Oops, my mistake.
--
Senior Architect, Akamai Technologies
IM: richs...@jabber.at Twitter: RichSalz
> -Original Message-
> From: Rainer Jung [mailto:rainer.j...@kippdata.de]
> Sent: Saturday, January 16, 2016 5:12 AM
> To: openssl-dev@openssl.org
> Subject: Re: [openssl-dev]
> This is according to our interpretation of "type opacity", meaning that the
> type name is available but not its content. "Data hiding" is another way to p
ut
> it. This means that there will be a need to adapt, stack allocated
> EVP_CIPHER_CTX is no longer allowed, but there are functions to
Having '-DCIPHER_DEBUG' in the CFLAGS causes this error in
MingW (gcc 5.1):
ssl/ssl_lib.c:2499:58: error: 'dh_dsa' undeclared (first use in this function)
dh_tmp, rsa_enc, rsa_sign, dsa_sign, dh_rsa, dh_dsa);
(+ a lot wore warnings). Time to retire/rewrite this 'CIPHER_DEBUG'
part?
In message <5699df80.6030...@dancingdragon.be> on Fri, 15 Jan 2016 22:13:20
-0800, Joey Yandle said:
dragon> I tried building your branch on windows, but the windows Configure
dragon> targets appear to be missing:
I haven't done anything specific with Windows yet...
Seems to me this can be closed now.
Cheers
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Kurt said this is fixed in git, can be closed I guess.
Cheers
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Looks like some things are already fixed in master, does this needs any more
actions?
Cheers
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Also patches for commands:
- pkey : "0017-pkey-cmd-restore-keys-from-engine.patch"
- req : "0018-req-cmd-restore-keys-from-engine.patch"
>From 0ea1c0b9b600977e93efed4545166ec4ae245bc9 Mon Sep 17 00:00:00 2001
From: Roumen Petrov
Date: Sat, 9 Jan 2016 14:52:14 +0200
Seems fixed in master, so this can be closed.
Cheers
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Looks fixed in master, can probably be closed.
Cheers
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
PR merged, can be closed.
Cheers
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
PR merged, can be closed.
Cheers
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
PR merged, can be closed now.
Cheers
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
PR merged, can be closed.
Cheers
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
This has been (partially) fixed, so it can probably be closed.
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Seems that this works in master, so it can probably be closed.
Cheers
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
On Fri, Jan 15, 2016 at 06:08:38pm +, Viktor Dukhovni via RT wrote:
>
> > On Jan 15, 2016, at 10:32 AM, Zi Lin via RT wrote:
> >
> >
>
> Yes, this will get fixed. Thanks.
Patches merged, can be closed now.
Cheers
___
In message <20160116164653.gh12...@calimero.vinschen.de> on Sat, 16 Jan 2016
17:46:53 +0100, Corinna Vinschen said:
vinschen> > ./config --unified
vinschen>
vinschen> I tried that and it doesn't work correctly for Cygwin on x86_64.
vinschen> Rather than choosing the
On Sat, Jan 16, 2016 at 01:51:28pm +0100, Gisle Vanem wrote:
> Having '-DCIPHER_DEBUG' in the CFLAGS causes this error in
> MingW (gcc 5.1):
> ssl/ssl_lib.c:2499:58: error: 'dh_dsa' undeclared (first use in this
> function)
> dh_tmp, rsa_enc, rsa_sign, dsa_sign, dh_rsa, dh_dsa);
>
On Sat, Jan 16, 2016 at 03:03:41PM +, Alessandro Ghedini wrote:
> On Sat, Jan 16, 2016 at 01:51:28pm +0100, Gisle Vanem wrote:
> > Having '-DCIPHER_DEBUG' in the CFLAGS causes this error in
> > MingW (gcc 5.1):
> > ssl/ssl_lib.c:2499:58: error: 'dh_dsa' undeclared (first use in this
> >
In 1.0.2 branch commit 94c2f77a62be7079ab1893ab14b18a30157c4532 add
functions to set ECDSA_METHOD structure.
One on functions is to set flags. Until now ECDSA flags are defined only
in non-installed header.
1) "0003-move-some-ECDSA_METHOD-declarations-after-descriptio.patch"
First patch is
Hi Richard,
On Jan 14 21:59, Richard Levitte wrote:
> Hi,
>
> there's an effort going on to revamp the build system for future
> OpenSSL, coining it as "unified". The intention is to have one and
> the same base of information for all platforms, instead of having to
> maintain one set of files
Yes, #458 is similar but for the pkeyutl.c
I would have changed:
{"keyform", OPT_KEYFORM, 'F', "Private key format - default PEM"},
to
{"keyform", OPT_KEYFORM, 'f', "Private key format - default PEM"},
The patch also adds an additional parameter,
{"engine_impl", OPT_ENGINE_IMPL, '-', "Also
Yes, #458 is similar but for the pkeyutl.c
I would have changed:
{"keyform", OPT_KEYFORM, 'F', "Private key format - default PEM"},
to
{"keyform", OPT_KEYFORM, 'f', "Private key format - default PEM"},
The patch also adds an additional parameter,
{"engine_impl", OPT_ENGINE_IMPL, '-', "Also
While playing around with the DANE suppport in OpenSSL 1.1 I noticed
that the TLS handshake will fail if I specify an empty name:
SSL_dane_enable(ssl, "")
(AFAICT no name is needed for DANE-TA(2) RRs).
This can also be reproduced using
openssl s_client -servername "" ...
The error I'm getting
On Jan 14 15:44, Richard Levitte wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
>
>OpenSSL version 1.1.0 pre release 2 (alpha)
>===
I tried to build this for Cygwin and got some problems.
First, with 1,0.2, we built the Cygwin package
On Sat, Jan 16, 2016 at 07:42:50PM +0100, Corinna Vinschen wrote:
> On Jan 16 19:37, Corinna Vinschen wrote:
> > On Jan 14 15:44, Richard Levitte wrote:
> > > -BEGIN PGP SIGNED MESSAGE-
> > > Hash: SHA1
> > >
> > >
> > >OpenSSL version 1.1.0 pre release 2 (alpha)
> > >
On Jan 16 20:01, Corinna Vinschen wrote:
> On Jan 16 19:59, Kurt Roeckx wrote:
> > On Sat, Jan 16, 2016 at 07:42:50PM +0100, Corinna Vinschen wrote:
> > > On Jan 16 19:37, Corinna Vinschen wrote:
> > > > On Jan 14 15:44, Richard Levitte wrote:
> > > > > -BEGIN PGP SIGNED MESSAGE-
> > > > >
Hi,
FWIW I encountered the same problem last week with the statem_srvr.c.
I undestood that it was a compiler bug, but suspected there was an
underlying problem with the source code, as usually it is error in MY code
that make the compiler crashes...
:-(
So I gave a try to Visual Studio Community
yes, fixed. closing.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
On Sat, Jan 16, 2016, Bill Cox wrote:
>
> I feel keyed hashing is here to stay. Keccak also has this feature.
> Assuming I'm reading the EVP API correctly, should add support for keyed
> digests to EVP. What do you folks think?
>
Support for MAC already exists in EVP. It's possible to access
On Jan 16 19:59, Kurt Roeckx wrote:
> On Sat, Jan 16, 2016 at 07:42:50PM +0100, Corinna Vinschen wrote:
> > On Jan 16 19:37, Corinna Vinschen wrote:
> > > On Jan 14 15:44, Richard Levitte wrote:
> > > > -BEGIN PGP SIGNED MESSAGE-
> > > > Hash: SHA1
> > > >
> > > >
> > > >OpenSSL
On Sat, Jan 16, 2016 at 04:30:26AM -0800, Claus Assmann wrote:
> SSL_CTX_dane_enable.pod states:
>
> SSL_dane_enable() may be called before the SSL handshake is
> initiated with L to enable DANE for that connection.
>
> "may" seems to be a bit confusing here: if you want "to
Yes merged and closing this.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
> On Jan 16, 2016, at 3:56 PM, Claus Assmann via RT wrote:
>
> -int depth = SSL_get0_dane_authority(s, NULL, );
> +int depth = SSL_get0_dane_authority(ssl, NULL, );
> -(void) SSL_get0_dane_tlsa(s, , , , NULL, NULL);
> +(void) SSL_get0_dane_tlsa(ssl, , ,
> On Jan 16, 2016, at 3:56 PM, Claus Assmann via RT wrote:
>
> -int depth = SSL_get0_dane_authority(s, NULL, );
> +int depth = SSL_get0_dane_authority(ssl, NULL, );
> -(void) SSL_get0_dane_tlsa(s, , , , NULL, NULL);
> +(void) SSL_get0_dane_tlsa(ssl, , ,
The example uses "s" in some places instead of "ssl":
diff --git a/doc/ssl/SSL_CTX_dane_enable.pod b/doc/ssl/SSL_CTX_dane_enable.pod
index c3c203e..21788ad 100644
--- a/doc/ssl/SSL_CTX_dane_enable.pod
+++ b/doc/ssl/SSL_CTX_dane_enable.pod
@@ -210,9 +210,9 @@ the lifetime of the SSL connection.
Since 1.1.0 API will be freezed soon, can you review the
following pull-request Remi Gacogne posted:
Add an OCSP_SINGLERESP_get0_id() accessor to the OCSP_CERTID
of a OCSP_SINGLERESP
https://github.com/openssl/openssl/pull/334
Thank you!
On Sat, Jan 16, 2016, Viktor Dukhovni wrote:
> On Sat, Jan 16, 2016 at 04:30:26AM -0800, Claus Assmann wrote:
> > SSL_dane_enable() may be called before the SSL handshake is
> > initiated with L to enable DANE for that connection.
> > "may" seems to be a bit confusing here:
we did everything we want to do, closing this.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
merged, closing.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
On Sat, Jan 16, 2016, Viktor Dukhovni wrote:
> > Please try the two attached patches.
> Better version of the first patch.
Those solve the problem for me.
Thanks!
___
openssl-dev mailing list
To unsubscribe:
In message <20160116183724.gi12...@calimero.vinschen.de> on Sat, 16 Jan 2016
19:37:24 +0100, Corinna Vinschen said:
vinschen> Who had this funny idea to use the Windows definitions when building
for
vinschen> Cygwin?
I'm afraid that is lost in the thin web of history ;-)
43 matches
Mail list logo