Hi Matt,
Thanks for the suggestion.
This is what was printed to stderr :
OPENSSL_INIT: ossl_init_base: Setting up stop handlers
OPENSSL_INIT: ossl_init_add_all_ciphers: openssl_add_all_ciphers_internal()
OPENSSL_INIT: ossl_init_add_all_digests: openssl_add_all_digests_internal()
OPENSSL_INIT: os
Yes, thanks, I was being dumb :(
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Am 17.02.2016 um 19:51 schrieb Salz, Rich:
>
>>*header = c;
>> +header++;
>
> Header isn't used after that assignment. How does this line change anything?
The call to load_iv() that occurs next, has as its first argument
header_pp which is a pointer to header:
char **header_pp = &he
Am 17.02.2016 um 19:51 schrieb Salz, Rich:
*header = c;
+header++;
Header isn't used after that assignment. How does this line change anything?
The call to load_iv() that occurs next, has as its first argument
header_pp which is a pointer to header:
char **header_pp = &header
> *header = c;
> +header++;
Header isn't used after that assignment. How does this line change anything?
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
> *header = c;
> +header++;
Header isn't used after that assignment. How does this line change anything?
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4320
Please log in as guest with password guest if prompted
--
openssl-dev mailing list
To unsubscribe: https://mta
fixed in 90fddb380977fa4f0a5de75b8fa889f29e34 pushed to master, thanks.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=3628
Please log in as guest with password guest if prompted
--
openssl-dev mailing list
To unsubscribe: http
fixed with commit 1288f26 pushed to master. thanks!
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4310
Please log in as guest with password guest if prompted
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mail
Change
https://github.com/openssl/openssl/commit/33a6d5a0e565e08758bcb6af456ec657c3a7a76a
introduced a bug in crypto/pem/pem_lib.c function
PEM_get_EVP_CIPHER_INFO(). One line was removed that is actually needed.
The following patch fixes it:
--- crypto/pem/pem_lib.c 2016-02-15 19:08:07.00
> It looks like we're in fairly good shape for the OpenSSL 1.1.0 release
> to work "out of the box".
That will be great.
> I would like to see what we can do in the way of automated testing,
> though. It should be possible to at least have Travis-CI make
> libcrypto.so for the Linux target, with
On Tue, 2016-02-09 at 02:57 +, Long, Qin wrote:
> these two weeks.>
>
> David, I agree it's really horrid to include those _lcl.h to meet
> EDK2 API requirement. I am thinking it's better to re-design some
> APIs to align the new opaque structure style. E.g. replacing the
> HmacSha1GetCo
Yea, my nice email server decided that it needed to re-send that piece. ;)
But there have been changes since our conversation in January. I’d greatly
appreciate if you could take a look at the current Github master of
openssl/libp11 (it now has subsumed engine_pkcs11, and integrated ECDH
support)
Configure does not set cflags correctly on Solaris10 x64.
In Configurations/10-main.conf line 75, it is written as
cflags => add_before("-m64 -Wall -DL_ENDIAN"),
but, it is not set to CFLAGS.
Make does not generate 64-bits code (-m64 is not used).
Configure log is attached.
% ./C
Hi Uri,
On Wed, Jan 27, 2016 at 9:25 AM, Blumenthal, Uri - 0553 - MITLL <
u...@ll.mit.edu> wrote:
> When I started to write the ECDSA code for engine_pkcs11 in 2011 the code
> to support the method hooks was not
> in the code. So I used internal OpenSSL header files to copy the
> ECDSA_METHOD a
On 16/02/16 23:25, Michel wrote:
> Hi Matt,
>
> Yes I am linking statically and I read the man about OPENSSL_init_crypto(),
> thanks.
> However I still have leaks reported.
> :-(
>
> What I have changed to adapt to v1.1 is calling OPENSSL_thread_stop() in
> each thread before it leaves,
> inste
checked into master at 21b80f9 thanks!
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4318
Please log in as guest with password guest if prompted
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/
On Tue, Feb 16, 2016 at 10:42:21AM +0100, Richard Levitte wrote:
> In message <20160216090030.ga11...@doctor.nl2k.ab.ca> on Tue, 16 Feb 2016
> 02:00:30 -0700, The Doctor said:
>
> doctor> In the make test I am getting
> doctor>
> doctor> What can do to see why these tests are failing?
>
> You
Commit e634b448c ("Defines OSSL_SSIZE_MAX") introduced a definition of
OSSL_SSIZE_MAX which broke the UEFI build. Fix that by making UEFI take
the same definition as Ultrix (ssize_t == int).
---
include/openssl/e_os2.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/include/ope
Fixed in master with commit c7b7938 thank you!
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4315
Please log in as guest with password guest if prompted
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Openssl-1.1.0-pre3 make fails with Configure option "zlib-dynamic".
Without "zlib-dynamic", make & make check passed.
With "zlib", make & make check also passed.
Tried on Solaris10 x86, with #4314 fix.
% ./Configure solaris-x86-gcc threads shared zlib-dynamic no-ssl3
% make
:
gcc -DDSO_DLFCN -
We don't have atexit() in the EDK2 environment. Firmware never exits.
---
crypto/init.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/crypto/init.c b/crypto/init.c
index 25e3dc7..c7eff8b 100644
--- a/crypto/init.c
+++ b/crypto/init.c
@@ -270,7 +270,9 @@ static void ossl_init_base(void)
Affected version: 1.0.2f
crypto/cms/cms_kari.c calls EVP_des_ede3_wrap without checking whether
OPENSSL_NO_DES is defined, and EVP_aes_XXX_wrap without checking if
OPENSSL_NO_AES is defined. See the attached patch for the fix
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4316
Pl
commit 6a78ae2821e89a8838714496524fd39d9d21fb1b is in master now, thanks!
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4313
Please log in as guest with password guest if prompted
--
openssl-dev mailing list
To unsubscribe: https:
fixed in mater.
commit 29620124ff1624af5411d8d2998fdd7b102a5d48
Author: Richard Levitte
Date: Tue Feb 16 10:27:16 2016 +0100
On solaris, the variable name sun clashes, use s_un instead
For orthogonality, we change sin -> s_in and sin6 -> s_in6 as well.
Reviewed-by: Matt Caswell
--
Rich Salz,
> If you say that removing the #ifdef instead of removing the whole code block
> that it contained was a mistake, then I shall take you at your word and
> refrain
> from harping on *too* much about how naughty it was to have a functional
> change hidden away in a commit which simply entitled itse
Hello,
Openssl-1.1.0-pre3 make fails on Solaris 10 x86, such as
make[2]: Entering directory '/tmp/openssl-1.1.0-pre3/crypto/bio'
gcc -I.. -I../.. -I../modes -I../include -I../../include -DDSO_DLFCN
-DHAVE_DLFCN_H -DOPENSSL_T
HREADS -DOPENSSL_PIC -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2
-
A GitHub Pull Request to do this would be very helpful.
We have a month and the team is busy...
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Commit 05c7b1631 ("Implement the use of heap manipulator implementions")
added 'file' and 'line' arguments to CRYPTO_free() and friends, but neglected
to fix up the !IMPLEMENTED case within CRYPTO_secure_free(). Add the missing
arguments there too.
---
crypto/mem_sec.c | 2 +-
1 file changed, 1 in
On Tue, 2015-12-08 at 12:56 +, Salz, Rich via RT wrote:
> I think that instead of the #ifdef being removed, the if() test
> should be removed. This was my mistake.
Like this, then...
https://github.com/openssl/openssl/pull/694 for HEAD
https://github.com/openssl/openssl/pull/695 for 1.0.2
I
On Tue, 2015-12-08 at 12:56 +, Salz, Rich via RT wrote:
> I think that instead of the #ifdef being removed, the if() test
> should be removed. This was my mistake.
Like this, then...
https://github.com/openssl/openssl/pull/694 for HEAD
https://github.com/openssl/openssl/pull/695 for 1.0.2
I
May I suggest that you use EVP_CIPHER_set_asn1_iv() and/or
EVP_CIPHER_get_asn1_iv()? With a temporary ASN1_TYPE to which you assign
gcp->iv, that should be perfectly possible, no?
Cheers,
Richard
Vid Ons, 17 Feb 2016 kl. 09.53.04, skrev beld...@gmail.com:
> Dear Richard,
>
> I am not sure it will
Dear Richard,
I am not sure it will not break the compatibility.
Both implementations of the GOST ciphers require access to this field.
On Wed, Feb 17, 2016 at 12:42 PM, Richard Levitte via RT
wrote:
> Hi,
>
> I'm sorry, the oiv field is EVP private. Sure, it's been accessible (and
> thoroughly
Dear Richard,
I am not sure it will not break the compatibility.
Both implementations of the GOST ciphers require access to this field.
On Wed, Feb 17, 2016 at 12:42 PM, Richard Levitte via RT
wrote:
> Hi,
>
> I'm sorry, the oiv field is EVP private. Sure, it's been accessible (and
> thoroughly
Hi,
I'm sorry, the oiv field is EVP private. Sure, it's been accessible (and
thoroughly misused in some cases) when EVP_CIPHER_CTX was open, but in essence,
it's a EVP private store of the IV that was given at EVP_CipherInit().
If you want to retain a copy of the original IV, I suggest you have o
It looks like there are some upcoming use cases that would need to be
able to use OCSP stapling to verify both the server certificate and the
intermediate CA certificate that issued that server certificate. This
would require support for RFC 6961 extensions to OCSP stapling. Since
the actual OCSP s
Dear Rich,
> Just to emphasize one important point: Our next release is planned to be
> Beta-1, in about a month. After that, no new API's or features will be
> added to OpenSSL 1.1
>
>
If so, could you take a look at RT#4267?
Thank you!
--
SY, Dmitry Belyavsky
--
openssl-dev mailing list
T
36 matches
Mail list logo