Re: CRYPTO_mem_leaks Error in openssl 1.1.1d

Can you please provide me examples or links to refer it. On Tue, 10 Nov 2020 at 7:04 PM, Matt Caswell wrote: > > > On 10/11/2020 13:25, shiva kumar wrote: > > Any alternatives for this, if the compiled version doesn't enabled the > flag? > > valgrind? > > >

Re: CRYPTO_mem_leaks Error in openssl 1.1.1d

Any alternatives for this, if the compiled version doesn't enabled the flag? On Tue, 10 Nov 2020 at 4:52 PM, Matt Caswell wrote: > > > On 10/11/2020 09:19, shiva kumar wrote: > > Hi, > > I'm trying to use the CRYPTO_mem_leaks API in openssl 1.1.1d, but > >

CRYPTO_mem_leaks Error in openssl 1.1.1d

Hi, I'm trying to use the CRYPTO_mem_leaks API in openssl 1.1.1d, but during compilation I'm getting error as *Unsatisfied symbol "CRYPTO_mem_leaks" * I have Included the header #include one doubt is it is defined under crypto.h #ifndef OPENSSL_NO_CRYPTO_MDEBUG CRYPTO_mem_leaks // defined #end

alternative for x509 "name" field

Hi, Compared to OpenSSL 1.0.2 and 1.1.0 and above, in struct x509_st , char *name field has been removed, what is the alternative for it and what is the impact? can anyone please answer the query? Thanks and regards Shivakumar

x509_store_ctx_st structure in openssl 1.1.1

Hi, I was using the structure struct x509_store_ctx_st provide by x509_vfy.h in openssl 1.0.2, but can you please help me on how to use the same or alternative for the above structure on openssl 1.1.1 Thanks and regards Shivakumar

Re: certificate verification error OpenSSL 1.1.1

t; On Mon, Mar 2, 2020 at 12:01 PM shiva kumar > wrote: > >> Hi, >> Please help me, is this an expected behavior? >> >> On Mon, Mar 2, 2020 at 1:48 PM shiva kumar >> wrote: >> >>> when I tried to verify the the self signed certificate in OpenSSL

Re: certificate verification error OpenSSL 1.1.1

Hi, Please help me, is this an expected behavior? On Mon, Mar 2, 2020 at 1:48 PM shiva kumar wrote: > when I tried to verify the the self signed certificate in OpenSSL 1.0.2 it > is giving error 18 and gives OK as o/p, when I tried the same with OpenSSL > 1.1.1 there is slight chan

certificate verification error OpenSSL 1.1.1

when I tried to verify the the self signed certificate in OpenSSL 1.0.2 it is giving error 18 and gives OK as o/p, when I tried the same with OpenSSL 1.1.1 there is slight change in the behavior it also gives the same error, but instead of OK it gives different error as "*ca.crt: verification faile

TLS version

Hi, can anyone please tell, how to check the list of tls versions supported in openssl build ( version 1.1.1)? -- *With Best Regards* *Shivakumar S*

Re: OpenSSL 1.0.2 EOL

but still the update is going on in the GitHub repository for 102 branch, is that mean there will be a release by end of this year? On Tue, Nov 26, 2019 at 6:31 PM Matt Caswell wrote: > > > On 26/11/2019 11:38, shiva kumar wrote: > > Hi, > > As we know that OpenSSL 1.0.

OpenSSL 1.0.2 EOL

Hi, As we know that OpenSSL 1.0.2 support will end in 31st December 2019. and the latest version is 1.0.2t, is there will be any release by EOL? can we expect a release before EOL? Regards Shivakumar

Re: dsaparam error OpenSSL 1.1.1d

Hi, can anyone please help me to solve this issue? *openssl dsaparam 128 -rand file * is taking long time processing the command and not producing any output. On Sun, Nov 10, 2019 at 8:17 PM shiva kumar wrote: > Hi, > I'm using OpenSSL 1.1.1d, when I tried executing the dsaparam

dsaparam error OpenSSL 1.1.1d

Hi, I'm using OpenSSL 1.1.1d, when I tried executing the dsaparam command in command line as shown below it takes long time and I won't get output, it just keeps on processing. Is this an error? what is causing the problem? *openssl dsaparam 128 -rand file* *openssl dsaparam -rand file* -- *W

use of makedepend in openssl 1.1.1

what is the use of makedepend in openssl 1.1.1? openssl 1.1.1 can build without makepend then what's the use of makedepend? is it good to use makedepend while building openssl 1.1.1? please answer me thanks in advance -- *With Best Regards* *Shivakumar S*

OPENSSL IS NOT GENERATING RESPONSE

HI, when I run the following command the response is not generated *util/shlib_wrap.sh apps/openssl ts -config test/CAtsa.cnf -reply -section tsa_config1 -queryfile req1.tsq -out resp1.tsr* output >>Using configuration from test/CAtsa.cnf >>Response is not generated. though I have run and gener

Error while running shlibload. test case

Hi, I'm getting error while running test case "90-test_shlibload.t" in openssl 1.1.1c make test. ../test/recipes/90-test_shlibload.t (Wstat: 1024 Tests: 10 Failed: 4) Failed tests: 2, 4, 6, 8 in file test/recipes/90-test_shlibload.t *ok(check_atexit($fh));* when i checked it is the above f

Re: looks like the support for Heart beat extension is removed from openssl

Hi, If someone can have a look at my query and provide suggestions(which would be much helpful for me). Thanks for your help Thanks! Shiva On Fri, Jul 12, 2019 at 5:13 PM Salz, Rich wrote: > >- would the below method be advisable to handle the "failure to close" >conditions > > > > Sor

Re: How to list ssl3 ciphers

val Convert standard name into OpenSSL name -ciphersuites val Configure the TLSv1.3 ciphersuites to use* why it is not displaying the ssl3 option? please answer me. Thanks and Regards Shivakumar On Wed, Jul 10, 2019 at 10:40 AM shiva kumar wrote: > Hi, > How to List the ssl3 ciph

looks like the support for Heart beat extension is removed from openssl

Hi , Why the support for Heart beat extension is removed from openssl. I am referring latest version of openssl(openssl-1.1.1c) How to handle abnormal disconnection in DTLS？ Thanks! Shiva

RFC 6347 : 4.2.8. Establishing New Associations with Existing Parameters

Hi, Does openSSL implement the section "4.2.8. Establishing New Associations with Existing Parameters" in RFC 6347 I tried to test the feature with "openssl-1.1.1c" but couldn't simulate the same. Some details about my sample test: Client: 1. Initiate a connection request for DTLS 1.2(target o

How to list ssl3 ciphers

Hi, How to List the ssl3 ciphers in openssl1.1.1 The command "openssl ciphers -ssl3" is not working. Please help me Thanks and Regards Shivakumar -- *With Best Regards* *Shivakumar S*

Make test error in OpenSSL 1.1.1b

Hi, In the OpenSSL 1.1.1b build after make test I'm getting error as follows *../test/recipes/70-test_comp.t (Wstat: 35584 Tests: 0 Failed: 0) Non-zero exit status: 139 Parse errors: No plan found in TAP output../test/recipes/70-test_key_share.t (Wstat:

Information on Build.info

Hi, Actually I wanted to know how build.info file in each directory such as apps, engines etc, will used generate the Make file, what would happen If I wanted to change the build.info file 1) in openssl/*apps/build.info * what would happen if I change *DEPEND[openssl]=libapps.a

Re: Make file removed in openssl 1.1.1

Actually I wanted to change the library dependencies from shared to archive libraries as follows *SHLIBDEPS='libcrypto.a'* In Makefile which I was doing in 1.0.2 version, How can I do this? in 1.1.1 version.

Make file removed in openssl 1.1.1

Hi, In the OpenSSL 1.1.1 Make file is generated on top directory after when config is executed. In OpenSSL 1.0.2 there is Make file at each directory and is hierarchical, but this is not the same in 1.1.1 version. Actually I was modifying the Makefile configurations manually in apps and engines di

Dyanmic engine for OpenSSL 1.1.1b

Hi, when I am performing make test while building OpenSSL 1.1.1b I got error as : ../test/recipes/70-test_sslcbcpadding.t skipped: test_sslcbcpadding needs the dynamic engine feature enabled ../test/recipes/70-test_sslcertstatus.t skipped: test_sslcertstatus needs the dyn

MAKE file not found in openssl 1.1.1b

Hi, In the openssl 1.1.1b make files are missing when compared with the 1.0.2r openssl-1.1.1b/Makefile.org (not present) openssl-1.1.1b/apps/Makefile (not present) openssl-1.1.1b/engines/Makefile (not present) and may more are not present. How can I modify the make file options, in the above menti

Re: error while running openssl 1.1.1b config file

Ok, thanks. On Tue, May 21, 2019 at 2:15 PM Matt Caswell wrote: > > > On 21/05/2019 09:44, shiva kumar wrote: > > is Kerberos v5 is completely removed or depreciated from OpenSSL 1.1.0 > onwards ? > > It was completely removed. > > Matt > > -- *With

Re: error while running openssl 1.1.1b config file

is Kerberos v5 is completely removed or depreciated from OpenSSL 1.1.0 onwards ? On Tue, May 21, 2019 at 2:04 PM Matt Caswell wrote: > > > On 21/05/2019 09:28, shiva kumar wrote: > > Hi, > > when running openssl 1.1.1b config file with no-krb5 option > > I got as

error while running openssl 1.1.1b config file

Hi, when running openssl 1.1.1b config file with no-krb5 option I got as, * Unsupported options: no-krb5 can I know why I'am getting this error? when i remove the no-krb5 option it works. This option was working on openssl 1.0.2r, but why this option is not working here ? can I know ? Thanks

FIPS module for OpenSSL 1.1.1x

Hi, I wanted to move from OpenSSL 1.0.2r to 1.1.1b. I have some doubts they are 1) If I upgrade to 1.1.1b will it cause any problem to other applications? which uses openssl for communications. ( say apache http server ). 2) can I expect FIPS module for 1.1.1b as well ? 3) since OpenSSL 1.1.1b d

ecparam error on openssl 102r

Hi, When I run openssl ecparam on elliptic curve Oakley-EC2N-3, Oakley-EC2N-4 on openssl 1.0.2r version, I am getting the following error, can anyone please help me why i am getting this error. # openssl ecparam -out Oakley-EC2N-3_102r.pem -name Oakley-EC2N-3 unable to write elliptic curve paramet

[openssl-users] Request for the list of API changes from 1.0.2k to 1.1.1a

Hi, I'm using OpenSSL 1.0.2k, I wated to move to 1.1.1a so I'm building the 1.1.1a I wanted to know list of all the API that are changed from 1.0.2k to 1.1.1a, so I request you to provide all the list of API Thanks and Regards Shivakumar -- *With Best Regards* *Shivakumar S* *Mysore, Karnataka