Hi All,
I'm using Apache 1.3.31 with mod_ssl 2.8.17 and
OpenSSL 0.9.7d binaries. I use RSA based self signed
certificates for SSL communication.
My httpd.conf has the following SSLCipherSuite
configured
SSLSessionCacheTimeout 600
SSLOptions +StdEnvVars +ExportCertData
SSLCipherSuite
`/var/local/src/libs/openssl-0.9.8/crypto/sha'
cc -I.. -I../.. -I../../include -DOPENSSL_THREADS -Kthread -DFILIO_H
-DNO_STRINGS_H -c sha_dgst.c
UX:acomp: ERROR: ../../include/openssl/sha.h, line 172: invalid type
combination
UX:acomp: ERROR: ../../include/openssl/sha.h, line 173: invalid
I'm looking into http://gcc.gnu.org/PR19923
which claims that gcc-4.0 is slower on 'openssl speed'
than earlier versions. The only huge regression seems
to be in md2.
Note that most of the code involved in the report in question is
hand-coded assembler. Meaning that the report [or your
I have built a 64-bit version of OpenSSL on AIX 5, and it is failing the
test on bn_sqr. It looks like the bn_sqr or bn_div functions are not
working for very large numbers. Has wnyone else ran into this problem?
Has anyone ran into this problem? BN_sqr test failure is mentioned in
FAQ, so
On 2005.05.25 at 23:53:13 +0200, Andy Polyakov wrote:
I guess it was erroneously omitted in some
newer release. Try to patch your run-time environment by executing
http://www.openssl.org/~appro/values.c and report back. The patch is
designed to work with both old and new GCC releases. A.
I guess it was erroneously omitted in some
newer release. Try to patch your run-time environment by executing
http://www.openssl.org/~appro/values.c and report back. The patch is
designed to work with both old and new GCC releases. A.
With this patch it works on both my Solaris x86 machines
OpenSSL self-test report:
OpenSSL version: 0.9.8-beta2
Last change: Add attribute functions to EVP_PKEY structure. Modify...
Options: enable-threads enable-shared enable-zlib no-gmp no-krb5
no-mdc2 no-rc5 no-zlib-dynamic
OS (uname): SunOS shadow 5.10 Generic_118844-01 i86pc
Target: solaris-x86-gcc
Compiler: Configured with: /usr/gcc-3.4.4/configure
--with-as=/usr/local/bin/as --with-gnu-as --with-ld=/usr/ccs/bin/ld
--without-gnu-ld --enable-threads --enable-shared --enable-multilib
--with-cpu=pentium4 --enable-languages=c,c++ --disable-nls
Problem: build fails on any Solaris sparcv8 because sparcv8.o is not
built.
FIX: add the compilation step to crypto/bn/Makefile
*** openssl-0.9.8-beta2/crypto/bn/Makefile.orig Mon May 16 12:55:19 2005
--- openssl-0.9.8-beta2/crypto/bn/Makefile Mon May 30 08:22:58 2005
***
***
cc: pqueue.h, line 73: error 1000: Unexpected symbol: BN_ULLONG.
cc: pqueue.h, line 73: error 1573: Type of priority is undefined due to an i
llegal declaration.
cc: pqueue.h, line 73: error 1578: Size of struct or union member is unknown.
cc: pqueue.h, line 80: error 1000: Unexpected symbol:
Attempt to build Openssl-0.9.8-stable-SNAP-20050530 on Solaris 8 sparc
using 64-bit mode (solaris64-sparcv9-gcc target) results in error in
RIEMD160 tests.
If test_rmd target is excluded from the tests, all other tests pass
correctly
-- output of make test
../util/shlib_wrap.sh ./rmdtest
Problem: build fails on any Solaris sparcv8 because sparcv8.o is not
built.
FIX: add the compilation step to crypto/bn/Makefile
*** openssl-0.9.8-beta2/crypto/bn/Makefile.orig Mon May 16 12:55:19 2005
--- openssl-0.9.8-beta2/crypto/bn/Makefile Mon May 30 08:22:58 2005
***
***
Attempt to build Openssl-0.9.8-stable-SNAP-20050530 on Solaris 8 sparc
using 64-bit mode (solaris64-sparcv9-gcc target) results in error in
RIEMD160 tests.
If test_rmd target is excluded from the tests, all other tests pass
correctly
-- output of make test
../util/shlib_wrap.sh
rule added, case dismissed.
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager [EMAIL
Not OpenSSL problem. Explicitly mentioned in ./PROBLEMS, case dismissed.
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated
One can argue if it's GCC, Solaris or OpenSSL problem. The bug and
workaround is mentioned in ./PROBLEMS, case dismissed.
__
OpenSSL Project http://www.openssl.org
Development Mailing List
The beta 2 of 0.9.8 requires a small patch to compile with DJGPP under
DOS. mtu and sock_type are defined by headers from the WATT-32
library and need to be undefined. The backslash in the definition of
DEVRANDOM (encoding the $) also causes an error when compiling. I
don't think that these
On 2005.05.31 at 14:40:46 +0200, Andy Polyakov via RT wrote:
Hello
According to our records, your request has been resolved. If you have any
further questions or concerns, please respond to this message.
Bug 1084 was resolved with following diagnositics
Not OpenSSL problem. Explicitly
Bug 1084 was resolved with following diagnositics
Not OpenSSL problem. Explicitly mentioned in ./PROBLEMS, case dismissed
But I cannot find anything related to my situation:
You're got to read between lines. Explicitly mentioned in ./PROBLEMS
might as well mean ./PROBLEMS file was just
There is one problem with beta-3 which also occurred in earler
versions, but which I had overlooked, since no errors were generated.
On DJGPP, install_docs stops after installing man1/CA.pl.1. No other
man pages were installed. The rest of the installation went fine. I
believe that this occurs
On Tue, 31 May 2005, Andy Polyakov wrote:
The beta 2 of 0.9.8 requires a small patch to compile with DJGPP under
DOS. mtu and sock_type are defined by headers from the WATT-32
library and need to be undefined. The backslash in the definition of
DEVRANDOM (encoding the $) also causes an
Andy Polyakov wrote:
I'm looking into http://gcc.gnu.org/PR19923
which claims that gcc-4.0 is slower on 'openssl speed'
than earlier versions. The only huge regression seems
to be in md2.
Note that most of the code involved in the report in question is
hand-coded assembler. Meaning that
There is one problem with beta-3 which also occurred in earler
versions, but which I had overlooked, since no errors were generated.
On DJGPP, install_docs stops after installing man1/CA.pl.1. No other
man pages were installed. The rest of the installation went fine. I
believe that this occurs
Environment: openssl-0.9.8-beta3, ULTRIX 4.5, ultrix-cc
- crypto/sha/sha512.c fails to compile
cc -I.. -I../.. -I../../include -DZLIB ... -DL_ENDIAN -c sha512.c
cfe: Error: sha512.c, line 61: Syntax Error
c-h[0]=0xcbbb9d5dc1059ed8ULL ;
^
Hello,
I would like to report a memory leak in SSL_connect(). Following code
sample was check for memory leaks
using Purify and show a 13K leak in SSL_connect().
1. Am I doing something wrong?
2. Will there be a fix soon?
Sincerely yours.
Karim sharif
I'm looking into http://gcc.gnu.org/PR19923
which claims that gcc-4.0 is slower on 'openssl speed'
than earlier versions. The only huge regression seems
to be in md2.
Note that most of the code involved in the report in question is
hand-coded assembler. Meaning that the report [or your
I've committed a fix for no-aes, please test a new snapshot.
Thanks,
Nils
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated
After battling for a while why one could not configure more than one SSL
port in Squid when requesting client certificates it was found the culpit
is SSL_load_client_CA_file() which always leaves an error in the error
queue even if successful. This queued error then causes problems when
On Tue, 31 May 2005, Andy Polyakov wrote:
OpenSSL_0_9_8-stable branch pulled Mon May 30 19:47:25 PDT 2005.
On my unixware-7 boxes configured with the shared no-sse2 options
i'm getting this error.
Undefinedfirst referenced
symbol in file
OPENSSL_ia32cap_P
On Tue, 31 May 2005, Andy Polyakov wrote:
`/var/local/src/libs/openssl-0.9.8/crypto/sha'
cc -I.. -I../.. -I../../include -DOPENSSL_THREADS -Kthread -DFILIO_H
-DNO_STRINGS_H -c sha_dgst.c
UX:acomp: ERROR: ../../include/openssl/sha.h, line 172: invalid type
combination
UX:acomp: ERROR:
The correct assertion should be
assert((i == BN_BITS2) || (h = (BN_ULONG)1i));
as it should prevent an overflow (the result doesn't fit
into a single BN_ULONG).
Please test a recent snapshot.
Thanks,
Nils
__
OpenSSL
Karim Sharif via RT wrote:
Hello,
I would like to report a memory leak in SSL_connect(). Following code
sample was check for memory leaks
using Purify and show a 13K leak in SSL_connect().
did you read the * I think I've detected a memory leak, is this a bug?
item in the FAQ ?
Didn't
Hi,
openssl req -text shows version like:
Certificate Request:
Data:
Version: 0 (0x0)
...
I guess it should be 1.
--
gotoyuzo
--- t_req.c~2005-05-16 19:10:58.0 +0900
+++ t_req.c 2005-06-01 06:27:14.0 +0900
@@ -117,7 +117,7 @@ int
This is usually caused by configuring/building
for the wrong architecture or wordlength first.
make clean doesn't work properly in
those circumstances.
either rm -rf include;make clean;Configure,
or preferably start with a clean extract.
I've embarassed myself with this one
a few times.
Peter
On Tue, 31 May 2005, Tim Rice wrote:
[snip]
Now to track down the test failure (test SSL protocol).
That was me forgeting about UnixWare 7.1.1 having an optimizer bug
when you use the -Kpentium_pro flag.
Tests fine without it.
.
test sslv3 with client authentication
Available
35 matches
Mail list logo