When building OpenSSL 1.1.0 pre4 on Solaris Sparc for 64 Bits I get an
error, because before building crypto/bn/sparcv8plus.o first generates
crypto/bn/asm/sparcv8plus.s from crypto/bn/asm/sparcv8plus.S with the
following command
gcc -E crypto/bn/asm/sparcv8plus.S > crypto/bn/asm/sparcv8plus.s
Hello OpenSSL team,
The GOST ciphersuites currently defined are not DTLS-capable.
So it should be fixed in the ssl/s3_lib.c file.
Thank you!
--
SY, Dmitry Belyavsky
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4438
Please log in as guest with password guest if prompted
--
o
In message
on Sat, 19 Mar 2016 21:11:03 -0400, Jeffrey Walton said:
noloader> > Point is, if any of the the assertions are triggered into faulting,
noloader> > there's a but in the library and it shouldn't get released. That's
noloader> > the whole point. The tests are supposed to catch those
> Point is, if any of the the assertions are triggered into faulting,
> there's a but in the library and it shouldn't get released. That's
> the whole point. The tests are supposed to catch those and basically
> raise a big red flag.
>
> Are you telling me that according to Apple's App Store poli
In message
on Sat, 19 Mar 2016 20:09:34 -0400, Jeffrey Walton said:
noloader> > noloader> Allowing a library to make policy decisions for the
application is a
noloader> > noloader> philosophical debate.
noloader> >
noloader> > The few places we're using something that drastic is when the
inte
Fixed now. Closing ticket.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4436
Please log in as guest with password guest if prompted
--
openssl-dev m
>> This is bad news... A 32-bit pointer's sign extension is
>> implementation defined, which means it may as well be undefined
>> behavior...
>>
>> GCC sign extends. I think you can get around it with an intermediate
>> cast to uintptr_t:
>>
>>cb->aio_buf = (uint64_t)(uintptr_t)buf;
>
> The ker
On Wed, Mar 16, 2016 at 08:09:15PM +0100, Richard Levitte wrote:
> In message <20160316182629.ga10...@doctor.nl2k.ab.ca> on Wed, 16 Mar 2016
> 12:26:29 -0600, The Doctor said:
>
> doctor> On Tue, Mar 15, 2016 at 10:13:50PM +0100, Richard Levitte wrote:
> doctor> > In message <20160315205022.ga26
> noloader> Allowing a library to make policy decisions for the application is a
> noloader> philosophical debate.
>
> The few places we're using something that drastic is when the internal
> structures can only be seen as corrupt by our own fault. That's a
> point where you can expect things to g
In message
on Sat, 19 Mar 2016 19:41:28 -0400, Jeffrey Walton said:
noloader> On Sat, Mar 19, 2016 at 7:31 PM, Richard Levitte
wrote:
noloader> > In message on
Sat, 19 Mar 2016 23:08:17 +, "noloa...@gmail.com via RT"
said:
noloader> >
noloader> > rt> On Sat, Mar 19, 2016 at 6:44 AM, R
On Sat, Mar 19, 2016 at 7:31 PM, Richard Levitte wrote:
> In message on Sat, 19
> Mar 2016 23:08:17 +, "noloa...@gmail.com via RT" said:
>
> rt> On Sat, Mar 19, 2016 at 6:44 AM, Richard Levitte via RT
> wrote:
> rt> > I think that's a discussion that deserves its own new thread on
> open
In message on Sat, 19 Mar
2016 23:08:17 +, "noloa...@gmail.com via RT" said:
rt> On Sat, Mar 19, 2016 at 6:44 AM, Richard Levitte via RT
wrote:
rt> > I think that's a discussion that deserves its own new thread on
openssl-dev.
rt> >
rt> > A RT ticket is *not* the right place for a philos
% ./config --prefix=/opt/openssl
Operating system: i86pc-whatever-solaris2
Configuring for solaris64-x86_64-gcc
Configuring OpenSSL version 1.1.0-pre4 (0x0x1014L)
no-crypto-mdebug [default] OPENSSL_NO_CRYPTO_MDEBUG (skip dir)
no-crypto-mdebug-backtrace [forced] OPENSSL_NO_CRYPTO_MDEB
On Sat, Mar 19, 2016 at 6:44 AM, Richard Levitte via RT
wrote:
> I think that's a discussion that deserves its own new thread on openssl-dev.
>
> A RT ticket is *not* the right place for a philosophical discussion. Closing
> this. Please don't respond on this message, create a new thread instead.
On Sat, Mar 19, 2016 at 6:44 AM, Richard Levitte via RT
wrote:
> I think that's a discussion that deserves its own new thread on openssl-dev.
>
> A RT ticket is *not* the right place for a philosophical discussion. Closing
> this. Please don't respond on this message, create a new thread instead.
Hello,
> Already done.
>
>> It seems to be better to change '-xarch=generic64' to
> '-m64' in line
>> 196 & 201 of the same file, too.
>
> Hmm, not in line 191?
Sorry, not 196 but 191.
Regards,
--- Kiyoshi
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4453
Please lo
Vid Sat, 19 Mar 2016 kl. 10.56.00, skrev yoi_no_myou...@yahoo.co.jp:
> Patch for this:
> diff ../openssl-1.1.0-pre4.orig/Configurations/10-main.conf
> Configurations/10-main.conf
> 196c196
> < lflags => add(threads("-mt")),
> ---
> > lflags => add(threads("-mt -m64")),
Already done.
> It seems to
If you have the possibility, please try a fresh checkout of the master branch
and see if this is fixed.
Cheers,
Richard
Vid Sat, 19 Mar 2016 kl. 10.55.59, skrev yoi_no_myou...@yahoo.co.jp:
> With patch for #,
>
> % mkdir build_solaris-x86-cc
> % cd build_solaris-x86-cc
> % ../Configure solari
Working from Master on a Gentoo 13 machine, x86_64. The test was run
as root which explains one of the failures (I don't have users or SSH
set up yet).
Kernel is 4.1.15, GCC is 4.9.3.
$ make test
...
( cd test; \
SRCTOP=../. \
BLDTOP=../. \
EXE_EXT= \
/usr/bin/perl .././test/run_tests.
Hi Richard,
I believe I am just doing what I read in the 'NOTES.WIN' file :
PERL Configure ... VC-WIN32 --classic --prefix=...
CALL ms\do_nasm
nmake -f ms\ntdll.mak
nmake -f ms\ntdll.mak install
And each time I got a new nt[dll].mak file.
I first missed the '--classic' optio
Commit 674d5858df6cd3dc5cafa25875861f4742d64608, merged to master. Closing
ticket.
Cheers,
Richard
Vid Sat, 19 Mar 2016 kl. 13.38.57, skrev rainer.j...@kippdata.de:
> Hi Richard,
>
> Am 19.03.2016 um 12:49 schrieb Richard Levitte via RT:
> > So I'm wondering, what happens if you apply the attache
Vid Fre, 18 Mar 2016 kl. 19.10.42, skrev rainer.j...@kippdata.de:
> Your suggested fix would mean on platforms without "-nt" we would
> always
> rebuild and that's in fact what I observed (make test rebuilds a lot
> of
> object files) whereas the "find" variant should work on all platforms
> and on
> I think the [mostly] portable way to turn a pointer into an integral
> is a uintptr_t or size_t. I'm not sure about uintptr_t availability
> because of std=c89/90. size_t will work for most platforms; but the
> one I am aware it will fail is older hardware like i386/i486 with
> 16-bit segments an
On 17/03/16 10:49, Daniel Stenberg via RT wrote:
> Hey,
>
> In curl we call ENGINE_cleanup() as part of our OpenSSL specific cleanup
> function. When I do this with OpenSSL from git master as of right now
> (OpenSSL_1_1_0-pre4-7-ga717738) valgrind catches an illegal free:
Auto deinit automatica
On Thu, Mar 17, 2016 at 5:22 PM David Benjamin via RT
wrote:
> I'm probably going to write something to generate random inputs and stress
> all your other poly1305 codepaths against a reference implementation. I
> recommend doing the same in your own test harness, to make sure there
> aren't othe
On Tue, Mar 15, 2016 at 10:13:50PM +0100, Richard Levitte wrote:
> In message <20160315205022.ga26...@doctor.nl2k.ab.ca> on Tue, 15 Mar 2016
> 14:50:22 -0600, The Doctor said:
>
> doctor> On Tue, Mar 15, 2016 at 09:22:49PM +0100, Richard Levitte wrote:
> doctor> > In message <20160315200107.ga12
On Fri, Mar 18, 2016 at 9:18 AM, Matt Caswell via RT wrote:
>
>
> On 18/03/16 12:52, noloa...@gmail.com via RT wrote:
>> I've configured with:
>>
>> ./config enable-afalgeng
>>
>> When I run the self tests, I see:
>>
>> ../test/recipes/30-test_afalg.t ... skipped: test_afalg not
>> s
Hi,
As per my previous post, this is still the case with OpenSSL version 1.1.0
pre release 4.
The configure script generate the ntdll.mak file containing CFLAG* with
conflicting CRT switches.
De : openssl-dev [mailto:openssl-dev-boun...@openssl.org] De la part de
Michel
Envoyé : mardi 15
Perfect. Thanks for confirming. Closing this ticket now.
Cheers,
Richard
Vid Sat, 19 Mar 2016 kl. 13.39.02, skrev rainer.j...@kippdata.de:
> Works here. No more "-nt" error, no warnings or other STDERR output.
> Tested on Solaris 10 Sparc using GCC doing a 32 bit build and another
> 64
> bit buil
I had the same problem. /bin/sh on Solaris does not understand the "-nt"
operator used in the definition of the "depend" target in the top-level
Makefile, e.g. in line
if [ Makefile -nt Makefile ] ...
and elsewhere.
From "man test" on Solaris:
...
file1 -nt file2 True if file1
What happens if you run the afalgtest directly?
$ cd test
$ ./afalgtest
Matt
On 16/03/16 13:52, noloa...@gmail.com via RT wrote:
> Working from Master on a Gentoo 13 machine, x86_64. The test was run
> as root which explains one of the failures (I don't have users or SSH
> set up yet).
>
> Ker
Hi Folks,
Need help.
I’m not able to encrypt a key using passphrase, below is the error message.
**"error:0D07209B:asn1 encoding routines:ASN1_get_object:too long"**
Have already googled for error but couldn't got much info
Snippet of my code:
unsigned char pass[] = "123456";
BIO
On Thu, Mar 17, 2016 at 8:43 PM, Viktor Dukhovni
wrote:
>
>> On Mar 17, 2016, at 8:25 PM, noloa...@gmail.com via RT
>> wrote:
>>
>> Yeah, this looks fishy... According to the libc manual, 13.10 Perform
>> I/O Operations in Parallel
>> (https://www.gnu.org/software/libc/manual/html_node/Asynchron
We can't overload functions -- this is C not C++ :) So cast your pointer. Other
accessors in OpenSSL have the same issue. We're not solving it right now.
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4436
Please log in as guest with password guest if prompted
--
openssl-dev maili
Hello ! I build a release package with the suggested fix in github but php
wont load curl anyway. Any other suggestions ? I used MS VC2013 with NASM
when using 1.0.2 branch.
PHP Warning: PHP Startup: Unable to load dynamic library
'\php5\php_curl.dll' - Das Betriebssystem kann php[1912] nicht aus
The Configure script generates 'makefile', not 'ntdll.mak'. Are you
sure you haven't confused things? Could you please show us the exact
commands you used from configuration to making?
Cheers,
Richard
In message <001b01d17fcd$109d9100$31d8b300$@sa...@free.fr> on Wed, 16 Mar 2016
22:44:48 +0100
On 18/03/16 12:52, noloa...@gmail.com via RT wrote:
> I've configured with:
>
> ./config enable-afalgeng
>
> When I run the self tests, I see:
>
> ../test/recipes/30-test_afalg.t ... skipped: test_afalg not
> supported for this build
You should not need to use enable-afalgeng at
I had the same problem. /bin/sh on Solaris does not understand the "-nt"
operator used in the definition of the "depend" target in the top-level
Makefile, e.g. in line
if [ Makefile -nt Makefile ] ...
and elsewhere.
From "man test" on Solaris:
...
file1 -nt file2 True if file1 e
Well, I am not lucky !
For once that documentation exists and was recently updated, it is not
accurate :-(
I saw that '--classic' was temporary, but I did not realize that an
alternative build scheme was already there for Windows.
You cannot imagine how many times I have manually modified the ms\*
Hi Felix,
I have seen the same warning during the compilation and I agree with you that
it would be nice to have an API that takes const variable.
Regards,
Andrea
-Original Message-
From: openssl-dev [mailto:openssl-dev-boun...@openssl.org] On Behalf Of
Schüller Felix via RT
Sent: Thur
>> >Is pre4 supposed to be the same as beta1?
> Yes, it is. We should clarify that.
Wording tweaked.
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Works here. No more "-nt" error, no warnings or other STDERR output.
Tested on Solaris 10 Sparc using GCC doing a 32 bit build and another 64
bit build. Builds succeed, tests pass.
Am 19.03.2016 um 12:34 schrieb Richard Levitte via RT:
> Fixed in commit 243a98d4a03a411dfe6db727dbf90adbfa2e7474. C
Works here. No more "-nt" error, no warnings or other STDERR output.
Tested on Solaris 10 Sparc using GCC doing a 32 bit build and another 64
bit build. Builds succeed, tests pass.
Am 19.03.2016 um 12:34 schrieb Richard Levitte via RT:
Fixed in commit 243a98d4a03a411dfe6db727dbf90adbfa2e7474.
Hi Richard,
Am 19.03.2016 um 12:49 schrieb Richard Levitte via RT:
> So I'm wondering, what happens if you apply the attached patch?
Works like a charm, tested on Solaris 10 Sparc doing a 32bit build and a
64bit build. The intermediate ".s" (lower case) file no longer gets
generated and instead
Hi Richard,
Am 19.03.2016 um 12:49 schrieb Richard Levitte via RT:
So I'm wondering, what happens if you apply the attached patch?
Works like a charm, tested on Solaris 10 Sparc doing a 32bit build and a
64bit build. The intermediate ".s" (lower case) file no longer gets
generated and instea
Your fix has now been applied to the master branch. Thanks for the report.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4446
Please log in as guest wi
Am 18.03.2016 um 19:33 schrieb Richard Levitte via RT:
> Vid Fre, 18 Mar 2016 kl. 18.07.31, skrev rainer.j...@kippdata.de:
>> Am 18.03.2016 um 17:49 schrieb Richard Levitte via RT:
>>> Vid Fre, 18 Mar 2016 kl. 16.34.05, skrev rainer.j...@kippdata.de:
I had the same problem. /bin/sh on Solaris
Yes, it is. We should clarify that.
"Hanno Böck" skrev: (19 mars 2016 13:41:01 CET)
>Hi,
>
>The latest news on the openssl start page is
>16-Mar-2016Beta 1 of OpenSSL 1.1.0 is now available: please download
>and test it
>
>However the latest download on /source is
> 2016-Mar-16 17:43:30
Hi,
The latest news on the openssl start page is
16-Mar-2016Beta 1 of OpenSSL 1.1.0 is now available: please download
and test it
However the latest download on /source is
2016-Mar-16 17:43:30openssl-1.1.0-pre4.tar.gz
Is pre4 supposed to be the same as beta1?
--
Hanno Böck
https:
So I'm wondering, what happens if you apply the attached patch?
Vid Sat, 19 Mar 2016 kl. 11.02.09, skrev levitte:
> Hmmm...
>
> Actually, I'm thinkg that src2obj() should check if the original file
> exists as
> given before changing .S to .s... That should work, since we're always
> generating 'f
Fixed in commit 243a98d4a03a411dfe6db727dbf90adbfa2e7474. Can we close this
ticket for good now?
Vid Sat, 19 Mar 2016 kl. 10.14.25, skrev levitte:
> Right. A little 'exit 0' in the right spot should fix that.
>
> It's true that the dependencies that are generated depend quite a lot
> on what
> you
On 17/03/2016 06:32, Ranjith Kumar A. wrote:
> Need help.
This is a question about using the OpenSSL libraries, further discussion
should be on openssl-users; I've set 'reply-to' appropriately, but I
don't know what the mailing list will do with it.
I’m not able to encrypt a key using passphr
Applied in commit 5287761bfc34d32572b1acfd6e64fd8c0fb2f799. Closing ticket.
Vid Sat, 19 Mar 2016 kl. 10.23.09, skrev levitte:
> Right. Thanks! Will apply.
>
> Cheers,
> Richard
>
> Vid Fre, 18 Mar 2016 kl. 22.03.22, skrev rainer.j...@kippdata.de:
> > The following line in Configurations/unix-Makef
Fixed in commit c1e350577fe14e3e124cc258f742cb77a14b6ce8. Closing ticket.
Vid Sat, 19 Mar 2016 kl. 10.41.01, skrev levitte:
> Thank you. Those are caused by some improperly written L<> links. Fix coming
> up.
>
> Cheers,
> Richard
>
> Vid Sat, 19 Mar 2016 kl. 00.28.21, skrev rainer.j...@kippdata.d
Hi folks,
You know the drill. See the attached poly1305_test2.c.
$ OPENSSL_ia32cap=0 ./poly1305_test2
PASS
$ ./poly1305_test2
Poly1305 test failed.
got: 2637408fe03086ea73f971e3425e2820
expected: 2637408fe13086ea73f971e3425e2820
I believe this affects both the SSE2 and AVX2 code. It does se
I just would like to add that, for me,
'CALL ms\do_nasm'
is part of the 'configure scripts'.
Please excuse my poor english,
Michel
-Message d'origine-
De : openssl-dev [mailto:openssl-dev-boun...@openssl.org] De la part de
Richard Levitte
Envoyé : mercredi 16 mars 2016 23:37
À : openssl
>> Yeah, this looks fishy... According to the libc manual, 13.10 Perform
>> I/O Operations in Parallel
>> (https://www.gnu.org/software/libc/manual/html_node/Asynchronous-I_002fO.html):
>>
>>volatile void *aio_buf
>>
>>This is a pointer to the buffer with the data to
>>be writte
>> Is it possible that real target is so called x32, i.e. x86_64 with
>> 32-bit address space limitation? In such case linux-x32 would be the
>> right target...
>
> I don't believe this is x32 since {x86_64|amd64} and __ILP32__ are not
> defined; see preprocessor output below.
Got it. But just in
With patch for #,
% mkdir build_solaris-x86-cc
% cd build_solaris-x86-cc
% ../Configure solaris-x86-cc
% make
:
Undefined first referenced
symbol in file
padlock_xstore ./libcrypto.a(e_padlock.o)
padlock_capability
Hmmm...
Actually, I'm thinkg that src2obj() should check if the original file exists as
given before changing .S to .s... That should work, since we're always
generating 'foo.s' from 'asm/foo.S' (or 'asm/foo.pl', but that's not applicable
here)... The directory difference should make it safe.
I'l
Hi Matt,
Thank you very much for keeping me informed !
Regards,
Michel.
-Message d'origine-
De : openssl-dev [mailto:openssl-dev-boun...@openssl.org] De la part de Matt
Caswell
Envoyé : jeudi 17 mars 2016 10:37
À : openssl-dev@openssl.org
Objet : Re: [openssl-dev] libcryto 1.1 leaks sin
Hello,
Tested with patch for #, and removing gcc from path.
% ./config
Operating system: i86pc-whatever-solaris2
Configuring for solaris64-x86_64-cc
Configuring OpenSSL version 1.1.0-pre4 (0x0x1014L)
no-crypto-mdebug [default] OPENSSL_NO_CRYPTO_MDEBUG (skip dir)
no-crypto-mdebug-
On Thu, Mar 17, 2016 at 12:37:41AM +0200, Jouni Malinen wrote:
> Was the SSL_get_version() behavior changed on purpose in the Beta 1
> release? This function used to return "TLSv1" when TLS v1.0 was used
> while it is now in Beta 1 returning "TLSv1.0" for that case.
I missed this change in the re
$ git diff engines/afalg/e_afalg.c > e_afalg.patch
$ cat e_afalg.patch
diff --git a/engines/afalg/e_afalg.c b/engines/afalg/e_afalg.c
index 90d7602..4674bcf 100644
--- a/engines/afalg/e_afalg.c
+++ b/engines/afalg/e_afalg.c
@@ -127,7 +127,7 @@ static int afalg_chk_platform(void);
/* Engine Id and
I think that's a discussion that deserves its own new thread on openssl-dev.
A RT ticket is *not* the right place for a philosophical discussion. Closing
this. Please don't respond on this message, create a new thread instead.
Vid Sat, 19 Mar 2016 kl. 01.49.13, skrev noloa...@gmail.com:
> On Fri,
Thank you. Those are caused by some improperly written L<> links. Fix coming
up.
Cheers,
Richard
Vid Sat, 19 Mar 2016 kl. 00.28.21, skrev rainer.j...@kippdata.de:
> Errors during make install:
>
> Cannot find "EXAMPLES" in podpath: cannot find suitable replacement
> path, cannot resolve link
> Ca
Right. Thanks! Will apply.
Cheers,
Richard
Vid Fre, 18 Mar 2016 kl. 22.03.22, skrev rainer.j...@kippdata.de:
> The following line in Configurations/unix-Makefile.tmpl is non
> standards-conforming and breaks using Solaris sed:
>
> ...
> sed -e ':a;{N;s/\n/ /;ba}' | \
> ...
>
> The man page tells
Right. A little 'exit 0' in the right spot should fix that.
It's true that the dependencies that are generated depend quite a lot on what
you've built so far, I hope that's not an enormous bother.
Cheers,
Richard
Vid Sat, 19 Mar 2016 kl. 01.31.53, skrev e...@efca.com:
> still not working right.
On 18/03/16 22:59, Kurt Roeckx via RT wrote:
> On Fri, Mar 18, 2016 at 01:18:04PM +, Matt Caswell wrote:
>>
>>
>> On 18/03/16 12:52, noloa...@gmail.com via RT wrote:
>>> I've configured with:
>>>
>>> ./config enable-afalgeng
>>>
>>> When I run the self tests, I see:
>>>
>>> ../test/reci
On 18/03/16 22:59, Kurt Roeckx via RT wrote:
> On Fri, Mar 18, 2016 at 01:18:04PM +, Matt Caswell wrote:
>>
>>
>> On 18/03/16 12:52, noloa...@gmail.com via RT wrote:
>>> I've configured with:
>>>
>>> ./config enable-afalgeng
>>>
>>> When I run the self tests, I see:
>>>
>>> ../test/reci
> Jeff - please can you try the attached alternative patch?
>
It tested OK under both 'KERNEL_BITS=32' and 'KERNEL_BITS=64':
...
../test/recipes/25-test_verify.t .. ok
../test/recipes/25-test_x509.t ok
../test/recipes/30-test_afalg.t ... skipped: test_afalg not
suppor
> On Mar 17, 2016, at 8:25 PM, noloa...@gmail.com via RT
> wrote:
>
> Yeah, this looks fishy... According to the libc manual, 13.10 Perform
> I/O Operations in Parallel
> (https://www.gnu.org/software/libc/manual/html_node/Asynchronous-I_002fO.html):
>
>volatile void *aio_buf
>
>T
> On Mar 18, 2016, at 4:40 PM, Richard Moore wrote:
>
> I think it is reasonable to preserve the backwards compatible "TLSv1"
> > for the string protocol version, but do we also need to preserve the
> > "TLSv1.0" in ciphers(1) output? If so, the code needs an exception
> > that can otherwise b
> Looks like some of these options are broken on Windows.
Ouf,
In some ways, that's good to hear.
:-)
I tried the patch and I was able to build the shared, debug and release
version of OpenSSL 1.1.
I was able to fully appreciate the new build system.
Thanks Matt, merci bien Richard,
Michel.
-
Am 18.03.2016 um 17:49 schrieb Richard Levitte via RT:
> Vid Fre, 18 Mar 2016 kl. 16.34.05, skrev rainer.j...@kippdata.de:
>> I had the same problem. /bin/sh on Solaris does not understand the "-
>> nt"
>> operator used in the definition of the "depend" target in the top-
>> level
>> Makefile, e.g.
> On Mar 16, 2016, at 6:44 PM, Viktor Dukhovni
> wrote:
>
>> Was the SSL_get_version() behavior changed on purpose in the Beta 1
>> release? This function used to return "TLSv1" when TLS v1.0 was used
>> while it is now in Beta 1 returning "TLSv1.0" for that case.
>
> I missed this change in t
On 17/03/16 09:56, Michel wrote:
> Hello again Richard,
>
> And thanks for your help and answers.
> but as I said, I am not lucky at all :-(
>
> Hope I am not again missing something, I would not be particularly proud to
> win the trophy of the dumbest user on this list ;-)
>
> Doing :
> PERL
Hi,
I think I found a regression in 1.1.0-pre4's ALPN code.
I'm currently porting Python's ssl module to OpenSSL 1.1.0-pre4. One of
Python's unit tests for ALPN is failing. In the test case both client
and server advertise ALPN but have no overlapping protocols. In OpenSSL
1.1.0-pre3 and all earl
Perhaps with said attachment this time...
Vid Fre, 18 Mar 2016 kl. 16.49.13, skrev levitte:
> Vid Fre, 18 Mar 2016 kl. 16.34.05, skrev rainer.j...@kippdata.de:
> > I had the same problem. /bin/sh on Solaris does not understand the "-
> > nt"
> > operator used in the definition of the "depend" targ
The change was actually introduced earlier (see:
https://github.com/openssl/openssl/commit/0621786).
GH891
(https://github.com/openssl/openssl/commit/817cd0d52f0462039d1fe60462150be7f59d2002)
moved the ALPN processing later so that the SSL_CTX determined from SNI can be
used, rather than the o
Hi Felix,
I have seen the same warning during the compilation and I agree with you that
it would be nice to have an API that takes const variable.
Regards,
Andrea
-Original Message-
From: openssl-dev [mailto:openssl-dev-boun...@openssl.org] On Behalf Of
Schüller Felix via RT
Sent: Thur
On 18/03/16 12:52, noloa...@gmail.com via RT wrote:
> I've configured with:
>
> ./config enable-afalgeng
>
> When I run the self tests, I see:
>
> ../test/recipes/30-test_afalg.t ... skipped: test_afalg not
> supported for this build
You should not need to use enable-afalgeng at
Patch for anyone interested in trying.
--
Richard Levitte
levi...@openssl.org
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=
Please log in as guest with password guest if prompted
diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl
index 3a1ade7
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL version 1.1.0 pre release 4 (beta)
===
OpenSSL - The Open Source toolkit for SSL/TLS
http://www.openssl.org/
OpenSSL 1.1.0 is currently in beta. OpenSSL 1.1.0 pre release 4 has now
be
Hello
Do you have any progress or suggestion about this ticket?
If more information is needed ,tell me please.
Ths!
-邮件原件-
发件人: Hejian (E)
发送时间: 2016年3月7日 11:24
收件人: 'noloa...@gmail.com'
抄送: openssl-dev@openssl.org; Liubo (Liubo, OSS); 'r...@openssl.org'
主题: 答复: [openssl-dev] 答复: 答复: [o
Fixup show in last message has now been merged with master, commit
a6adf099cbd7c3bc5c7051ad3d334636ef5e7f90
--
Richard Levitte
levi...@openssl.org
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=
Please log in as guest with password guest if prompted
--
openssl-dev mailing lis
Hi Richard,
Looks like my answer, with the files attached, is waiting for approval.
Regards.
-Message d'origine-
De : Michel [mailto:michel.sa...@free.fr]
Envoyé : jeudi 17 mars 2016 01:03
À : 'openssl-dev@openssl.org'
Objet : RE: [openssl-dev] configure results in conflicting CRT switc
Hallo,
since the struct ECDSA_SIG ( -> ECDSA_SIG_st) is now opaque, one has to use
ECDSA_SIG_get0() to access the values 'r' and 's'.
This works fine for non-const variables. But if one has a 'const ECDSA_SIG *'
(e.g. in verify_sig() of an ec_key-engine),
this produces an error during compilati
I can't reproduce what you're getting, but tell you what, if you send
me these two files, I can try to figure out what's going on:
configdata.pm
ms\ntdll.mak
In message <005501d17fdb$58d73800$0a85a800$@sa...@free.fr> on Thu, 17 Mar 2016
00:27:03 +0100, "Michel" said:
michel.sales> Hi R
Check Microsoft's work here: https://github.com/Microsoft/openssl/
I used the scripts here to build OpenSSL for Universal Apps (ARM, x86 and
x64). I had to make small changes due to my build environment but it works.
Regards,
David
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl
FYI, I have a fix for this but it is currently stalled in review due to
another related issue. Interim patch attached.
Matt
On 16/03/16 22:11, Michel wrote:
> Hi,
>
>
>
> As in my previous post, libcrypto still leaks with OpenSSL version 1.1.0
> pre release 4.
>
> Here is an example with th
Vid Fre, 18 Mar 2016 kl. 16.34.05, skrev rainer.j...@kippdata.de:
> I had the same problem. /bin/sh on Solaris does not understand the "-
> nt"
> operator used in the definition of the "depend" target in the top-
> level
> Makefile, e.g. in line
>
> if [ Makefile -nt Makefile ] ...
That can't be t
>> Is it possible that real target is so called x32, i.e. x86_64 with
>> 32-bit address space limitation? In such case linux-x32 would be the
>> right target...
>
> I don't believe this is x32 since {x86_64|amd64} and __ILP32__ are not
> defined; see preprocessor output below.
Got it. But just in
Hey,
In curl we call ENGINE_cleanup() as part of our OpenSSL specific cleanup
function. When I do this with OpenSSL from git master as of right now
(OpenSSL_1_1_0-pre4-7-ga717738) valgrind catches an illegal free:
==20314== Invalid free() / delete / delete[] / realloc()
==20314==at 0x4C2AE6
On Wed, Mar 16, 2016 at 6:11 PM, Jeffrey Walton wrote:
> On Wed, Mar 16, 2016 at 10:02 AM, Matt Caswell wrote:
>> What happens if you run the afalgtest directly?
>>
>> $ cd test
>> $ ./afalgtest
>>
>
> ./afalgtest
> ALG_PERR: afalg_create_sk: Failed to open socket : Address family not
> supported
Using the guide posted here:
https://wiki.openssl.org/index.php/EVP_Symmetric_Encryption_and_Decryption
I was getting a fairly large amount of bytes "still reachable", so I
decided to throw in all of the options to free up whatever was left over.
Originally, all that was suggested in the wiki was
We are planning on removing the following systems from OpenSSL 1.1:
Netware
OS/2
There are a few reasons for this. In no particular order they include: these
platforms are no longer supported by the vendor; the configurations and builds
have not been testable by the team for years and might
On Wed, Mar 16, 2016 at 10:02 AM, Matt Caswell wrote:
> What happens if you run the afalgtest directly?
>
> $ cd test
> $ ./afalgtest
>
./afalgtest
ALG_PERR: afalg_create_sk: Failed to open socket : Address family not
supported by protocol
test_afalg_aes_128_cbc() failed encryption
And:
$ git r
What happens if you run the afalgtest directly?
$ cd test
$ ./afalgtest
Matt
On 16/03/16 13:52, noloa...@gmail.com via RT wrote:
> Working from Master on a Gentoo 13 machine, x86_64. The test was run
> as root which explains one of the failures (I don't have users or SSH
> set up yet).
>
> Ker
On Fri, Mar 18, 2016 at 9:18 AM, Matt Caswell via RT wrote:
>
>
> On 18/03/16 12:52, noloa...@gmail.com via RT wrote:
>> I've configured with:
>>
>> ./config enable-afalgeng
>>
>> When I run the self tests, I see:
>>
>> ../test/recipes/30-test_afalg.t ... skipped: test_afalg not
>> s
1 - 100 of 103 matches
Mail list logo
