Re: [openssl-dev] [openssl-team] Discussion: design issue: async and -lpthread

On Wed, Dec 09, 2015 at 02:33:46AM -0600, Nico Williams wrote: > No more installing callbacks to get locking and atomics. I should explain why. First, lock callbacks are a serious detriment to usability. Second, they are an admission that OpenSSL is incomplete. Third, if we have lock callbacks

Re: [openssl-dev] procedure for adding new engine registration

If your engine's 'destroy' isn't being invoked, you might want to have a look at what ENGINE_remove() does, and ultimately, engine_free_util() (found in crypto/engine/eng_lib.c). Those should be called as part of ENGINE_cleanup(). Cheers, Richard In message

Re: [openssl-dev] Openssl 1.0.2e is compatible with FIPS module openssl-fips-2.0.10

On 12/09/2015 12:07 AM, Patil, Ashwini IN BLR SHC wrote: > Hello All, > > Please let me know if the Openssl 1.0.2e is compatible with FIPS module > openssl-fips-2.0.10. > Your help is appreciated. The OpenSSL FIPS Object Module v2.0 (all openssl-fips-2.0.N.tar.gz tarballs for the #1747, #2398,

Re: [openssl-dev] [openssl-team] Discussion: design issue: async and -lpthread

> "have-atomics" must be known at compile time. > > "lock" should not be needed because we should always have atomics, even > when we don't have true atomics: just use a global lock in a stub > implementation of atomic_add() and such. KISS. Besides, this will add > pressure to add true atomics

Re: [openssl-dev] [openssl-users] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

To close off this thread: OpenSSL will not be making any changes. The team voted on moving a set of algorithms to maintenance mode, and removing the corresponding assembly implementations from libcrypto, but the vote did not pass. Emilia On Fri, Nov 27, 2015 at 10:19 AM, Tim Hudson

Re: [openssl-dev] [openssl-team] Discussion: design issue: async and -lpthread

> The "have-atomics" is intended to test if the callback was installed by the > user. I want to move away from runtime callback installations. It makes it too hard to know what the library is doing, if it is correct, and it complicates the code. There is almost never any reason for the

Re: [openssl-dev] [openssl-team] Discussion: design issue: async and -lpthread

+2 to Rich and Nico. Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network.   Original Message   From: Salz, Rich Sent: Wednesday, December 9, 2015 08:37 To: paul.d...@oracle.com; openssl-dev@openssl.org; Nico Williams Reply To: openssl-dev@openssl.org Subject: Re:

Re: [openssl-dev] Windows x86_64 build broken -- RE: [openssl-users] OpenSSL version 1.0.1q released (corrected download)

On Fri, Dec 04, 2015, Carl Tietjen wrote: > Folks, > > It looks like the Windows x86_64 build for OpenSSL version 1.0.1q is broken. > > > I am building a FIPS capable version, and have verified that I have the > corrected download build: SHA1 checksum: >

[openssl-dev] openssl pkeyutl unable to use keys on a PKCS11 token?

I’m having a problem, and am not sure whether it’s due to my ignorance/misuse of the tool (i.e. it should be done differently), or a bug in the tool, or it’s just not capable of doing what I want it to. What I’m trying to accomplish: use engine_pkcs11

Re: [openssl-dev] [openssl-team] Discussion: design issue: async and -lpthread

Nico, Thanks for the clarification. I was making an assumption that following the existing locking model, which did seem over complicated, was desirable. Now that that is shot down, things can be much simpler. It would make more sense to have a structure containing the reference counter and

Re: [openssl-dev] Where are include/openssl symbolic links created?

. /Configure probably said you need to run 'make depend'. I suggest you do just that. Cheers Richard On December 10, 2015 1:54:47 AM GMT+01:00, Ron Jordan wrote: >Hi Folks, > >I have test workspace on Solaris 10 where I was able to build >openssl-1.0.1p. I'm

Re: [openssl-dev] [openssl-team] Discussion: design issue: async and -lpthread

On Thu, Dec 10, 2015 at 07:06:15AM +1000, Paul Dale wrote: > Thanks for the clarification. I was making an assumption that > following the existing locking model, which did seem over complicated, > was desirable. Now that that is shot down, things can be much > simpler. Exactly :) Sorry if I

[openssl-dev] Where are include/openssl symbolic links created?

Hi Folks, I have test workspace on Solaris 10 where I was able to build openssl-1.0.1p. I'm attempting to update to openssl-1.0.1q and am running into issues. Some of the header file symbolic links in include/openssl (ec.h, ecdh.h, idea.h, mcd2.h, seed.h, whrlpool.h) are not being created

Re: [openssl-dev] openssl pkeyutl unable to use keys on a PKCS11 token?

Correction: I forgot to paste my token ID. openssl x509 -engine pkcs11 -signkey slot_0-id_d7f4b99792cc4dd708e408d3eb91b566e0a06c02 -keyform engine -in req.pem -out test.pem On Thu, Dec 10, 2015 at 8:54 AM, Paweł Witas wrote: > C:\Libs\openssl\bin>pkcs11-tool.exe --module

Re: [openssl-dev] openssl pkeyutl unable to use keys on a PKCS11 token?

C:\Libs\openssl\bin>pkcs11-tool.exe --module enigmap11.dll --login --login-type user --type privkey -O Using slot 0 with a present token (0x0) Logging in to "ENCARD Token kwalifikowany". Please enter User PIN: Private Key Object; RSA label: ID: d7f4b99792cc4dd708e408d3eb91b566e0a06c02

[openssl-dev] [openssl.org #4131] Memory leak when parsing invalid X509_ATTRIBUTE

Assigned CVE-2015-3195 and fixed now. Thanks for the report. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ___ openssl-dev mailing list To unsubscribe: