Re: [openssl-users] Can you suggest any technical name for changing sources from openssl-1.0.2 to openssl-1.1.0?

2016-11-29 Thread Viktor Dukhovni 

> On Nov 29, 2016, at 10:12 AM, Jakob Bohm  wrote:
> 
>> /*
>>  * OPENSSL_VERSION_NUMBER(3):
>>  *
>>  * OPENSSL_VERSION_NUMBER is a numeric release version identifier:
>>  *
>>  * MMNNFFPPS: major minor fix patch status
>>  *
> 
> Shouldn't this be
> MNNFFPPS: major minor fix patch status (only 1 nibble for major)

Yes, the comment in that file has an extra nibble for the major number,
but for portability reasons the version number is only 32 bits.

The code below the comment parses the unsigned long version number as
follows:

if (version < 0x0930) {
info->status = 0;
info->patch = version & 0x0f;
version >>= 4;
info->micro = version & 0x0f;
version >>= 4;
info->minor = version & 0x0f;
version >>= 4;
info->major = version & 0x0f;
} else if (version < 0x00905800L) {
info->patch = version & 0xff;
version >>= 8;
info->status = version & 0xf;
version >>= 4;
info->micro = version & 0xff;
version >>= 8;
info->minor = version & 0xff;
version >>= 8;
info->major = version & 0xff;
} else {
info->status = version & 0xf;
version >>= 4;
info->patch = version & 0xff;
version >>= 8;
info->micro = version & 0xff;
version >>= 8;
info->minor = version & 0xff;
version >>= 8;
info->major = version & 0xff;
if (version < 0x00906000L)
info->patch &= ~0x80;
}

So it could produce a major version > 15 on systems where long
is > 32 bits, but that's unlikely on the OpenSSL side at present.

-- 
Viktor.

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Can you suggest any technical name for changing sources from openssl-1.0.2 to openssl-1.1.0?

2016-11-29 Thread Jakob Bohm 

On 28/11/2016 21:50, Viktor Dukhovni wrote:

On Nov 28, 2016, at 3:40 PM, Salz, Rich  wrote:

Perhaps I didn't understand the original question.  If all you want to do is 
compare 1.0.2 and 1.1.0, then look at OPENSSL_VERSION_NUMBER; if defined at 
it's 0x10101000L or greater, then you;'re on the 1.1.x branch, otherwise you 
are not and therefore on 1.0.2 or earlier.

The OPENSSL_VERSION_NUMBER macro dates back to some of the earliest
OpenSSL releases, and is therefore always defined.  Postfix has the
following comment in src/tls/tls_misc.c which covers the relevant
history:

 /*
  * OPENSSL_VERSION_NUMBER(3):
  *
  * OPENSSL_VERSION_NUMBER is a numeric release version identifier:
  *
  * MMNNFFPPS: major minor fix patch status
  *

Shouldn't this be
MNNFFPPS: major minor fix patch status (only 1 nibble for major)


  * The status nibble has one of the values 0 for development, 1 to e for
  * betas 1 to 14, and f for release. Parsed OpenSSL version number. for
  * example
  *
  * 0x000906000 == 0.9.6 dev 0x000906023 == 0.9.6b beta 3 0x00090605f ==
  * 0.9.6e release
  *
  * Versions prior to 0.9.3 have identifiers < 0x0930.  Versions between
  * 0.9.3 and 0.9.5 had a version identifier with this interpretation:
  *
  * MMNNFFRBB major minor fix final beta/patch
  *
  * for example
  *
  * 0x000904100 == 0.9.4 release 0x000905000 == 0.9.5 dev
  *
  * Version 0.9.5a had an interim interpretation that is like the current
  * one, except the patch level got the highest bit set, to keep continu-
  * ity.  The number was therefore 0x0090581f.
  */





Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Can you suggest any technical name for changing sources from openssl-1.0.2 to openssl-1.1.0?

2016-11-28 Thread Viktor Dukhovni 
On Mon, Nov 28, 2016 at 04:06:33PM -0500, Ken Goldman wrote:
> On 11/28/2016 3:40 PM, Salz, Rich wrote:
> >Perhaps I didn't understand the original question.  If all you want
> >to do is compare 1.0.2 and 1.1.0, then look at
> >OPENSSL_VERSION_NUMBER; if defined at it's 0x10101000L or greater,
> >then you;'re on the 1.1.x branch, otherwise you are not and therefore
> >on 1.0.2 or earlier.
> 
> I want to compare pre 1.1 (typically 1.0) and 1.1 and up.
> 
> My 1.0 has
> 
> ./opensslv.h:#define OPENSSL_VERSION_NUMBER   0x1000105fL
> 
> My 1.1 has
> 
> ./openssl/opensslv.h:# define OPENSSL_VERSION_NUMBER  0x1010003fL
> 
> Neither agree with your example, but would comparing to 0x1010  work?

To test for 1.1.0 and up:

#if OPENSSL_VERSION_NUMBER > 0x1010
...
#endif

(testing for equality is not needed, that would be a a dev release
that predates all the betas).

-- 
Viktor.
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Can you suggest any technical name for changing sources from openssl-1.0.2 to openssl-1.1.0?

2016-11-28 Thread Ken Goldman 

On 11/28/2016 3:40 PM, Salz, Rich wrote:

Perhaps I didn't understand the original question.  If all you want
to do is compare 1.0.2 and 1.1.0, then look at
OPENSSL_VERSION_NUMBER; if defined at it's 0x10101000L or greater,
then you;'re on the 1.1.x branch, otherwise you are not and therefore
on 1.0.2 or earlier.


I want to compare pre 1.1 (typically 1.0) and 1.1 and up.

My 1.0 has

./opensslv.h:#define OPENSSL_VERSION_NUMBER 0x1000105fL

My 1.1 has

./openssl/opensslv.h:# define OPENSSL_VERSION_NUMBER  0x1010003fL

Neither agree with your example, but would comparing to 0x1010  work?

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Can you suggest any technical name for changing sources from openssl-1.0.2 to openssl-1.1.0?

2016-11-28 Thread Viktor Dukhovni 

> On Nov 28, 2016, at 3:40 PM, Salz, Rich  wrote:
> 
> Perhaps I didn't understand the original question.  If all you want to do is 
> compare 1.0.2 and 1.1.0, then look at OPENSSL_VERSION_NUMBER; if defined at 
> it's 0x10101000L or greater, then you;'re on the 1.1.x branch, otherwise you 
> are not and therefore on 1.0.2 or earlier.

The OPENSSL_VERSION_NUMBER macro dates back to some of the earliest
OpenSSL releases, and is therefore always defined.  Postfix has the
following comment in src/tls/tls_misc.c which covers the relevant
history:

/*
 * OPENSSL_VERSION_NUMBER(3):
 *
 * OPENSSL_VERSION_NUMBER is a numeric release version identifier:
 *
 * MMNNFFPPS: major minor fix patch status
 *
 * The status nibble has one of the values 0 for development, 1 to e for
 * betas 1 to 14, and f for release. Parsed OpenSSL version number. for
 * example
 *
 * 0x000906000 == 0.9.6 dev 0x000906023 == 0.9.6b beta 3 0x00090605f ==
 * 0.9.6e release
 *
 * Versions prior to 0.9.3 have identifiers < 0x0930.  Versions between
 * 0.9.3 and 0.9.5 had a version identifier with this interpretation:
 *
 * MMNNFFRBB major minor fix final beta/patch
 *
 * for example
 *
 * 0x000904100 == 0.9.4 release 0x000905000 == 0.9.5 dev
 *
 * Version 0.9.5a had an interim interpretation that is like the current
 * one, except the patch level got the highest bit set, to keep continu-
 * ity.  The number was therefore 0x0090581f.
 */

-- 
Viktor.

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Can you suggest any technical name for changing sources from openssl-1.0.2 to openssl-1.1.0?

2016-11-28 Thread Salz, Rich 
Perhaps I didn't understand the original question.  If all you want to do is 
compare 1.0.2 and 1.1.0, then look at OPENSSL_VERSION_NUMBER; if defined at 
it's 0x10101000L or greater, then you;'re on the 1.1.x branch, otherwise you 
are not and therefore on 1.0.2 or earlier.

--  
Senior Architect, Akamai Technologies
Member, OpenSSL Dev Team
IM: richs...@jabber.at Twitter: RichSalz
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Can you suggest any technical name for changing sources from openssl-1.0.2 to openssl-1.1.0?

2016-11-28 Thread Ken Goldman 
I'd like an answer to this one also.  I could not find that define.  I 
did find about 10 variations, all uncommented.


Could someone simply post the definitive answer?

On 11/23/2016 8:50 AM, Salz, Rich wrote:

Look at the OPENSSL version define.






--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Can you suggest any technical name for changing sources from openssl-1.0.2 to openssl-1.1.0?

2016-11-23 Thread Salz, Rich 
Look at the OPENSSL version define.
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] Can you suggest any technical name for changing sources from openssl-1.0.2 to openssl-1.1.0?

2016-11-23 Thread Gupta, Saurabh 
Can you please suggest any technical name for changing sources from 
openssl-1.0.2 to openssl-1.1.0 because we are supporting both openssl versions 
and To maintain these sources we are using #ifdef and #else preprocessor 
statement.


We are looking some technical  to make the difference between these 
sources.

#ifdef 

// openssl 1.1.0 sources

#else

// openssl 1.0.2 sources

#endif
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users