[ANNOUNCE] OpenSSL 0.9.6d beta 1 released
OpenSSL version 0.9.6d released === OpenSSL - The Open Source toolkit for SSL/TLS http://www.openssl.org/ The OpenSSL project team is pleased to announce the release of version 0.9.6d of our open source toolkit for SSL/TLS. This new OpenSSL version is mostly a bugfix release and incorporates at least 23 changes to the toolkit (for a complete list see http://www.openssl.org/source/exp/CHANGES). The most significant changes are: o Various SSL/TLS library bugfixes. o Fix DH parameter generation for 'non-standard' generators. We consider OpenSSL 0.9.6d to be the best version of OpenSSL available and we strongly recommend that users of older versions upgrade as soon as possible. OpenSSL 0.9.6d is available for download via HTTP and FTP from the following master locations (you can find the various FTP mirrors under http://www.openssl.org/source/mirror.html): o http://www.openssl.org/source/ o ftp://ftp.openssl.org/source/ [1] OpenSSL comes in the form of two distributions this time. The reasons for this is that we want to deploy the external crypto device support but don't want to have it part of the normal distribution just yet. The distribution containing the external crypto device support is popularly called engine, and is considered experimental. It's been fairly well tested on Unix and flavors thereof. If run on a system with no external crypto device, it will work just like the normal distribution. The distribution file names are: o openssl-0.9.6d.tar.gz [normal] o openssl-engine-0.9.6d.tar.gz [engine] Yours, The OpenSSL Project Team... Mark J. Cox Richard LevitteAndy Polyakov Ralf S. Engelschall Bodo MöllerHolger Reif Dr. Stephen Henson Ulf Möller Geoff Thorpe Ben Laurie Lutz Jänicke __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [ANNOUNCE] OpenSSL 0.9.6d beta 1 released [DOS PATCH]
I've looked at the two patches you sent (relative to 0.9.6d and 0.9.7). Unfortunately, I believe that the 0.9.6d won't get applied, because of unpredictable problems that might occur. Therefore, I will only comment that 0.9.7 one. I understand the reasons behind several things you do, like the symlink hackery. However, I can't help but wonder why you do that at all in Configure when util/mklink.pl already deals with the situation, and would therefore properly take care of it when 'make links' is run. Does system() not work in perl under DOS? It seems like you want to avoid using system() as much as you can. If not, then why the hackery of util/mklinks.pl? Now, in certain test scripts, you have added lines that very much remind me of C preprocessor lines. Care to explain that, and especially how you see them getting processed as you intended? And just so we're clear on this, I am not willing to patch sh scripts with some cpp hackery like that. Been there, done that, don't wanna do it again. Other than that, I've no problems with your patches. But since the things mentioned above are the bulk of it, I think I'll wait for your answers :-). -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Unsolicited commercial email is subject to an archival fee of $400. See http://www.stacken.kth.se/~levitte/mail/ for more info. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [ANNOUNCE] OpenSSL 0.9.6d beta 1 released
On Fri, Apr 19, 2002 at 02:16:20PM -0700, Tim Rice wrote: On Wed, 17 Apr 2002, Richard Levitte - VMS Whacker wrote: The release of OpenSSL 0.9.6d is scheduled for Tuesday 2002-04-30. To make sure that it will work correctly, please test this version (especially on less common platforms), and report any problems to [EMAIL PROTECTED]. Solaris 7 solaris-sparcv8-gcc OK Solaris 8 solaris-sparcv8-gcc OK Caldera eDesktop 2.4 linux-elf OK Caldera eServer 2.3.1 linux-elf OK Caldera OpenLinux 3.1.1 linux-elf OK RedHat 6.2linux-elf OK SCO 3.2v4.2 sco3-gccOK SCO 5.0.4 sco5-cc-pentium OK SCO 5.0.4 sco5-gccOK SCO 5.0.6 sco5-cc-pentium OK SCO 5.0.6 sco5-gccOK UnixWare 2.03 unixware-2.0-pentiumOK UnixWare 2.1.3unixware-2.1-pentiumOK UnixWare 7.1.1unixware-7-pentium OK OpenUNIX 8.0.0OpenUNIX-8-pentium OK Cygwin i686-whatever-cygwinOK Corinna -- Corinna Vinschen Cygwin Developer Red Hat, Inc. mailto:[EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [ANNOUNCE] OpenSSL 0.9.6d beta 1 released [DOS PATCH]
On Sat, 20 Apr 2002, Richard Levitte - VMS Whacker wrote: I've looked at the two patches you sent (relative to 0.9.6d and 0.9.7). Unfortunately, I believe that the 0.9.6d won't get applied, because of unpredictable problems that might occur. Therefore, I will only comment that 0.9.7 one. I see the point of not applying to 0.9.6d right before a release. At least the patch is in the archives for anyone who wants to use it. I understand the reasons behind several things you do, like the symlink hackery. However, I can't help but wonder why you do that at all in Configure when util/mklink.pl already deals with the situation, and would therefore properly take care of it when 'make links' is run. The problem is that util/mklink.pl only works with algorithms that are included in the build. It is called from the makefile in each subdirectory. When algorithms are excluded (e.g., by configureing with no-idea), then mklink.pl is never called for the excluded directories (e.g., crypto/idea). The symlink alternatives in Configure are made only for the excluded algorithms (@skip). The other changes are in mklink.pl. If you don't make the links for the excluded algorithms, there will be errors, at least with the doing make test. You may not see this if your tar program makes the symbolic links on unpacking the archive. Does system() not work in perl under DOS? It seems like you want to avoid using system() as much as you can. If not, then why the hackery of util/mklinks.pl? System does work under DJGPP. Depending on how it is called, it may call bash or the DOS command.com file. system() should work (I think I submitted the original patch that put it there), but this assumes that compatible utilities are on the system. It seemed more robust to keep all the work within perl, rather than assuming that the correct utilities are there. Now, in certain test scripts, you have added lines that very much remind me of C preprocessor lines. Care to explain that, and especially how you see them getting processed as you intended? And just so we're clear on this, I am not willing to patch sh scripts with some cpp hackery like that. Been there, done that, don't wanna do it again. Good point. I hadn't changed this since the first patch I submitted in February 2001. I think this was simply an error on my part. I am not sure why it seemed to work. I will try to rework this and resubmit, so that the path manipulation works in the shell scripts. Thanks for pointing out this basic error. Doug __ Doug Kaufman Internet: [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [ANNOUNCE] OpenSSL 0.9.6d beta 1 released [DOS PATCH]
In message [EMAIL PROTECTED] on Sat, 20 Apr 2002 09:51:44 -0700 (PDT), Doug Kaufman [EMAIL PROTECTED] said: dkaufman On Sat, 20 Apr 2002, Richard Levitte - VMS Whacker wrote: [...] dkaufman I understand the reasons behind several things you do, like the dkaufman symlink hackery. However, I can't help but wonder why you do that at dkaufman all in Configure when util/mklink.pl already deals with the situation, dkaufman and would therefore properly take care of it when 'make links' is run. dkaufman dkaufman The problem is that util/mklink.pl only works with algorithms that dkaufman are included in the build. It is called from the makefile in each dkaufman subdirectory. When algorithms are excluded (e.g., by configureing with dkaufman no-idea), then mklink.pl is never called for the excluded directories dkaufman (e.g., crypto/idea). The symlink alternatives in Configure are made dkaufman only for the excluded algorithms (@skip). The other changes are in dkaufman mklink.pl. If you don't make the links for the excluded algorithms, dkaufman there will be errors, at least with the doing make test. You may not dkaufman see this if your tar program makes the symbolic links on unpacking the dkaufman archive. In that case, it's the test programs that need to be changed so as not to get built with any tests if the algorithm tested isn't present. In any case, shouldn't linking with libcrypto.a produce linker errors if you try to get algorithms that aren't there? Checking if an algorithm is present isn't difficult. All the corresponding macros (OPENSSL_NO_* in 0.9.7) are stored in openssl/opensslconf.h. dkaufman Does system() not work in perl under DOS? It seems like you want to dkaufman avoid using system() as much as you can. If not, then why the hackery dkaufman of util/mklinks.pl? dkaufman dkaufman System does work under DJGPP. Depending on how it is called, it may dkaufman call bash or the DOS command.com file. system() should work (I think dkaufman I submitted the original patch that put it there), but this assumes dkaufman that compatible utilities are on the system. It seemed more robust to dkaufman keep all the work within perl, rather than assuming that the correct dkaufman utilities are there. OK, I can see that point. It still works to have to call make in Configure, right? -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Unsolicited commercial email is subject to an archival fee of $400. See http://www.stacken.kth.se/~levitte/mail/ for more info. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [ANNOUNCE] OpenSSL 0.9.6d beta 1 released
Solaris 7 solaris-sparcv8-gcc OK [ etc. snipped ] HP/UX 11hpux-parisc-cc OK HP/UX 11hpux64-parisc-ccOK (Our HP/UX machines are one rolled-up patch release back from current.) -- Harald Koch [EMAIL PROTECTED] It takes a child to raze a village. -Michael T. Fry __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [ANNOUNCE] OpenSSL 0.9.6d beta 1 released [DOS PATCH]
On Sat, 20 Apr 2002, Richard Levitte - VMS Whacker wrote: dkaufman The problem is that util/mklink.pl only works with algorithms that dkaufman are included in the build. It is called from the makefile in each In that case, it's the test programs that need to be changed so as not to get built with any tests if the algorithm tested isn't present. In any case, shouldn't linking with libcrypto.a produce linker errors if you try to get algorithms that aren't there? The test files are designed to report if the algorithm is not supported, and do not attempt to use the excluded algorithm. This provides additional security, since otherwise the algorithm might have been accidentally excluded when it was intended to be part of openssl. Since all the test files were constructed this way, it seemed there was an intent to compile and test with test files whose algorithm was excluded from the compilation. Hence I made an effort to make sure that these files were available, even when the algorithm was excluded, rather than avoiding the test. A sample from rc5test.c follows: #ifdef NO_RC5 int main(int argc, char *argv[]) { printf(No RC5 support\n); return(0); } I'll resubmit the patches with the shell scripts fixed in separate posts. Doug __ Doug Kaufman Internet: [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [ANNOUNCE] OpenSSL 0.9.6d beta 1 released [DOS PATCH]
In message [EMAIL PROTECTED] on Sat, 20 Apr 2002 14:44:19 -0700 (PDT), Doug Kaufman [EMAIL PROTECTED] said: dkaufman On Sat, 20 Apr 2002, Richard Levitte - VMS Whacker wrote: dkaufman dkaufman dkaufman The problem is that util/mklink.pl only works with algorithms that dkaufman dkaufman are included in the build. It is called from the makefile in each dkaufman dkaufman In that case, it's the test programs that need to be changed so as not dkaufman to get built with any tests if the algorithm tested isn't present. dkaufman dkaufman In any case, shouldn't linking with libcrypto.a produce linker errors dkaufman if you try to get algorithms that aren't there? Now I get it, it's the tests themselves that are missing for excluded algorithms. Hmm... I'll look into it. -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Unsolicited commercial email is subject to an archival fee of $400. See http://www.stacken.kth.se/~levitte/mail/ for more info. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [ANNOUNCE] OpenSSL 0.9.6d beta 1 released
On Wed, 17 Apr 2002, Richard Levitte - VMS Whacker wrote: The release of OpenSSL 0.9.6d is scheduled for Tuesday 2002-04-30. To make sure that it will work correctly, please test this version (especially on less common platforms), and report any problems to [EMAIL PROTECTED]. Solaris 7 solaris-sparcv8-gcc OK Solaris 8 solaris-sparcv8-gcc OK Caldera eDesktop 2.4linux-elf OK Caldera eServer 2.3.1 linux-elf OK Caldera OpenLinux 3.1.1 linux-elf OK RedHat 6.2 linux-elf OK SCO 3.2v4.2 sco3-gccOK SCO 5.0.4 sco5-cc-pentium OK SCO 5.0.4 sco5-gccOK SCO 5.0.6 sco5-cc-pentium OK SCO 5.0.6 sco5-gccOK UnixWare 2.03 unixware-2.0-pentiumOK UnixWare 2.1.3 unixware-2.1-pentiumOK UnixWare 7.1.1 unixware-7-pentium OK OpenUNIX 8.0.0 OpenUNIX-8-pentium OK -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [ANNOUNCE] OpenSSL 0.9.6d beta 1 released
On Wed, 17 Apr 2002, Richard Levitte - VMS Whacker wrote: Changes between 0.9.6c and 0.9.6d include: o Various SSL/TLS library bugfixes. o Fix DH parameter generation for 'non-standard' generators. There are also 2 new SCO targets sco5-cc-shared and sco5-gcc-shared sco5-gcc-shared has a problem using the assembler routines. ... making all in crypto/md5... [snip] (cd asm; /usr/bin/perl md5-586.pl cpp mx86unix.cpp) gcc -E -DELF -x c asm/mx86unix.cpp | as -o asm/mx86-elf.o Nonexistent file cpp: output pipe has been closed *** Error code 1 (bu21) ... This would work gcc -E -DELF -x c asm/mx86unix.cpp | as -o asm/mx86-elf.o -b elf - For 0.9.6 we should probably just remove ${x86_elf_asm} from that Configure line. -- Tim RiceMultitalents(707) 887-1469 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[ANNOUNCE] OpenSSL 0.9.6d beta 1 released
The first beta release of OpenSSL 0.9.6d is now available from the OpenSSL FTP site URL: ftp://ftp.openssl.org/source/. This is planned to be the only beta, as we believe that the snapshots have been tested quite thoroughly tested by a number of people. If everything works as planned, the release won't differ except for the version number. The release of OpenSSL 0.9.6d is scheduled for Tuesday 2002-04-30. To make sure that it will work correctly, please test this version (especially on less common platforms), and report any problems to [EMAIL PROTECTED]. Changes between 0.9.6c and 0.9.6d include: o Various SSL/TLS library bugfixes. o Fix DH parameter generation for 'non-standard' generators. -- Richard Levitte [EMAIL PROTECTED] OpenSSL Project http://www.openssl.org/~levitte/ __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [ANNOUNCE] OpenSSL 0.9.6d beta 1 released [DOS PATCH]
On Wed, 17 Apr 2002, Richard Levitte - VMS Whacker wrote: The first beta release of OpenSSL 0.9.6d is now available from the OpenSSL FTP site URL: ftp://ftp.openssl.org/source/. This is This still doesn't have the patch for DOS integrated, so it probably won't work on platforms that don't have symbolic links. I updated the patch for 0.9.6d and have attached it. With the patch it configures and compiles without warnings on DJGPP. make test has no errors. Doug __ Doug Kaufman Internet: [EMAIL PROTECTED] 096d.pch.gz Description: application/gunzip