Re: OpenSSL in Nucleus

2004-07-21 Thread J Harper 
Joe,

MatrixSSL might also be an interesting possibility.
http://www.matrixssl.org
I'd actually be interested in what it takes to port to Nucleus.  We'd be
happy to consider your port for inclusion in the next release, I imagine it
would be pretty straightforward given the other embedded platforms it's been
ported to.

J

Disclaimer: I'm on the MatrixSSL team.

- Original Message - 
From: Joe smith
To: [EMAIL PROTECTED]
Sent: Wednesday, July 21, 2004 10:46 AM
Subject: OpenSSL in Nucleus

Hi,
I want to try and experiment using openssl on nucleus embedded system. Any
idea what type should I use(Windows, Cygwin, UNIX) etc.?

Thanks,
Joe

__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Openssl target architecture support

2004-07-09 Thread J Harper 
Hi Areg,

This doesn't answer your direct question, but you may want to check out
MatrixSSL; it is designed specifically for embedded SSL and VxWorks.
http://www.matrixssl.org  We actually wrote MatrixSSL as a complement to
OpenSSL for embedded platforms, so hopefully you'll find it useful.

J

- Original Message -
From: Areg Alimian
To: [EMAIL PROTECTED]
Sent: Thursday, July 08, 2004 8:46 PM
Subject: Openssl target architecture support


Hello everyone,

I'm a developer trying to use openssl in an embedded MIPS platform running
VxWorks.  When I build openssl for VxWorks/mips target and exclude some
crypto functionality with the ./Configure -no[cipher] tool, the subsequent
tests that come with the distribution fail.  However when I build everything
for Cygwin( which is the default target/os build option), everything seems
to pass.

I've spotted notes from the development community in a few places that the
default Cygwin32 build should work for most cases( i.e. target platforms )
provided you observe the endinanness by change the CFLAGS attributes to let'
s say use BIG endian instead of Little Endian which is default.

I guess my question is if the Cygwin build with BIG Endian option would work
for the case above.

Any input is much appreciated.  Thank you,

-Areg Alimian

__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Problems installing OpenSSL on Linux

2004-06-10 Thread J Harper 
This is an informative post, thank you.  I'd like to add that this is one of
the huge problems with RedHat's library and dependencies configuration.
Manually weeding through the dependencies by hand to install a new version
of OpenSSL from source is very difficult, and upgrading an entirely new
kernel and OS seems completely ludicrous to have timely security updates.
Production systems that are tested and have been running for months/years
can't go through this process each time a critical security update for
OpenSSL is released.

The OpenSSL team does a fine job of acknowledging and fixing security
issues, but if users of the most popular Linux distribution can't use them,
it seems like a huge issue.  Is there a workaround we don't know about?  How
well do other distributions handle this?  Ideally you could just use
apt-get, and have the latest version installed.

J Harper
PeerSec Networks
http://www.peersec.com

- Original Message -
From: "Shea Janet B CRBE" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, June 10, 2004 12:09 PM
Subject: RE: Problems installing OpenSSL on Linux


> Red Hat is known for customizing its packages. OpenSSL is one of the ones
that seems to be "central" to the rest of the system. It is better to use
the OpenSSL packages as released by Red Hat. You can get the latest openssl
rpm packages for 7.3 at this URL:
https://rhn.redhat.com/errata/RHSA-2003-291.html. This includes the security
fixes through September 2003 (and, I think, some the features in 0.9.7)
despite the naming of the RPM.
>
> You will note that there are several packages there. Download all that
pertain to your platform. (If you are running on a PC, that will be the i386
platform.) Include the one that starts openssl0.9.5. It is an integral part
of this group of rpms. Once you have the rpms on your system, do rpm -Fvh
... and you should be good to go.
>
> To get later versions of openssl, and stay within Red Hat, you will need
to upgrade to a currently supported version of Red Hat Linux. I switched to
Red Hat's Fedora Core 1 for my home network and have been happy with it.
>
> Janet Shea
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> Sent: Thursday, June 10, 2004 8:30
> To: [EMAIL PROTECTED]
> Subject: Problems installing OpenSSL on Linux
>
>
> I've inherited and system and an application that I can't quite get to
work.  I've got Redhat Linux 7.3 on Intel w/ OpenSSL 0.9.7 half-installed
(so it seems).  When I type "openssl", I get:
>
>   openssl: error while loading shared libraries: libssl.so.0.9.7: cannot
open shared object file: No such file or directory
>
> And, indeed, the so seems to be missing but I've looked for an RPM and
can't find one that works.  I found one on my system and one on the web but
>
>rpm -force -i therpm
>
> completes very quickly and appears to accomplish nothing.  If I
add --percent, get "100%" twice and still nothing seems to have happened.
>
> Is there an authoritative source for a Linux RPM for OpenSSL?  A pointer
would be appreciated.  Thanks.
>
>
> __
> OpenSSL Project http://www.openssl.org
> User Support Mailing List[EMAIL PROTECTED]
> Automated List Manager   [EMAIL PROTECTED]
> __
> OpenSSL Project http://www.openssl.org
> User Support Mailing List[EMAIL PROTECTED]
> Automated List Manager   [EMAIL PROTECTED]

__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Small Footprint OpenSSL

2004-05-03 Thread J Harper 
Requests for an embedded OpenSSL implementation are periodically made on
this list.  Our team worked through many of these issues trying to make a
small OpenSSL library.  Turning off the optional defines will reduce the
library by a couple hundred KB.  Going in by hand to remove code becomes
very difficult due to interdependencies, but can save another 100-200KB.  A
few weeks of work can reduce the OpenSSL size to around 500KB.

We have released an embedded SSL implementation that is under 50KB, well
commented and very easy to understand and support.  MatrixSSL is available
under a dual-license, similar to MySQL, with the open source download at
http://www.matrixssl.org

MatrixSSL was designed to fit a complementary niche to OpenSSL, download and
check it out!

J Harper
PeerSec Networks
http://www.peersec.com

__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]