2012-06-27 09:39:33.408683861
-0400
@@ -76,5 +76,6 @@
#ifndef OPENSSL_NO_ENGINE
ENGINE_add_conf_module();
#endif
+ EVP_add_alg_module();
}
--
David McCullough, david_mccullo...@mcafee.com, Ph:+61 734352815
McAfee - SnapGear http://www.mcafee.com
2012-06-27 09:39:33.408683861
-0400
@@ -76,5 +76,6 @@
#ifndef OPENSSL_NO_ENGINE
ENGINE_add_conf_module();
#endif
+ EVP_add_alg_module();
}
--
David McCullough, david_mccullo...@mcafee.com, Ph:+61 734352815
McAfee - SnapGear http://www.mcafee.com
of it. It was permanently disabled.
I am trying to get some more time to revisit that patch for you guys,
hopefulyl soon :-)
Cheers,
Davidm
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http://www.snapgear.comhttp://www.uCdot.org
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http://www.snapgear.comhttp://www.uCdot.org
__
OpenSSL Project http://www.openssl.org
guess this is somehow a remanent of working around that,
sorry for the noise :-(
Short answer, drop the fd changes in the patch.
Thanks,
Davidm
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http://www.snapgear.comhttp://www.uCdot.org
not, I'll find a
better way,
Cheers,
Davidm
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http://www.snapgear.comhttp://www.uCdot.org
__
OpenSSL Project
not, I'll find a
better way,
Cheers,
Davidm
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http://www.snapgear.comhttp://www.uCdot.org
__
OpenSSL Project
.
If this change is not suitable that ok.
I still feel that in a cross compiled embedded system, the output of uname
on the build host is next to useless information for most decision making.
It's possible for same target to be built on a Windows/Linux/BSD/whatever
system.
Cheers,
Davidm
--
David
.
If this change is not suitable that ok.
I still feel that in a cross compiled embedded system, the output of uname
on the build host is next to useless information for most decision making.
It's possible for same target to be built on a Windows/Linux/BSD/whatever
system.
Cheers,
Davidm
--
David
Jivin Thor Lancelot Simon lays it down ...
On Thu, Jul 02, 2009 at 12:28:36AM +0200, David McCullough via RT wrote:
The reason the option exists is that in all but the most unusual cases,
using cryptodev hashing via some HW device is not worth it by any measure.
There are some people
!= ]; then
# then strip off whatever prefix egcs prepends the number with...
# Hopefully, this will work for any future prefixes as well.
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http://www.snapgear.comhttp://www.uCdot.org
it is has a braindamaged uname.
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http://www.snapgear.comhttp://www.uCdot.org
__
OpenSSL Project
:-0}
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http://www.snapgear.comhttp://www.uCdot.org
__
OpenSSL Project http
!= ]; then
# then strip off whatever prefix egcs prepends the number with...
# Hopefully, this will work for any future prefixes as well.
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http://www.snapgear.comhttp://www.uCdot.org
If makedepend fails (for example, if it isn't in the path), then domd
should fail so the build can stop on the error.
Overview : http://www.mail-archive.com/openssl-dev@openssl.org/msg26096.html
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear
When cross compiling for embedded targets gcc is unlikely to be
the best choice of compiler for making decisions. Only use gcc if CC
is not provided.
Overview : http://www.mail-archive.com/openssl-dev@openssl.org/msg26096.html
--
David McCullough, david_mccullo...@securecomputing.com, Ph
Some combinations of algorithm removal cause compilation errors.
Fix this case for SHA/SHA1.
Overview : http://www.mail-archive.com/openssl-dev@openssl.org/msg26096.html
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http://www.snapgear.com
Some support for OCSP was not ifdef'd and prevents its exclusion from
openssl via the config options.
Overview : http://www.mail-archive.com/openssl-dev@openssl.org/msg26096.html
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http
Do not run off the end of the RSA params arrays freeing values
or we will crash (or worse, corrupt the heap).
Overview : http://www.mail-archive.com/openssl-dev@openssl.org/msg26096.html
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http
Allow the build environment to override settings such as MACHINE etc
so that cross compilation for embedded systems is much easier.
Overview : http://www.mail-archive.com/openssl-dev@openssl.org/msg26096.html
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee
words was unused (compiler warning) remove it.
b was uninited memory causing us to generate bogus numbers to pass into
cryptodev.
Overview : http://www.mail-archive.com/openssl-dev@openssl.org/msg26096.html
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee
Change the speed test to only test sizes up to 4096. Most cryptodev
HW drivers fail with 8192 sized requests. 4K seems like a reasonable
limit to test up to.
Overview : http://www.mail-archive.com/openssl-dev@openssl.org/msg26096.html
--
David McCullough, david_mccullo
Add support for building within the uClinux-dist cross-compile
framework for embedded systems (with and without MMU).
Overview : http://www.mail-archive.com/openssl-dev@openssl.org/msg26096.html
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear
Needed to include all the headers in the links target to get openssl
cross compiling nicely within the uClinux-dist.
Overview : http://www.mail-archive.com/openssl-dev@openssl.org/msg26096.html
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear
hash implementation.
Fix up RSA API compliance for rsa_nocrt_mod_exp method while here.
Overview : http://www.mail-archive.com/openssl-dev@openssl.org/msg26096.html
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http://www.snapgear.com
get_cpu/calc_cpu functions for other OS's.
Also includes a few compile time warning fixes.
Overview : http://www.mail-archive.com/openssl-dev@openssl.org/msg26096.html
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http://www.snapgear.com
Cleanup some compile time warnings/magic numbers.
Overview : http://www.mail-archive.com/openssl-dev@openssl.org/msg26096.html
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http://www.snapgear.comhttp://www.uCdot.org
diff
Jivin Thor Lancelot Simon lays it down ...
On Tue, Jun 30, 2009 at 12:56:38PM +1000, David McCullough wrote:
Change the speed test to only test sizes up to 4096. Most cryptodev
HW drivers fail with 8192 sized requests. 4K seems like a reasonable
limit to test up
Jivin Tim Rice lays it down ...
On Tue, 30 Jun 2009, David McCullough wrote:
Cleanup some compile time warnings/magic numbers.
---
diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
index 186eb36..1e5d3a3 100644
--- a/crypto/engine/eng_cryptodev.c
/msg26096.html
Note progs.h is auto generated by progs.pl so you need to edit both
otherwise progs.h will get overwritten.
Thanks for fixing it up, I missed that.
Cheers,
Davidm
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http
/msg26096.html
Note progs.h is auto generated by progs.pl so you need to edit both
otherwise progs.h will get overwritten.
Thanks for fixing it up, I missed that.
Cheers,
Davidm
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http
Jivin Green, Paul lays it down ...
David McCullough proposed the following patch to
crypto/engine/eng_cryptodev.c:
(extracted from a larger change set):
@@ -428,7 +428,7 @@ cryptodev_init_key(EVP_CIPHER_CTX *ctx, const
unsigned char *key,
if ((state-d_fd = get_dev_crypto()) 0
for the cryptodev engine related bits.
Should they appear in new rt tickets of their own or keep it within this
one ?
Thanks,
Davidm
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http://www.snapgear.comhttp://www.uCdot.org
for the cryptodev engine related bits.
Should they appear in new rt tickets of their own or keep it within this
one ?
Thanks,
Davidm
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http://www.snapgear.comhttp://www.uCdot.org
/pub/uClinux/dist/
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http://www.snapgear.comhttp://www.uCdot.org
__
OpenSSL Project http
OPENSSL_DOING_MAKEDEPEND $@ \
${PERL} $TOP/util/clean-depend.pl Makefile Makefile.new
+RC=$?
fi
mv Makefile.new Makefile
# unfake the presence of Kerberos
rm $TOP/krb5.h
+
+exit $RC
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http://www.snapgear.com
);
EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA);
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http://www.snapgear.comhttp://www.uCdot.org
__
OpenSSL
OPENSSL_NO_MD2
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http://www.snapgear.comhttp://www.uCdot.org
__
OpenSSL Project http
++) {
if (kop-crk_param[i].crp_p)
free(kop-crk_param[i].crp_p);
kop-crk_param[i].crp_p = NULL;
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http://www.snapgear.comhttp://www.uCdot.org
;
+ sess.key = (caddr_t)123456789abcdefghijklmno;
for (i = 0; ciphers[i].id count CRYPTO_ALGORITHM_MAX; i++) {
if (ciphers[i].nid == NID_undef)
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http://www.snapgear.com
;
crp-crp_p = NULL;
@@ -637,6 +637,7 @@ bn2crparam(const BIGNUM *a, struct crparam *crp)
b = malloc(bytes);
if (b == NULL)
return (1);
+ memset(b, 0, bytes);
crp-crp_p = b;
crp-crp_nbits = bits;
--
David McCullough, david_mccullo
];
static double dsa_results[DSA_NUM][2];
#ifndef OPENSSL_NO_ECDSA
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http://www.snapgear.comhttp://www.uCdot.org
)
gentests:
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http://www.snapgear.comhttp://www.uCdot.org
__
OpenSSL Project http
();
# endif
#endif
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http://www.snapgear.comhttp://www.uCdot.org
__
OpenSSL Project http
get_cpu(int s)
@@ -395,7 +396,6 @@ static void *KDF1_SHA1(const void *in, size_t inlen, void
*out, size_t *outlen)
#endif /* OPENSSL_NO_ECDH */
-static int do_cpu = 0;
#ifndef HAVE_CPU_USAGE
/* stub out the cpu functions if we do not support it */
static void get_cpu(int s) {}
--
David
;
kop.crk_iparams = 3;
- kop.crk_param[3].crp_p = key;
+ kop.crk_param[3].crp_p = (caddr_t) key;
kop.crk_param[3].crp_nbits = keylen * 8;
kop.crk_oparams = 1;
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http
/dist/
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http://www.snapgear.com
http://www.uCdot.org
__
OpenSSL Project
} APPNAME=$$target$(EXE_EXT) OBJECTS=$$target.o \
+ CC=$${CC} APPNAME=$$target$(EXE_EXT) OBJECTS=$$target.o \
LIBDEPS=$(PEX_LIBS) $$LIBRARIES $(EX_LIBS) \
link_app.$${shlib_target}
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61
} APPNAME=$$target$(EXE_EXT) OBJECTS=$$target.o \
+ CC=$${CC} APPNAME=$$target$(EXE_EXT) OBJECTS=$$target.o \
LIBDEPS=$(PEX_LIBS) $$LIBRARIES $(EX_LIBS) \
link_app.$${shlib_target}
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61
is no problem,
Thanks,
Davidm
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http://www.snapgear.comhttp://www.uCdot.org
__
OpenSSL Project
it is being used when you run openssl.
Probably best to move this discussion to the ocf-linux mailing list, not
sure it belongs on the openssl list ;-)
http://lists.sourceforge.net/mailman/listinfo/ocf-linux-users
Cheers,
Davidm
--
David McCullough, david_mccullo...@securecomputing.com
to do but haven't got around to.
Cheers,
Davidm
--
David McCullough, david_mccullo...@securecomputing.com, Ph:+61 734352815
Secure Computing - SnapGear http://www.uCdot.org http://www.snapgear.com
__
OpenSSL Project
]
-
Talk is cheap. Use Yahoo! Messenger to make PC-to-Phone calls. Great rates
starting at 1?/min.
--
David McCullough, [EMAIL PROTECTED], Ph:+61 734352815
Secure Computing - SnapGear http://www.uCdot.org http://www.cyberguard.com
(that is
decryption/encryption of each packet).
The cryptodev engine (OpenBSD/FreeBSD/linux) can provide async support so
that multiple SSL users are being processed at once.
How are you testing the performance ? On box or using networking ?
Cheers,
Davidm
--
David McCullough, [EMAIL
54 matches
Mail list logo