[ANNOUNCE] OpenSSL 0.9.6d beta 1 released

2002-05-10 Thread Richard Levitte - VMS Whacker 

  OpenSSL version 0.9.6d released
  ===

  OpenSSL - The Open Source toolkit for SSL/TLS
  http://www.openssl.org/

  The OpenSSL project team is pleased to announce the release of version
  0.9.6d of our open source toolkit for SSL/TLS.  This new OpenSSL version
  is mostly a bugfix release and incorporates at least 23 changes to the
  toolkit (for a complete list see http://www.openssl.org/source/exp/CHANGES).

  The most significant changes are:

o Various SSL/TLS library bugfixes.
o Fix DH parameter generation for 'non-standard' generators.

  We consider OpenSSL 0.9.6d to be the best version of OpenSSL available
  and we strongly recommend that users of older versions upgrade as
  soon as possible.  OpenSSL 0.9.6d is available for download via HTTP
  and FTP from the following master locations (you can find the various
  FTP mirrors under http://www.openssl.org/source/mirror.html):

o http://www.openssl.org/source/
o ftp://ftp.openssl.org/source/

  [1] OpenSSL comes in the form of two distributions this time.
  The reasons for this is that we want to deploy the external crypto device
  support but don't want to have it part of the normal distribution just
  yet.  The distribution containing the external crypto device support is
  popularly called engine, and is considered experimental.  It's been
  fairly well tested on Unix and flavors thereof.  If run on a system with
  no external crypto device, it will work just like the normal distribution.

  The distribution file names are:

  o openssl-0.9.6d.tar.gz [normal]
  o openssl-engine-0.9.6d.tar.gz [engine]

  Yours,
  The OpenSSL Project Team...  

Mark J. Cox Richard LevitteAndy Polyakov
Ralf S. Engelschall Bodo MöllerHolger Reif
Dr. Stephen Henson  Ulf Möller Geoff Thorpe
Ben Laurie  Lutz Jänicke   
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: [ANNOUNCE] OpenSSL 0.9.6d beta 1 released [DOS PATCH]

2002-04-20 Thread Richard Levitte - VMS Whacker 

I've looked at the two patches you sent (relative to 0.9.6d and
0.9.7).  Unfortunately, I believe that the 0.9.6d won't get applied,
because of unpredictable problems that might occur.  Therefore, I will
only comment that 0.9.7 one.

I understand the reasons behind several things you do, like the
symlink hackery.  However, I can't help but wonder why you do that at
all in Configure when util/mklink.pl already deals with the situation,
and would therefore properly take care of it when 'make links' is run.

Does system() not work in perl under DOS?  It seems like you want to
avoid using system() as much as you can.  If not, then why the hackery
of util/mklinks.pl?

Now, in certain test scripts, you have added lines that very much
remind me of C preprocessor lines.  Care to explain that, and
especially how you see them getting processed as you intended?  And
just so we're clear on this, I am not willing to patch sh scripts with
some cpp hackery like that.  Been there, done that, don't wanna do it
again.

Other than that, I've no problems with your patches.  But since the
things mentioned above are the bulk of it, I think I'll wait for your
answers :-).

-- 
Richard Levitte   \ Spannvägen 38, II \ [EMAIL PROTECTED]
Redakteur@Stacken  \ S-168 35  BROMMA  \ T: +46-8-26 52 47
\  SWEDEN   \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/

Unsolicited commercial email is subject to an archival fee of $400.
See http://www.stacken.kth.se/~levitte/mail/ for more info.
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: [ANNOUNCE] OpenSSL 0.9.6d beta 1 released

2002-04-20 Thread Corinna Vinschen 

On Fri, Apr 19, 2002 at 02:16:20PM -0700, Tim Rice wrote:
 On Wed, 17 Apr 2002, Richard Levitte - VMS Whacker wrote:
 
  The release of OpenSSL 0.9.6d is scheduled for Tuesday 2002-04-30.
  To make sure that it will work correctly, please test this version
  (especially on less common platforms), and report any problems to
  [EMAIL PROTECTED].
 
 Solaris 7 solaris-sparcv8-gcc OK
 Solaris 8 solaris-sparcv8-gcc OK
 Caldera eDesktop 2.4  linux-elf   OK
 Caldera eServer 2.3.1 linux-elf   OK
 Caldera OpenLinux 3.1.1   linux-elf   OK
 RedHat 6.2linux-elf   OK
 SCO 3.2v4.2   sco3-gccOK
 SCO 5.0.4 sco5-cc-pentium OK
 SCO 5.0.4 sco5-gccOK
 SCO 5.0.6 sco5-cc-pentium OK
 SCO 5.0.6 sco5-gccOK
 UnixWare 2.03 unixware-2.0-pentiumOK
 UnixWare 2.1.3unixware-2.1-pentiumOK
 UnixWare 7.1.1unixware-7-pentium  OK
 OpenUNIX 8.0.0OpenUNIX-8-pentium  OK

Cygwin  i686-whatever-cygwinOK

Corinna

-- 
Corinna Vinschen
Cygwin Developer
Red Hat, Inc.
mailto:[EMAIL PROTECTED]
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: [ANNOUNCE] OpenSSL 0.9.6d beta 1 released [DOS PATCH]

2002-04-20 Thread Doug Kaufman 

On Sat, 20 Apr 2002, Richard Levitte - VMS Whacker wrote:

 I've looked at the two patches you sent (relative to 0.9.6d and
 0.9.7).  Unfortunately, I believe that the 0.9.6d won't get applied,
 because of unpredictable problems that might occur.  Therefore, I will
 only comment that 0.9.7 one.

I see the point of not applying to 0.9.6d right before a release. At
least the patch is in the archives for anyone who wants to use it.

 I understand the reasons behind several things you do, like the
 symlink hackery.  However, I can't help but wonder why you do that at
 all in Configure when util/mklink.pl already deals with the situation,
 and would therefore properly take care of it when 'make links' is run.

The problem is that util/mklink.pl only works with algorithms that
are included in the build. It is called from the makefile in each
subdirectory. When algorithms are excluded (e.g., by configureing with
no-idea), then mklink.pl is never called for the excluded directories
(e.g., crypto/idea). The symlink alternatives in Configure are made
only for the excluded algorithms (@skip). The other changes are in
mklink.pl. If you don't make the links for the excluded algorithms,
there will be errors, at least with the doing make test. You may not
see this if your tar program makes the symbolic links on unpacking the
archive.
  
 Does system() not work in perl under DOS?  It seems like you want to
 avoid using system() as much as you can.  If not, then why the hackery
 of util/mklinks.pl?

System does work under DJGPP. Depending on how it is called, it may
call bash or the DOS command.com file. system() should work (I think
I submitted the original patch that put it there), but this assumes
that compatible utilities are on the system. It seemed more robust to
keep all the work within perl, rather than assuming that the correct
utilities are there.
  
 Now, in certain test scripts, you have added lines that very much
 remind me of C preprocessor lines.  Care to explain that, and
 especially how you see them getting processed as you intended?  And
 just so we're clear on this, I am not willing to patch sh scripts with
 some cpp hackery like that.  Been there, done that, don't wanna do it
 again.

Good point. I hadn't changed this since the first patch I submitted in
February 2001. I think this was simply an error on my part. I am not
sure why it seemed to work. I will try to rework this and resubmit,
so that the path manipulation works in the shell scripts. Thanks for
pointing out this basic error.

Doug
__ 
Doug Kaufman
Internet: [EMAIL PROTECTED]


__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: [ANNOUNCE] OpenSSL 0.9.6d beta 1 released [DOS PATCH]

2002-04-20 Thread Richard Levitte - VMS Whacker 

In message [EMAIL PROTECTED] on Sat, 20 Apr 
2002 09:51:44 -0700 (PDT), Doug Kaufman [EMAIL PROTECTED] said:

dkaufman On Sat, 20 Apr 2002, Richard Levitte - VMS Whacker wrote:
[...]
dkaufman  I understand the reasons behind several things you do, like the
dkaufman  symlink hackery.  However, I can't help but wonder why you do that at
dkaufman  all in Configure when util/mklink.pl already deals with the situation,
dkaufman  and would therefore properly take care of it when 'make links' is run.
dkaufman 
dkaufman The problem is that util/mklink.pl only works with algorithms that
dkaufman are included in the build. It is called from the makefile in each
dkaufman subdirectory. When algorithms are excluded (e.g., by configureing with
dkaufman no-idea), then mklink.pl is never called for the excluded directories
dkaufman (e.g., crypto/idea). The symlink alternatives in Configure are made
dkaufman only for the excluded algorithms (@skip). The other changes are in
dkaufman mklink.pl. If you don't make the links for the excluded algorithms,
dkaufman there will be errors, at least with the doing make test. You may not
dkaufman see this if your tar program makes the symbolic links on unpacking the
dkaufman archive.

In that case, it's the test programs that need to be changed so as not
to get built with any tests if the algorithm tested isn't present.

In any case, shouldn't linking with libcrypto.a produce linker errors
if you try to get algorithms that aren't there?

Checking if an algorithm is present isn't difficult.  All the
corresponding macros (OPENSSL_NO_* in 0.9.7) are stored in
openssl/opensslconf.h.

dkaufman  Does system() not work in perl under DOS?  It seems like you want to
dkaufman  avoid using system() as much as you can.  If not, then why the hackery
dkaufman  of util/mklinks.pl?
dkaufman 
dkaufman System does work under DJGPP. Depending on how it is called, it may
dkaufman call bash or the DOS command.com file. system() should work (I think
dkaufman I submitted the original patch that put it there), but this assumes
dkaufman that compatible utilities are on the system. It seemed more robust to
dkaufman keep all the work within perl, rather than assuming that the correct
dkaufman utilities are there.

OK, I can see that point.  It still works to have to call make in
Configure, right?

-- 
Richard Levitte   \ Spannvägen 38, II \ [EMAIL PROTECTED]
Redakteur@Stacken  \ S-168 35  BROMMA  \ T: +46-8-26 52 47
\  SWEDEN   \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/

Unsolicited commercial email is subject to an archival fee of $400.
See http://www.stacken.kth.se/~levitte/mail/ for more info.
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: [ANNOUNCE] OpenSSL 0.9.6d beta 1 released

2002-04-20 Thread Harald Koch 

 Solaris 7 solaris-sparcv8-gcc OK

[ etc. snipped ]

HP/UX 11hpux-parisc-cc  OK
HP/UX 11hpux64-parisc-ccOK


(Our HP/UX machines are one rolled-up patch release back from current.)

-- 
Harald Koch [EMAIL PROTECTED]

It takes a child to raze a village.
-Michael T. Fry
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: [ANNOUNCE] OpenSSL 0.9.6d beta 1 released [DOS PATCH]

2002-04-20 Thread Doug Kaufman 

On Sat, 20 Apr 2002, Richard Levitte - VMS Whacker wrote:

 dkaufman The problem is that util/mklink.pl only works with algorithms that
 dkaufman are included in the build. It is called from the makefile in each
 
 In that case, it's the test programs that need to be changed so as not
 to get built with any tests if the algorithm tested isn't present.
 
 In any case, shouldn't linking with libcrypto.a produce linker errors
 if you try to get algorithms that aren't there?

The test files are designed to report if the algorithm is not
supported, and do not attempt to use the excluded algorithm. This
provides additional security, since otherwise the algorithm might have
been accidentally excluded when it was intended to be part of openssl.
Since all the test files were constructed this way, it seemed there
was an intent to compile and test with test files whose algorithm was
excluded from the compilation. Hence I made an effort to make sure
that these files were available, even when the algorithm was excluded,
rather than avoiding the test. A sample from rc5test.c
follows:

#ifdef NO_RC5
int main(int argc, char *argv[])
{
printf(No RC5 support\n);
return(0);
}

I'll resubmit the patches with the shell scripts fixed in separate
posts.
  Doug


__ 
Doug Kaufman
Internet: [EMAIL PROTECTED]

__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: [ANNOUNCE] OpenSSL 0.9.6d beta 1 released [DOS PATCH]

2002-04-20 Thread Richard Levitte - VMS Whacker 

In message [EMAIL PROTECTED] on Sat, 20 Apr 
2002 14:44:19 -0700 (PDT), Doug Kaufman [EMAIL PROTECTED] said:

dkaufman On Sat, 20 Apr 2002, Richard Levitte - VMS Whacker wrote:
dkaufman 
dkaufman  dkaufman The problem is that util/mklink.pl only works with algorithms 
that
dkaufman  dkaufman are included in the build. It is called from the makefile in each
dkaufman  
dkaufman  In that case, it's the test programs that need to be changed so as not
dkaufman  to get built with any tests if the algorithm tested isn't present.
dkaufman  
dkaufman  In any case, shouldn't linking with libcrypto.a produce linker errors
dkaufman  if you try to get algorithms that aren't there?

Now I get it, it's the tests themselves that are missing for excluded
algorithms.  Hmm...  I'll look into it.

-- 
Richard Levitte   \ Spannvägen 38, II \ [EMAIL PROTECTED]
Redakteur@Stacken  \ S-168 35  BROMMA  \ T: +46-8-26 52 47
\  SWEDEN   \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/

Unsolicited commercial email is subject to an archival fee of $400.
See http://www.stacken.kth.se/~levitte/mail/ for more info.
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: [ANNOUNCE] OpenSSL 0.9.6d beta 1 released

2002-04-19 Thread Tim Rice 

On Wed, 17 Apr 2002, Richard Levitte - VMS Whacker wrote:

 The release of OpenSSL 0.9.6d is scheduled for Tuesday 2002-04-30.
 To make sure that it will work correctly, please test this version
 (especially on less common platforms), and report any problems to
 [EMAIL PROTECTED].

Solaris 7   solaris-sparcv8-gcc OK
Solaris 8   solaris-sparcv8-gcc OK
Caldera eDesktop 2.4linux-elf   OK
Caldera eServer 2.3.1   linux-elf   OK
Caldera OpenLinux 3.1.1 linux-elf   OK
RedHat 6.2  linux-elf   OK
SCO 3.2v4.2 sco3-gccOK
SCO 5.0.4   sco5-cc-pentium OK
SCO 5.0.4   sco5-gccOK
SCO 5.0.6   sco5-cc-pentium OK
SCO 5.0.6   sco5-gccOK
UnixWare 2.03   unixware-2.0-pentiumOK
UnixWare 2.1.3  unixware-2.1-pentiumOK
UnixWare 7.1.1  unixware-7-pentium  OK
OpenUNIX 8.0.0  OpenUNIX-8-pentium  OK

-- 
Tim RiceMultitalents(707) 887-1469
[EMAIL PROTECTED]


__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: [ANNOUNCE] OpenSSL 0.9.6d beta 1 released

2002-04-19 Thread Tim Rice 

On Wed, 17 Apr 2002, Richard Levitte - VMS Whacker wrote:

 Changes between 0.9.6c and 0.9.6d include:

   o Various SSL/TLS library bugfixes.
   o Fix DH parameter generation for 'non-standard' generators.

There are also 2 new SCO targets sco5-cc-shared and sco5-gcc-shared

sco5-gcc-shared has a problem using the assembler routines.
...
making all in crypto/md5...
[snip]
(cd asm; /usr/bin/perl md5-586.pl cpp mx86unix.cpp)
gcc -E -DELF -x c asm/mx86unix.cpp | as -o asm/mx86-elf.o
Nonexistent file
cpp: output pipe has been closed
*** Error code 1 (bu21)
...
This would work
gcc -E -DELF -x c asm/mx86unix.cpp | as -o asm/mx86-elf.o -b elf -

For 0.9.6 we should probably just remove ${x86_elf_asm} from
that Configure line.


-- 
Tim RiceMultitalents(707) 887-1469
[EMAIL PROTECTED]




__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

[ANNOUNCE] OpenSSL 0.9.6d beta 1 released

2002-04-18 Thread Richard Levitte - VMS Whacker 

The first beta release of OpenSSL 0.9.6d is now available from the
OpenSSL FTP site URL: ftp://ftp.openssl.org/source/.  This is
planned to be the only beta, as we believe that the snapshots have
been tested quite thoroughly tested by a number of people.  If
everything works as planned, the release won't differ except for
the version number.

The release of OpenSSL 0.9.6d is scheduled for Tuesday 2002-04-30.
To make sure that it will work correctly, please test this version
(especially on less common platforms), and report any problems to
[EMAIL PROTECTED].

Changes between 0.9.6c and 0.9.6d include:

  o Various SSL/TLS library bugfixes.
  o Fix DH parameter generation for 'non-standard' generators.

-- 
Richard Levitte [EMAIL PROTECTED]
OpenSSL Project http://www.openssl.org/~levitte/
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: [ANNOUNCE] OpenSSL 0.9.6d beta 1 released [DOS PATCH]

2002-04-18 Thread Doug Kaufman 

On Wed, 17 Apr 2002, Richard Levitte - VMS Whacker wrote:

 The first beta release of OpenSSL 0.9.6d is now available from the
 OpenSSL FTP site URL: ftp://ftp.openssl.org/source/.  This is

This still doesn't have the patch for DOS integrated, so it probably
won't work on platforms that don't have symbolic links. I updated the
patch for 0.9.6d and have attached it. With the patch it configures and
compiles without warnings on DJGPP. make test has no errors.
 Doug
__ 
Doug Kaufman
Internet: [EMAIL PROTECTED]



096d.pch.gz
Description: application/gunzip