enabled sshd crashes. When I use openssl 0.9.8b sshd crashes in > obj_name_cmp(line > 101): Are your nss_ldap and pam_ldap modules built with openssl-0.9.8b? -- Tim RiceMultitalents [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: [patch] make AES-cfb128-encrypt faster by uglifying it
On Thu, 25 May 2006, Alex Dubov wrote: > > > Hello. > > > I was working on apache project using openssl and > > > found that using larger integers in cfb128 xor > > > improves performance by more than 50% in most > > cases. > > > There are no drawbacks whatsoever, except the look. ... --- aes_cfb.c.prev 2006-05-25 15:34:04.0 +1000 +++ aes_cfb.c 2006-05-26 14:27:43.0 +1000 @@ -125,34 +125,69 @@ const unsigned long length, const AES_KEY *key, unsigned char *ivec, int *num, const int enc) { +#define u64 unsigned long long ... What about the platforms that don't have "long long"? -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: question regarding us of openssh with openssl-0.9.7i
On Thu, 9 Mar 2006, Basavaraj Bendigeri wrote: > Tim Rice wrote: > > On Wed, 8 Mar 2006, Basavaraj Bendigeri wrote: > > > Hi, > > > I am facing a problem when using openssh-3.9 with > > > openssl-0.9.7i. Both ssh and sshd are crashing. > > > I have compiled openssl with fips. > > > But openssh has not been changed at all. > > > > Does this imply that you have updated the OpenSSL libs without > > recompiling OpenSSH? If so, recompile OpenSSH and try again. > > Better yet, compile the current version of OpenSSH. > > > I have compiled openssh also. What I meant was that I have'nt made any > changes to the source code of openssh. There are 2 scenarios in which I tried > to run openssh > 1. Openssl with fips code. > Openssh compiled with this library but no fips api is invoked. I just built openssl in fips mode and compiled openssh 4.3p2 against it. All regression tests pass. > > 2. Openssl without fips code. > Openssh compiled with this library but no fips api is invoked. > > I see the crash in the first case but not in the second case. > Does openssl do anything different in the first case ? > Thanks > -Basavaraj -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
aes/asm/fips-ax86-elf.s
There is a trailing comma on line 432 of aes/asm/fips-ax86-elf.s causing some assemblers to error. making all in fips/aes... cc -c -o asm/fips-ax86-elf.o asm/fips-ax86-elf.s UX:as: ERROR: asm/fips-ax86-elf.s:432:syntax error at ; or new-line UX:as: WARNING: asm/fips-ax86-elf.s:437:name already bound as global: AES_Te UX:as: WARNING: asm/fips-ax86-elf.s:968:name already bound as global: AES_Td UX:as: WARNING: asm/fips-ax86-elf.s:1009:name already bound as global: AES_Te UX:as: WARNING: asm/fips-ax86-elf.s:1010:name already bound as global: AES_Td UX:as: WARNING: asm/fips-ax86-elf.s:1340:name already bound as global: AES_Te UX:as: WARNING: asm/fips-ax86-elf.s:1576:name already bound as global: AES_Td UX:as: WARNING: asm/fips-ax86-elf.s:1577:name already bound as global: AES_Te *** Error code 1 (bu21) -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: question regarding us of openssh with openssl-0.9.7i
On Wed, 8 Mar 2006, Basavaraj Bendigeri wrote: > Hi, > I am facing a problem when using openssh-3.9 with > openssl-0.9.7i. Both ssh and sshd are crashing. > I have compiled openssl with fips. > But openssh has not been changed at all. Does this imply that you have updated the OpenSSL libs without recompiling OpenSSH? If so, recompile OpenSSH and try again. Better yet, compile the current version of OpenSSH. [snip] > Has anybody tested openssh with openssl- 0.9.7i > and was there any problem with the same. Works fine here but I did not compile openssl in FIPS mode. ... [EMAIL PROTECTED] 3% ssh -V OpenSSH_4.3p2, OpenSSL 0.9.7i 14 Oct 2005 ... > Thanks in advance for your reply > -Basavaraj -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Typo ?
On Tue, 31 Jan 2006, Kyle Hamilton wrote: > I forget the order of precedence -- does the unary ! have a higher > priority than the comparison operator != ? Yes. http://www.isthe.com/chongo/tech/comp/c/c-precedence.html > > i.e., the original code is > > if (!(data->state) != BIO_CONN_S_OK) > > What on earth is this supposed to do? > > data->state == (anything except 0): > !(data->state) == 0. > if (0 != BIO_CONN_S_OK)? > > data->state == 0: > !(data->state) == 1. > if (1 != BIO_CONN_S_OK)? > > -Kyle H > [snip] -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Still a few issues. Release delayed...
On Tue, 28 Jun 2005, Richard Levitte - VMS Whacker wrote: > Hi, > > The release is delayed again. There are a couple of issues that I > think need to be checked. I hope we'll be through with this in a > week. Things are looking much better here. The Makefile changes (make depend) are working on my system V makes now. Builds and passes tests on: UnixWare 2.03 w/ native compiler UnixWare 7.1.1 w/ native compiler UnixWare 7.1.4 w/ native compiler OpenServer 5.0.4 w/ native compiler OpenServer 5.0.7 w/ native compiler [1] OpenServer 5.0.7 w/ gcc [1] OpenServer 6.0.0 w/ native compiler OpenLinux 3.1.1 Xandros 2.5 Business Solaris 8 (sparc) w/ gcc [1] Needs a small patch to crypto/ui/ui_openssl.c to work around "broken?" system headers. -#define _POSIX_C_SOURCE 1 +#define _POSIX_C_SOURCE 199506 (This is OpenServer 5.0.7 specific. That patch will break other platforms.) > > Cheers, > Richard > > - > Please consider sponsoring my work on free software. > See http://www.free.lp.se/sponsoring.html for details. > -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
0.9.8 config: UnixWare7 & OpenServer 6
I was looking over the UnixWare bits in config and it looks like it could be simplified (a little) and at the same time add support for OpenServer 6. Since OpenUNIX is really UnixWare 7.1.2 and OpenServer 6 uses the UnixWare kernel and SVR5 ABI/API we can have a single unixware-7 target for all three. The "uname -X | grep Release" on OpenServer 6 givs us "Release = 5v6.0.0" so we'll need5|5v6*) at about line 87. Then we can scrap lines 96 and 97 in favor of x[678]*) echo "i586-sco-unixware7"; exit 0 ;; Then down at about line 678 we can combine (and enhance) the *-*-OpenUNIX*) and *-*-[Uu]nix[Ww]are7) OUT="unixware-7"; options="$options no-sse2" ;; cases into something that looks like this *-*-[Uu]nix[Ww]are7) if [ "$CC" = "gcc" ]; then OUT="unixware-7-gcc" ; options="$options no-sse2" else OUT="unixware-7" ; options="$options -no-sse2 -D__i386__" fi ;; See "Undefined symbol OPENSSL_ia32cap_P" thread for why I've added -D__i386__ -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] --- openssl-0.9.8/config.old2005-06-24 14:25:49.380089008 -0700 +++ openssl-0.9.8/config2005-06-24 22:26:18.287609027 -0700 @@ -84,7 +84,7 @@ 4.2) echo "whatever-whatever-unixware1"; exit 0 ;; - 5) + 5|5v6*) case "x${VERSION}" in # We hardcode i586 in place of ${MACHINE} for the # following reason. The catch is that even though Pentium @@ -93,8 +93,7 @@ # with i386 is that it makes ./config pass 386 to # ./Configure, which in turn makes make generate # inefficient SHA-1 (for this moment) code. - x7*) echo "i586-sco-unixware7"; exit 0 ;; - x8*) echo "i586-unkn-OpenUNIX${VERSION}"; exit 0 ;; + x[678]*) echo "i586-sco-unixware7"; exit 0 ;; esac ;; esac @@ -675,14 +674,13 @@ *-*-osf) OUT="osf1-alpha-cc" ;; *-*-tru64) OUT="tru64-alpha-cc" ;; - *-*-OpenUNIX*) + *-*-[Uu]nix[Ww]are7) if [ "$CC" = "gcc" ]; then - OUT="OpenUNIX-8-gcc" + OUT="unixware-7-gcc" ; options="$options no-sse2" else - OUT="OpenUNIX-8" + OUT="unixware-7" ; options="$options -no-sse2 -D__i386__" fi ;; - *-*-[Uu]nix[Ww]are7) OUT="unixware-7"; options="$options no-sse2" ;; *-*-[Uu]nix[Ww]are20*) OUT="unixware-2.0"; options="$options no-sse2 no-sha512" ;; *-*-[Uu]nix[Ww]are21*) OUT="unixware-2.1"; options="$options no-sse2 no-sha512" ;; *-*-vos)
Re: [CVS] OpenSSL: openssl/ Makefile.org openssl/apps/ Makefile openssl/cr...
On Thu, 23 Jun 2005, Andy Polyakov wrote: > R> appro> Jumbo Makfiles update. > > appro> appro> - eliminate ambiguities between GNU-ish and SysV-ish > > Hmm, are you planning on doing this in 0.9.8-stable as well? > > Yes, I was going to "nominate" it for 0.9.8 after some further polishing and > cross-testing on a number platforms. A. It's looking much better on my system V platforms. -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: OpenSSL_0_9_8-stable CVS
On Sun, 19 Jun 2005, Tim Rice wrote: > > OpenSSL_0_9_8-stable CVS pulled Sun Jun 19 12:25:10 PDT 2005 > > ** OpenServer 5.0.7: ./config shared zlib-dynamic ** > After patching crypto/ui/ui_openssl.c it builds and passes tests. > > -#define _POSIX_C_SOURCE 1 > +#define _POSIX_C_SOURCE 199506 > [snip] > The following platforms build and pass tests with or without > patching crypto/ui/ui_openssl.c I take that back. Patching crypto/ui/ui_openssl.c breaks UnixWare 7 and OpenServer 6 [snip] -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
util/selftest.pl
I noticed "make report" didn't show the cc version on most of my System V platforms. This patch corrects this. ... --- util/selftest.pl.old2005-06-06 10:33:44.799342000 -0700 +++ util/selftest.pl2005-06-20 11:39:22.485698005 -0700 @@ -49,7 +49,7 @@ } $cversion=`$cc -v 2>&1`; -$cversion=`$cc -V 2>&1` if $cversion =~ "usage"; +$cversion=`$cc -V 2>&1` if $cversion =~ "[Uu]sage"; $cversion=`$cc -V |head -1` if $cversion =~ "Error"; $cversion=`$cc --version` if $cversion eq ""; $cversion =~ s/Reading specs.*\n//; ... Ideally it would be $cversion=`$cc -V 2>&1 | head -1` if $cversion =~ "[Uu]sage"; on the affected platforms but I don't know if the "head -1" would adversely affect the platforms that $cversion=`$cc -V 2>&1` if $cversion =~ "usage"; was supposed to catch. -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
OpenSSL_0_9_8-stable CVS
-- ** Xandros 2.5 Business: ./config shared OpenSSL self-test report: OpenSSL version: 0.9.8-beta6 Last change: Correct naming of the 'chil' and '4758cca' ENGINEs. Thi... Options: enable-shared -mcpu=pentium no-gmp no-krb5 no-mdc2 no-rc5 no-zlib no-zlib-dynamic OS (uname): Linux xbiz 2.4.24-x1 #1 SMP Fri Feb 20 16:30:52 EST 2004 i686 GNU/Linux OS (config): i686-whatever-linux2 Target (default): linux-elf Target: linux-elf Compiler: Configured with: ../src/configure -v --enable-languages=c,c++,java,f77,pascal,objc,ada,treelang --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --with-gxx-include-dir=/usr/include/c++/3.3 --enable-shared --with-system-zlib --enable-nls --without-included-gettext --enable-__cxa_atexit --enable-clocale=gnu --enable-debug --enable-java-gc=boehm --enable-java-awt=xlib --enable-objc-gc i486-linux Thread model: posix gcc version 3.3.2 20031005 (Debian prerelease) Test passed. -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
make depend
OpenSSL_0_9_8-stable pulled Mon Jun 6 10:03:25 PDT 2005 ... making dependencies crypto... [ -z "depend" -o -f buildinf.h ] || touch buildinf.h # fake buildinf.h if it does not exist [ -z "depend" ] || ../util/domd .. -MD makedepend -- -DOPENSSL_THREADS -Kthread -DFILIO_H -DNO_STRINGS_H -I. -I.. -I../include -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_GMP -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_SHA512 -- cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c o_time.c o_str.c o_dir.c [ -z "depend" -o -s buildinf.h ] || rm buildinf.h making depend in crypto/objects... ../util/domd .. -MD makedepend -- -g -I.. -I../.. -I../../include -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_GMP -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_SHA512 -- o_names.c obj_dat.c obj_lib.c obj_err.c UX:make: ERROR: cannot load ../util/domd (bu24). *** Error code 1 (bu21) UX:make: ERROR: fatal error. ... The path to domd is not being updated when going into the crypto subdirectories. -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Undefined symbol OPENSSL_ia32cap_P
On Tue, 31 May 2005, Tim Rice wrote: [snip] Now to track down the test failure (test SSL protocol). That was me forgeting about UnixWare 7.1.1 having an optimizer bug when you use the -Kpentium_pro flag. Tests fine without it. . test sslv3 with client authentication Available compression methods: NONE client authentication depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2 ERROR in SERVER 16395:error:1408E098:SSL routines:SSL3_GET_MESSAGE:excessive message size:s3_both.c:449: SSLv3, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 512 bit RSA 1 handshakes of 256 bytes done *** Error code 1 (bu21) . -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: SHA512
On Tue, 31 May 2005, Andy Polyakov wrote: `/var/local/src/libs/openssl-0.9.8/crypto/sha' cc -I.. -I../.. -I../../include -DOPENSSL_THREADS -Kthread -DFILIO_H -DNO_STRINGS_H -c sha_dgst.c UX:acomp: ERROR: "../../include/openssl/sha.h", line 172: invalid type combination UX:acomp: ERROR: "../../include/openssl/sha.h", line 173: invalid type combination UX:acomp: ERROR: "../../include/openssl/sha.h", line 175: invalid type combination gmake[2]: *** [sha_dgst.o] Error 1 This problem still exists with the OpenSSL_0_9_8-stable branch pulled Mon May 30 19:47:25 PDT 2005. Can you confirm that problem persists even if you './config no-sha512'(*)? If you can confirm this, then you would have to speculate why does it happen in your opinion. A. Adding no-sha512 to the config line is not enough. I also have to add -DOPENSSL_NO_SHA512 Now the UnixWare 2.03 box bombs at ... making all in crypto/pqueue... cc -I.. -I../.. -I../../include -DOPENSSL_THREADS -Kthread -DOPENSSL_NO_ SHA512 -DFILIO_H -DNO_STRINGS_H -c pqueue.c UX:acomp: ERROR: "./pqueue.h", line 73: Syntax error before or at: BN_ULLONG UX:acomp: ERROR: "./pqueue.h", line 73: cannot recover from previous errors *** Error code 1 (bu21) ... Another "no 64bit data type" error. (PQ_64BIT) I don't see any way to disable that section. Maybe at some point you just want to say "We no longer support older compilers that do not have some 64bit data type". I'd be OK with that (OpenSSH is already there). It would just need to be documented and then I'd just have to patch Configure to remove a couple of cc targets and add gcc targets. -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Undefined symbol OPENSSL_ia32cap_P
On Tue, 31 May 2005, Andy Polyakov wrote: OpenSSL_0_9_8-stable branch pulled Mon May 30 19:47:25 PDT 2005. On my unixware-7 boxes configured with the shared & no-sse2 options i'm getting this error. Undefinedfirst referenced symbol in file OPENSSL_ia32cap_P ../libcrypto.so You have to speculate why do you think this happens. OPENSSL_ia32cap_P is expected to be unconditionally declared on x86 and x86_64 platforms regardless no-sse2 or no-whatever. With sufficient no-everything it will remain uninitialized, but it's expected to be there. See crypto/cryptlib.c. Is it possible that target in question doesn't define __i386 or __i386__? When you pass -Kpentium_pro? A. With or without -Kpentium_pro it doesn't define __i386 or __i386__ It does define i386 If I "./config shared -D__i386__ -Kpentium_pro no-sse2" it builds fine. Perhaps add -D__i386__ to the unixware-7 target in Configure. Now to track down the test failure (test SSL protocol). test sslv3 with client authentication Available compression methods: NONE client authentication depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2 ERROR in SERVER 16395:error:1408E098:SSL routines:SSL3_GET_MESSAGE:excessive message size:s3_both.c:449: SSLv3, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 512 bit RSA 1 handshakes of 256 bytes done *** Error code 1 (bu21) -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
When do we stop supporting old platforms?
I notice my OpenServer 3 box will not compile the 0.9.8 betas. ... [EMAIL PROTECTED] 13% make making all in crypto... sh[2]: 13003 Memory fault(coredump) *** Error code 1 [EMAIL PROTECTED] 14% gmake making all in crypto... gmake[1]: Entering directory `/usr/local/src/libs/openssl-0.9.8/crypto' ( echo "#ifndef MK1MF_BUILD"; \ echo ' /* auto-generated by crypto/Makefile for crypto/cversion.c */'; \ echo ' #define CFLAGS "gcc -O3 -fomit-frame-pointer -Dssize_t=int -DNO_SYS_UN_H"'; \ echo ' #define PLATFORM "sco3-gcc"'; \ echo " #define DATE \"`LC_ALL=C LC_TIME=C date`\""; \ echo '#endif' ) >buildinf.h gmake[1]: execvp: /bin/sh: Arg list too long gmake[1]: *** [buildinf.h] Error 127 gmake[1]: Leaving directory `/usr/local/src/libs/openssl-0.9.8/crypto' gmake: *** [build_crypto] Error 1 [EMAIL PROTECTED] 15% ... At what point do we say "this platform is too old and too broken to support"? I'd be OK with pulling the sco3 target out of Configure for 0.9.8 and HEAD. BTW. We no longer support the sco3 target in OpenSSH portable. -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Undefined symbol OPENSSL_ia32cap_P
OpenSSL_0_9_8-stable branch pulled Mon May 30 19:47:25 PDT 2005. On my unixware-7 boxes configured with the shared & no-sse2 options i'm getting this error. LIBDEPS=" $LIBRARIES -lsocket -lnsl" \ link_app.${shlib_target} Undefined first referenced symbol in file OPENSSL_ia32cap_P ../libcrypto.so UX:ld: ERROR: openssl: fatal error: Symbol referencing errors. No output written to openssl *** Error code 1 (bu21) -< testlog from make report >- OpenSSL self-test report: OpenSSL version: 0.9.8-beta4-dev Last change: Correct naming of the 'chil' and '4758cca' ENGINEs. Thi... Options: enable-shared -Kpentium_pro no-gmp no-krb5 no-mdc2 no-rc5 no-sse2 no-zlib no-zlib-dynamic OS (uname): UnixWare uw711 5 7.1.1 i386 x86at SCO UNIX_SVR5 OS (config): i586-sco-unixware7 Target (default): unixware-7 Target: unixware-7 Compiler: UX:cc: TO FIX: Usage: cc [ -01234A:b:B:Ccd:D:e:EgGh:HI:K:l:L:o:OpPq:Q:Su:U:vVwW:X:Y:z:#Z: ] files ... Test skipped. ------ -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: SHA512
On Sat, 21 May 2005, Tim Rice wrote: It looks like SHA512 requires a 64bit data type. So on older platforms that do not have long long support, you get errors like making all in crypto/sha... gmake[2]: Entering directory `/var/local/src/libs/openssl-0.9.8/crypto/sha' cc -I.. -I../.. -I../../include -DOPENSSL_THREADS -Kthread -DFILIO_H -DNO_STRINGS_H -c sha_dgst.c UX:acomp: ERROR: "../../include/openssl/sha.h", line 172: invalid type combination UX:acomp: ERROR: "../../include/openssl/sha.h", line 173: invalid type combination UX:acomp: ERROR: "../../include/openssl/sha.h", line 175: invalid type combination gmake[2]: *** [sha_dgst.o] Error 1 This problem still exists with the OpenSSL_0_9_8-stable branch pulled Mon May 30 19:47:25 PDT 2005. -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: OpenSSL 0.9.8 Beta 1
On Fri, 20 May 2005, Andy Polyakov wrote: make[1]: Entering directory `/usr/local/src/libs/openssl-0.9.8/crypto' gcc -I. -I.. -I../include -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -mcpu=pentium -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -c -o x86cpuid-elf.o x86cpuid-elf.s x86cpuid-elf.s: Assembler messages: x86cpuid-elf.s:144: Error: suffix or operands invalid for `pxor' ./config no-sse2. It might be good idea to have ./config add it automatically for some platforms... Starting with Solaris x86 prior 5.10 and bsdi... And all unixware-* targets, and all sco3-* and sco5-* targets. Even with no-sse2 on unixware-7 I get ... $ make making all in crypto... cc -I. -I.. -I../include -Kpic -DOPENSSL_PIC -DOPENSSL_THREADS -Kthread -DDSO_DLFCN -DHAVE_DLFCN_H -O -DFILIO_H -Kalloca -DOPENSSL_BN_ASM_PART_WORDS -DS HA1_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -c -o x86cpuid-elf.o x86cpuid-elf.s UX:as: ERROR: x86cpuid-elf.s:173:syntax error at name: f UX:as: ERROR: x86cpuid-elf.s:175:syntax error at integer constant: 1 *** Error code 1 (bu21) ... Solaris 8 Configured for solaris-sparcv9-gcc. Waiting for build to finish Sending output to nohup.out [EMAIL PROTECTED] 60% make making all in crypto... ar r ../libcrypto.a cryptlib.o mem.o mem_clr.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o o_str.o o_dir.o /usr/ccs/bin/ranlib ../libcrypto.a || echo Never mind. making all in crypto/objects... cc -I.. -I../.. -I../../include -g -c o_names.c sh: cc: not found *** Error code 1 make: Fatal error: Command failed for target `o_names.o' Current working directory /usr/local/src/libs/openssl-0.9.8/crypto/objects *** Error code 1 This was a problem with /usr/ccs/bin/make, but it was fixed just prior 0.9.8-beta1 cut. And I can't reproduce it now, not with /usr/ccs/bin/make nor GNU make... What does "current working directory ... 0.9.8/" mean? That's it's not actually -beta1 tarball? If not, how old is it then? A. Things are working much better today. I'm actually working from my rsync'd CVS using the OpenSSL_0_9_8-stable tag. -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
SHA512
It looks like SHA512 requires a 64bit data type. So on older platforms that do not have long long support, you get errors like ... making all in crypto/sha... gmake[2]: Entering directory `/var/local/src/libs/openssl-0.9.8/crypto/sha' cc -I.. -I../.. -I../../include -DOPENSSL_THREADS -Kthread -DFILIO_H -DNO_STRINGS_H -c sha_dgst.c UX:acomp: ERROR: "../../include/openssl/sha.h", line 172: invalid type combination UX:acomp: ERROR: "../../include/openssl/sha.h", line 173: invalid type combination UX:acomp: ERROR: "../../include/openssl/sha.h", line 175: invalid type combination gmake[2]: *** [sha_dgst.o] Error 1 ... I tried adding -DOPENSSL_NO_SHA512 and that did not help. It looks like the "#ifndef OPENSSL_NO_SHA512" line in include/openssl/sha.h comes too late. The unixware-2.0, unixware-2.1, and sco5-cc targets should have OPENSSL_NO_SHA512 defined by default. Hmm, I may have to add a unixware-2.0-gcc target. -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: OpenSSL 0.9.8 Beta 1
On Fri, 20 May 2005, Richard Levitte - VMS Whacker wrote: In message <[EMAIL PROTECTED]> on Thu, 19 May 2005 22:14:20 -0700 (PDT), Tim Rice <[EMAIL PROTECTED]> said: Hmm... I personally do not support SCO products for political reasons, so I'm not going to offer much about them. However, it looks like the CC and CFLAGS variables do not follow along in the build for some of your platforms, and that has me a bit worried. I'll look at it today or tomorrow... If you have access to a Solaris 8 box you can see the problem there. GNU make works and the system make does not. The CHANGES file did not mention requiring GNU make now. Has this changed for 0.9.8 or is it a bug in the Makefile? Cheers, Richard -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
OpenSSL 0.9.8 Beta 1
ending output to nohup.out [EMAIL PROTECTED] 4% make making all in crypto... making all in crypto/objects... cc -I.. -I../.. -I../../include -g -c obj_dat.c obj_dat.c obj_dat.c(101) : error C2062: type 'type' unexpected *** Error code 1 The problem is it's trying to use cc when it was configured to use gcc. --- Solaris 8 Configured for solaris-sparcv9-gcc. Waiting for build to finish Sending output to nohup.out [EMAIL PROTECTED] 60% make making all in crypto... ar r ../libcrypto.a cryptlib.o mem.o mem_clr.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o o_str.o o_dir.o /usr/ccs/bin/ranlib ../libcrypto.a || echo Never mind. making all in crypto/objects... cc -I.. -I../.. -I../../include -g -c o_names.c sh: cc: not found *** Error code 1 make: Fatal error: Command failed for target `o_names.o' Current working directory /usr/local/src/libs/openssl-0.9.8/crypto/objects *** Error code 1 Same problem as the OpenServer 3 box. Configured for gcc but trying to use cc. ------- I'll try and find some time Saturday to dig deeper. -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: use of stty in config
On Tue, 25 Jan 2005, Andy Polyakov wrote: I was building the current OpenSSL_0_9_7-stable branch on my Solaris 8 box and noticed after running config my terminal kept scrolling .. [EMAIL PROTECTED] 52% Use "logout" to logout. [EMAIL PROTECTED] 52% Use "logout" to logout. .. I tracked it down to this line. (stty -icanon min 0 time 50; read waste) < /dev/tty Huh? Just for the record. That line actually originated on Solaris for a *long* time ago... And it was in use on several platforms since then... So how come the problem arises now? What is your shell? It arises now because I'm now using gcc 3.4.3 (was 2.95.2) on a 64bit machine. I'm using the C shell. Changing the stty values and not putting them back is unacceptable. Well, the original intention was/is to rely upon your shell [the one that gives you prompt] to do that, to save and restore stty settings that is. At the very least those I've tested do save and scrupulously restore them *even* if I kill ./config script with -KILL signal without giving it a chance to clean up. Your shell is the only one who can do proper job in either case, so what's the point to do something which will always be half-hearted [as we can't catch -KILL in ./config to restore stty settings]? One should rather wonder how come your shell failed to do its job... I don't know what systems you tested, but no UNIX/Linux system I've ever used would save tty values prior to executing a shell script and then restore them once the script finished. That is the job of the script. I've got Solaris 8, various flavors of Linux, UnixWare, OpenServer, and OpenBSD 3.3 here. I simple test . $ uname -a SunOS sun1 5.8 Generic_117350-16 sun4u sparc SUNW,Ultra-5_10 $ echo $0 /bin/sh $ cat > /tmp/x : (stty -icanon min 0 time 50; read waste) < /dev/tty ^D $ stty -a > /tmp/1 $ sh /tmp/x $ stty -a > /tmp/2 $ diff /tmp/1 /tmp/2 3a4 min = 0; time = 50; 5c6 < eof = ^d; eol = ; eol2 = ; swtch = ; --- eof = ; eol = 2; eol2 = ; swtch = ; 11c12 < isig icanon -xcase echo echoe echok -echonl -noflsh --- isig -icanon -xcase echo echoe echok -echonl -noflsh $ . Something like this is more appropriate. STTY=`stty -g` trap "stty $STTY" 2 (stty -icanon min 0 time 50; read waste) < /dev/tty stty $STTY Have you wondered why is "< /dev/tty" there? Because standard input in that particular place is a pipe, something you can't pull stty upon. So that suggested addition does exactly nothing:-) But once again, one should rather ^^^ Another test . $ stty -a > /tmp/1 $ cat >/tmp/x STTY=`stty -g` trap "stty $STTY" 2 (stty -icanon min 0 time 50; read waste) < /dev/tty stty $STTY $ sh /tmp/x $ stty -a > /tmp/2 $ diff /tmp/1 /tmp/2 $ . [or first] wonder [and figure out] how come your shell failed to do its job. Is it bug in your shell or is it some rare circumstances? If former, then it's somebody else's problem, if latter, then we have to understand the circumstances to see what's the proper way to address the problem. Cheers. A. __ -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
use of stty in config
I was building the current OpenSSL_0_9_7-stable branch on my Solaris 8 box and noticed after running config my terminal kept scrolling .. [EMAIL PROTECTED] 52% Use "logout" to logout. [EMAIL PROTECTED] 52% Use "logout" to logout. .. I tracked it down to this line. (stty -icanon min 0 time 50; read waste) < /dev/tty Changing the stty values and not putting them back is unacceptable. Something like this is more appropriate. STTY=`stty -g` trap "stty $STTY" 2 (stty -icanon min 0 time 50; read waste) < /dev/tty stty $STTY -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: UnixWare 2.03 build problem
On Thu, 30 Dec 2004, Andy Polyakov wrote: 0.9.7 Dec 28 2004 CVS UnixWare 2.03 has no strings.h . making all in crypto... cc -I. -I.. -I../include -DOPENSSL_THREADS -Kthread -DOPENSSL_NO_KRB5 -DOPENSSL_NO_IDEA -DOPENSSL_NO_RC5 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_MD2 -DFILIO_H -DNO_STRINGS_H -c o_str.c UX:acomp: ERROR: "o_str.c", line 64: cannot find include file: *** Error code 1 (bu21) UX:make: ERROR: fatal error. . The #include in crypto/o_str.c needs to be wrapped in a #ifndef NO_STRINGS_H similar to what is done in e_os.h Wouldn't it be more appropriate to just include e_os.h instead. A. It looks like (and tests OK on multiple platforms) you could strip the include stuff down to #include #include "e_os.h" #include "o_str.h" -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
UnixWare 2.03 build problem
0.9.7 Dec 28 2004 CVS UnixWare 2.03 has no strings.h . making all in crypto... cc -I. -I.. -I../include -DOPENSSL_THREADS -Kthread -DOPENSSL_NO_KRB5 -DOPENSSL_NO_IDEA -DOPENSSL_NO_RC5 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_MD2 -DFILIO_H -DNO_STRINGS_H -c o_str.c UX:acomp: ERROR: "o_str.c", line 64: cannot find include file: *** Error code 1 (bu21) UX:make: ERROR: fatal error. . The #include in crypto/o_str.c needs to be wrapped in a #ifndef NO_STRINGS_H similar to what is done in e_os.h -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #900] non portable additions to OpenSSL_0_9_7-stable
On Mon, 21 Jun 2004, Richard Levitte - VMS Whacker via RT wrote: > > In message <[EMAIL PROTECTED]> on Mon, 21 Jun 2004 08:49:26 +0200 (METDST), "Tim > Rice via RT" <[EMAIL PROTECTED]> said: > > rt> The FIPS stuff needs a little tune up. > rt> > rt> Makefile.org > rt> - if ! egrep 'define OPENSSL_FIPS' ..; then \ > rt> + if egrep 'define OPENSSL_FIPS' ...; then \ > rt> + : \ > rt> + else \ > > I'm sorry, but exactly what does that change? It makes it work with sh. Without the change you get ... installing libcrypto.a UX:sh (sh): ERROR: !: Not found installing libssl.a UX:sh (sh): ERROR: !: Not found installing libcrypto.so.0.9.7 ... -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #900] non portable additions to OpenSSL_0_9_7-stable
On Mon, 21 Jun 2004, Richard Levitte - VMS Whacker via RT wrote: > > In message <[EMAIL PROTECTED]> on Mon, 21 Jun 2004 08:49:26 +0200 (METDST), "Tim > Rice via RT" <[EMAIL PROTECTED]> said: > > rt> The FIPS stuff needs a little tune up. > rt> > rt> Makefile.org > rt> - if ! egrep 'define OPENSSL_FIPS' ..; then \ > rt> + if egrep 'define OPENSSL_FIPS' ...; then \ > rt> + : \ > rt> + else \ > > I'm sorry, but exactly what does that change? It makes it work with sh. Without the change you get ... installing libcrypto.a UX:sh (sh): ERROR: !: Not found installing libssl.a UX:sh (sh): ERROR: !: Not found installing libcrypto.so.0.9.7 ... -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #900] non portable additions to OpenSSL_0_9_7-stable
The FIPS stuff needs a little tune up. Makefile.org - if ! egrep 'define OPENSSL_FIPS' ..; then \ + if egrep 'define OPENSSL_FIPS' ...; then \ + : \ + else \ The "install:" section should be commented out in fips/aes/Makefile, fips/des/Makefile, and fips/sha1/Makefile as it was done in fips/dsa/Makefile. -- Tim RiceMultitalents [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
non portable additions to OpenSSL_0_9_7-stable
The FIPS stuff needs a little tune up. Makefile.org - if ! egrep 'define OPENSSL_FIPS' ..; then \ + if egrep 'define OPENSSL_FIPS' ...; then \ + : \ + else \ The "install:" section should be commented out in fips/aes/Makefile, fips/des/Makefile, and fips/sha1/Makefile as it was done in fips/dsa/Makefile. -- Tim RiceMultitalents [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
rsync on dev.openssl.org
I haven't been able to rsync CVS since Feb 3. Did something break? ... rsync: failed to connect to dev.openssl.org: Connection refused ... -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #735] Makefile.org rev 1.154.2.63 breaks OpenServer 5
On Sun, 16 Nov 2003, Lutz Jaenicke via RT wrote: > > [EMAIL PROTECTED] - Mon Oct 20 15:20:21 2003]: > > > > > In trying to build ethier the OpenSSL_0_9_7c or OpenSSL_0_9_7-stable > > branch on OpenServer 5 I discovered a change to Makefile.org that > > caused the build to fail. [snip] > > If it was important to s/ASFLAGS/ASFLAG/ in Makefile.org, perhaps > > adding ASFLAGS= $(ASFLAG) to these makefiles would be in order. > > crypto/sha/Makefile.ssl > > crypto/ripemd/Makefile.ssl > > crypto/des/Makefile.ssl > > crypto/rc4/Makefile.ssl > > crypto/bf/Makefile.ssl > > Thanks. I have added the corresponding ASFLAGS setting to these files. > Please test the next snapshot (or CVS). I must have missed these by building a striped down version. crypto/rc5/Makefile.ssl crypto/cast/Makefile.ssl > > Best regards, >Lutz -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #765] compile bug in openssl-0.9.7c
This is a duplicate of Bug #735 add ASFLAGS= $(ASFLAG) to these makefiles crypto/sha/Makefile.ssl crypto/ripemd/Makefile.ssl crypto/des/Makefile.ssl crypto/rc4/Makefile.ssl crypto/bf/Makefile.ssl On Sat, 15 Nov 2003, Chris Loelke via RT wrote: > > OS ScoOpenServer 5 > using cc compiler "sco5-cc" > > BUT . openssl-0.9.7b compiles and works fine (no errors) > > > tried openssl-f-0.9.7-stable-SNAP-20031114 (wont compile) > > lf -DSHA1_ASM -DMD5_ASM -DRMD160_ASM -c -o sha1_one.o sha1_one.c > cc -c -o asm/sx86-elf.o asm/sx86-elf.s > Assembler: sha1-586.s > aline 13: Syntax error > aline 13: illegal character > aline 1902 : Syntax error > aline 1907 : Syntax error > aline 1907 : illegal character > aline 1958 : Syntax error > make[2]: *** [asm/sx86-elf.o] Error 1 > -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #735] Makefile.org rev 1.154.2.63 breaks OpenServer 5
In trying to build ethier the OpenSSL_0_9_7c or OpenSSL_0_9_7-stable branch on OpenServer 5 I discovered a change to Makefile.org that caused the build to fail. revision 1.154.2.63 date: 2003/05/29 22:20:55; author: levitte; state: Exp; lines: +2 -2 Have ASFLAGS be defined the same way as CFLAGS causes some assembler modules to not build ... making all in crypto/sha... cc -c -o asm/sx86-elf.o asm/sx86-elf.s Assembler: sha1-586.s aline 13: Syntax error aline 13: illegal character aline 1902 : Syntax error aline 1907 : Syntax error aline 1907 : illegal character aline 1958 : Syntax error *** Error code 1 (bu21) ... If it was important to s/ASFLAGS/ASFLAG/ in Makefile.org, perhaps adding ASFLAGS= $(ASFLAG) to these makefiles would be in order. crypto/sha/Makefile.ssl crypto/ripemd/Makefile.ssl crypto/des/Makefile.ssl crypto/rc4/Makefile.ssl crypto/bf/Makefile.ssl That seems to solve the build problem here. -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: small 0.9.7c patch
On Sun, 5 Oct 2003, Mike Castle wrote: > > I believe these chmod values are better suited: > > - chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ > + chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ I seem to recall there is a performance hit on some platforms (HP ?) if the shared libs are writable. > - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig > + chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig This has been fixed. -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Makefile.org rev 1.154.2.63 breaks OpenServer 5
In trying to build ethier the OpenSSL_0_9_7c or OpenSSL_0_9_7-stable branch on OpenServer 5 I discovered a change to Makefile.org that caused the build to fail. revision 1.154.2.63 date: 2003/05/29 22:20:55; author: levitte; state: Exp; lines: +2 -2 Have ASFLAGS be defined the same way as CFLAGS causes some assembler modules to not build ... making all in crypto/sha... cc -c -o asm/sx86-elf.o asm/sx86-elf.s Assembler: sha1-586.s aline 13: Syntax error aline 13: illegal character aline 1902 : Syntax error aline 1907 : Syntax error aline 1907 : illegal character aline 1958 : Syntax error *** Error code 1 (bu21) ... If it was important to s/ASFLAGS/ASFLAG/ in Makefile.org, perhaps adding ASFLAGS= $(ASFLAG) to these makefiles would be in order. crypto/sha/Makefile.ssl crypto/ripemd/Makefile.ssl crypto/des/Makefile.ssl crypto/rc4/Makefile.ssl crypto/bf/Makefile.ssl That seems to solve the build problem here. -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: man page location
On Wed, 29 Jan 2003, Bodo Moeller wrote: > On Sun, Jan 26, 2003 at 01:31:48PM -0800, Tim Rice wrote: > > > I looks like man pages are being installed in the wrong place on > > non default installs. Ie. --prefix=/usr --openssldir=/etc/ssl > > It is intentional that we use the --openssldir value rather than the > --prefix value in such cases. Files installed to --prefix are only > those for which we can be reasonably sure that we don't have conflicts > with unrelated software. This is not the case for our man pages (our > foo.1 manpage documents 'openssl foo', not some program called 'foo', > except that if you call the 'openssl' binary using a link called > 'foo', it will automatically behave accordingly). Perhaps the ones that could conflict should be named like openssl_foo.1 -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
man page location
I looks like man pages are being installed in the wrong place on non default installs. Ie. --prefix=/usr --openssldir=/etc/ssl This should help. --< cut >--- --- Makefile.org.old2003-01-18 19:19:48.0 -0800 +++ Makefile.org2003-01-26 13:25:34.540720033 -0800 @@ -190,7 +190,7 @@ MAKEFILE= Makefile.ssl MAKE= make -f Makefile.ssl -MANDIR=$(OPENSSLDIR)/man +MANDIR=$(INSTALLTOP)/man MAN1=1 MAN3=3 SHELL=/bin/sh --< end cut >------- -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: [openssl.org #463] PATCH
On Mon, 20 Jan 2003, Shklover, Vladimir via RT wrote: > > I tested aix builds of > ftp://ftp.openssl.org/snapshot/openssl-0.9.7-stable-SNAP-20030118.tar.gz > > The results: > > --- > ./Configure aix43-cc ... shared - succeeds > --- > ./config ... shared - script fails with > ./config[59]: syntax error at line 442 : `fi' unexpected > (looks unrelated to changes concerning aix) It is unrelated and Andy fixed it. Try a newer snapshot. > ------- -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #464] TSU NOTIFICATION - encryption
On Sat, 18 Jan 2003, Andy Polyakov via RT wrote: > > > Have the 5 section look something like > > -- [snip] > Updated config is in both HEAD and 0.9.7-stable CVS. Please verify and > reply so that the ticket can be resolved. A. UX:sh (./config): ERROR: ./config: Syntax error at line 442: `fi' unexpected x8*) echo "i586-unkn-OpenUNIX${VERSION}; exit 0 ;; ^ Missed a closing quote | Other than that UnixWare 7 and OpenUNIX 8 work fine. I think we should hard code the UnixWare 2.x section (4.2MP) Pentiums were the current processor at the time 2.01 was released. If anyone is actually running 2.x on a i386 they can pass the 386 option on the command line. -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #464] TSU NOTIFICATION - encryption
On Sat, 18 Jan 2003, Andy Polyakov via RT wrote: > > > Have the 5 section look something like > > -- [snip] > Updated config is in both HEAD and 0.9.7-stable CVS. Please verify and > reply so that the ticket can be resolved. A. UX:sh (./config): ERROR: ./config: Syntax error at line 442: `fi' unexpected x8*) echo "i586-unkn-OpenUNIX${VERSION}; exit 0 ;; ^ Missed a closing quote | Other than that UnixWare 7 and OpenUNIX 8 work fine. I think we should hard code the UnixWare 2.x section (4.2MP) Pentiums were the current processor at the time 2.01 was released. If anyone is actually running 2.x on a i386 they can pass the 386 option on the command line. -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #464] TSU NOTIFICATION - encryption
On Sat, 18 Jan 2003, Andy Polyakov wrote: > > > To summarize. I'm hardcoding i586 to all Caldera/SCO targets. And > > > according to RT#460 we also should get rid of -lresolv on those > > > platforms, right? A. > > > > And yes, get rid of -lresolv on the sco5 (OpenServer 5) targets. > > The question also is if it's needed even in unixware-2.* lines. As > already mentioned openssl does not use functions normally found in > libresolv. A. libresolv has strcasecmp and libx has ftime. On UnixWare 2.1.x we could replace "-lresolv -lx" with -lc89 but UnixWare 2.0x doesn't have libc89 BTW the sco5 targets need ::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR) after -Kpic -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]