Bonjour,
It seems OpenSSL 0.9.8j doesn't like receiving a "New Session Ticket"
message over an SSLv3 session, even when it sends an empty session
ticket in its ClientHello message.
Possible solutions:
-tls1 instead of -ssl3
add -no_ticket
--
Erwann ABALEA
Le 21/02/2014
Hi Team,
I have post the problem I meet on stackoverflow.com:
http://stackoverflow.com/questions/21929664/openssl-0-9-8j-can-not-connect-to-google-https-services-using-sslv3
It might be a bug of openssl, could you help to find out where is wrong ?
Thank you!
--
/Best Regards,
lvqier - lvq..
Hi ,
I am cross-compiling openssl-0.9.8j with zlib-dynamic Option. The Options
are :
./Configure zlib-dynamic shared threads no-dso no-krb5
Now , I am getting following Error Message :
c_zlib.c: In function 'COMP_zlib':
c_zlib.c:402: error: too few arguments t
Hi All,
I have built the OpenSSL 0.9.8j library with FIPS capability on Mac OSX
10.5.5(Leopard).
When i am loading libcrypto.dylib and libssl.dylib in my own platform on OSX
10.5.5 it is doing properly,
but when i try to load these two libraries on Mac OSX 10.4 it gives me error
:: malformed
t for clients making use of
> "TLS_RSA_WITH_AES_128_CBC_SHA -- AES128-SHA".
> http://support.microsoft.com/kb/948963
>
> However, with the same environment, all works fine with my client side
> compiled against the old OpenSSL libs.
> ---------
de with the new version of lib files from
> openssl-0.9.8j version and replaced the new client dll's.
> Is any specific step has to be followed?
> Regards,
> Sweta
Did you compile against the new header files?
The client is saying the server cut the TCP connection. What does the
server
say?
DS
de with the new version of lib files from
> openssl-0.9.8j version and replaced the new client dll's.
> Is any specific step has to be followed?
> Regards,
> Sweta
Did you compile against the new header files?
The client is saying the server cut the TCP connection. What does the
server
say?
DS
sion.out , the session id is empty ..
> >
> > ./openssl s_client -debug -msg -state -sess_in /tmp/session.out
> >
> > >> Abstract from output
> >
> > SSL-Session:
> >
> > Protocol : TLSv1
> >
> > Cipher: DHE-RSA-AES256-
> Master-Key:
> FCBF8B9102F1BD020FA0969EE6243F62F7C700F6B701B6A19C4CD57F5BFF0E2FA58B96846EC64FD25FF901C12489362D
>
> Key-Arg : None
>
>
> The above behavior ( empty session id ) is found with i.e openssl 0.9.8j
> and openssl 0.9.8k. i verified with other versio
ssion-ID-ctx:
Master-Key:
FCBF8B9102F1BD020FA0969EE6243F62F7C700F6B701B6A19C4CD57F5BFF0E2FA58B96846EC64FD25FF901C12489362D
Key-Arg : None
The above behavior ( empty session id ) is found with i.e openssl 0.9.8j
and openssl 0.9.8k. i verified with other version 0.9.8g , 0.9.8h , 0.9.8i
wor
ssion-ID-ctx:
Master-Key:
FCBF8B9102F1BD020FA0969EE6243F62F7C700F6B701B6A19C4CD57F5BFF0E2FA58B96846EC64FD25FF901C12489362D
Key-Arg : None
The above behavior ( empty session id ) is found with i.e openssl 0.9.8j
and openssl 0.9.8k. i verified with other version 0.9.8g , 0.9.8h , 0.9.8i
wor
.
Thanks for your help
amit.
- Original Message
> From: Dave Thompson
> To: openssl-users@openssl.org
> Sent: Monday, April 27, 2009 3:08:44 PM
> Subject: RE: Openssl 0.9.8j Client Hello
>
> > From: owner-openssl-us...@openssl.org On Behalf Of Amit Singh
&
> From: owner-openssl-us...@openssl.org On Behalf Of Amit Singh
> Sent: Saturday, 25 April, 2009 01:49
> I upgraded from Openssl 0.9.8g to 0.9.8j. Our client
> interfaces to a picky SSL server implementation in JAVA,
> version currently unknown.
>
> With openssl 0.9.8j th
Hi:
I upgraded from Openssl 0.9.8g to 0.9.8j. Our client interfaces to a
picky SSL server implementation in JAVA, version currently unknown.
With openssl 0.9.8j the connection does not establish with this server.
Basically, the server does not respond to a client hello.
I dumped the client
Hi:
I upgraded from Openssl 0.9.8g to 0.9.8j. Our client interfaces to a
picky SSL server implementation in JAVA, version currently unknown.
With openssl 0.9.8j the connection does not establish with this server.
Basically, the server does not respond to a client hello.
I dumped the client
> Hi Srinivas,
> We compiled our code with the new version of lib files from
> openssl-0.9.8j version and replaced the new client dll's.
> Is any specific step has to be followed?
> Regards,
> Sweta
Did you compile against the new header files?
The client is saying
Hi Srinivas,
We compiled our code with the new version of lib files from
openssl-0.9.8j version and replaced the new client dll's. Is any
specific step has to be followed?
Regards,
Sweta
From: Srinivas Jonnalagadda [mailto:sarinivas7...@earthlink.net]
If it is returning SSL_ERROR_SYSCALL, you need to examine the value of
errno, possibly with perror().
Basically, the library is returning this because the underlying OS has
signalled (via errno) that some system call has failed with an error
condition.
If you don't understand what could be causin
Cisco)" Sent: Mar 26, 2009 12:40 PM To: openssl-users@openssl.org Cc: "Suresh Pallavur Hariharan -X (surharih - WIPRO at Cisco)" , "Sweta Singh -X (swesingh - WIPRO at Cisco)" Subject: SSL_connect() fails after upgrade from OpenSSL 0.9.7d to OpenSSL 0.9.8j
Hi,
Our applica
Hi,
Our application was previously making use of the OpenSSL 0.9.7d library.
Recently we have upgraded to the 0.9.8j version and have re-built both
the Client and Server executables.
However, after the upgrade we are facing a problem with the client side
failing to connect to the server. After
`EVP_DecodeUpdate`:
> encode.c:357: internal compiler error: Segmentation fault.
>
> I have a complete fresh installation of OpenBSD. I don't know if the
> problem is related to OpenSSL or OpenBSD
>
> any idea ?
>
--
View this message in context:
http://www.nabble.com/Ope
SL or OpenBSD
any idea ?
--
View this message in context:
http://www.nabble.com/OpenSSL-0.9.8j-%2B-OpenBSD-4.3---%3E-make-crash-tp22703632p22703632.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
__
OpenSSL Pr
> From: owner-openssl-us...@openssl.org On Behalf Of Poornima Jayaraman
> Sent: Friday, 06 March, 2009 00:49
> I have upgraded the version of OpenSSL being used by my application,
> from OpenSSL-0.9.8d to OpenSSL-0.9.8j. I get the compiler error
> 'error C2664: 'PEM_AS
Hi,
I have upgraded the version of OpenSSL being used by my application, from
OpenSSL-0.9.8d to OpenSSL-0.9.8j. I get the compiler error 'error C2664:
'PEM_ASN1_read' : cannot convert parameter 1 from 'char *(__cdecl *)(void)'
to 'd2i_of_void (__cdecl *)''
On Mon, Mar 02, 2009, Victor Duchovni wrote:
> On Mon, Mar 02, 2009 at 05:36:15PM -0800, Claus Assmann wrote:
> > Out of the box OpenSSL 0.9.8j fails to install on SunOS 5.10 ( cp:
> > What's the "correct" way to fix this? For now I "hacked" the Mak
On Tue, Mar 03, 2009, Dr. Stephen Henson wrote:
> On Tue, Mar 03, 2009, Claus Assmann wrote:
> > On Tue, Mar 03, 2009, Dr. Stephen Henson wrote:
> > > Please try a recent 0.9.8 snapshot, for example:
> > Fails in a different way:
> > PS: patch for Makefile:
> > --- M Tue Mar 3 13:31:48 2
On Tue, Mar 03, 2009, Claus Assmann wrote:
> On Tue, Mar 03, 2009, Dr. Stephen Henson wrote:
> > On Mon, Mar 02, 2009, Claus Assmann wrote:
>
> > > Out of the box OpenSSL 0.9.8j fails to install on SunOS 5.10 ( cp:
> > > cannot access fipscanister.o). I foun
On Tue, Mar 03, 2009, Dr. Stephen Henson wrote:
> On Mon, Mar 02, 2009, Claus Assmann wrote:
> > Out of the box OpenSSL 0.9.8j fails to install on SunOS 5.10 ( cp:
> > cannot access fipscanister.o). I found a mail in the archives about
> Please try a recent 0.9.8 snapshot, f
On Mon, Mar 02, 2009, Claus Assmann wrote:
> Out of the box OpenSSL 0.9.8j fails to install on SunOS 5.10 ( cp:
> cannot access fipscanister.o). I found a mail in the archives about
> this and applied the patch to disable FIPS (see below). However,
> after doing that compilation f
On Mon, Mar 02, 2009 at 05:36:15PM -0800, Claus Assmann wrote:
> Out of the box OpenSSL 0.9.8j fails to install on SunOS 5.10 ( cp:
> cannot access fipscanister.o). I found a mail in the archives about
> this and applied the patch to disable FIPS (see below). However,
> afte
Greetings.
I have recently done some testing with OpenSSL versions 0.9.8i and 0.9.8j.
Basically, the application is opening 10,000 connections between a client and
server on the same Linux machine. I've noticed quite a difference in memory
utilization when monitered with the top command.
0
thank you.
On Mon, Mar 2, 2009 at 8:36 PM, Claus Assmann
> wrote:
> Out of the box OpenSSL 0.9.8j fails to install on SunOS 5.10 ( cp:
> cannot access fipscanister.o). I found a mail in the archives about
> this and applied the patch to disable FIPS (see below). However,
> a
Out of the box OpenSSL 0.9.8j fails to install on SunOS 5.10 ( cp:
cannot access fipscanister.o). I found a mail in the archives about
this and applied the patch to disable FIPS (see below). However,
after doing that compilation fails because fips.h is missing:
cc -I. -I.. -I../include
Hi, Richard,
I have been poking about with the openssl-0.9.8j VMS kit. I found that
there is one long symbol not included in symhacks. I have added this
block below the CRYPTO symbols in symhacks:
/* Hack some long names not included in CRYPTO list */
#undef
Sun, 01 Feb 2009 19:48:48 -0500, Sue
Abercrombie said:
aberz> Hi, Richard,
aberz>
aberz> I have been poking about with the openssl-0.9.8j VMS kit. I found that
aberz> there is one long symbol not included in symhacks. I have added this
aberz> block below the CRYPTO symbols in symhac
On Tue, Jan 20, 2009, Andrew Masterson wrote:
> make test runs fine. make install crashes and burns:
>
>
>
> ...
>
> making install in fips/rsa...
>
> making install in fips/dh...
>
> making install in fips/hmac...
>
> cp: fipscanister.o: A file or directory in the path name does not exis
Noticed the following during make (after ./Configure aix64-cc):
cc -DMONOLITH -I.. -I../include -DOPENSSL_THREADS -qthreaded
-DDSO_DLFCN -DHAVE_DLFCN_H -q64 -O -DB_ENDIAN -qmaxmem=16384 -qro
-qroconst -c ca.c
"ca.c", line 1297.59: 1506-1298 (W) The subscript 256 is out of range.
The valid
7;
Subject: Compiling openssl-0.9.8j on AIX 5.3 64 bit
Noticed the following during make (after ./Configure aix64-cc):
cc -DMONOLITH -I.. -I../include -DOPENSSL_THREADS -qthreaded
-DDSO_DLFCN -DHAVE_DLFCN_H -q64 -O -DB_ENDIAN -qmaxmem=16384 -qro
-qroconst -c ca.c
"ca.c", line 1
I am trying to build a recent OpenSSL release (0.9.8j) on OpenVMS (both
Integrity Server and Alpha Server hardware platforms). I am having
undefined symbol problems.
The issue occurs both linking applications and also linking the CRYPTO
shared image library. The link symbol warnings are:
%
I've seen the same thing. Fixing it. Unfortunately, it will mean
that you will have to pick up a snapshot a little later or wait until
the next release.
Cheers,
Richard
In message <4971adfe.9030...@tibco.com> on Sat, 17 Jan 2009 05:07:58 -0500, Sue
Abercrombie said:
aberz> I am trying to bui
The build process fails in situations where compiler parameters are included in
the CC environment variable.
example:
CC="gcc -L/some/lib/dir -I/some/inc/dir"
_
Windows Live™: Keep your life in sync.
http://windowslive.com/explore
Thanks,
Justin
--- On Wed, 1/14/09, Dr. Stephen Henson wrote:
From: Dr. Stephen Henson
Subject: Re: Problem building Openssl-0.9.8j with fips
To: openssl-users@openssl.org
Date: Wednesday, January 14, 2009, 2:11 PM
On Wed, Jan 14, 2009, Justin A wrote:
> Hello Dr. Steve,
>
> Tha
On Wed, Jan 14, 2009, Justin A wrote:
> Hello Dr. Steve,
>
> Thank you for your response.
>
> I tried the workaround you mentioned (util\pl\VC-32.pl ) changed line 408 to
> $ret.= "$mwex \$(EX_LIBS) " if ($files =~ /O_FIPSCANISTER/ &&
> !$fipscanisterbuild);
>
> Still getting the same error
> On Wed, Jan 14, 2009, Dr. Stephen Henson wrote:
>Ah, forget those changes I suggested try this instead:
>http://cvs.openssl.org/chngview?cn=17786
Perfect, that solved the build issue: my build completes, passes make
test, and installs. I'll report back if I encounter any other issues,
but all l
Okie by adding this one bufferoverflowU.lib, I was able to surpass the error.
Thanks,
Justin
--- On Wed, 1/14/09, Justin A wrote:
From: Justin A
Subject: Re: Problem building Openssl-0.9.8j with fips
To: openssl-users@openssl.org
Date: Wednesday, January 14, 2009, 11:13 AM
Hello Dr. Steve
tin
--- On Wed, 1/14/09, Dr. Stephen Henson wrote:
From: Dr. Stephen Henson
Subject: Re: Problem building Openssl-0.9.8j with fips
To: openssl-users@openssl.org
Date: Wednesday, January 14, 2009, 4:18 AM
On Tue, Jan 13, 2009, Justin A wrote:
> Dr. Stephen,
>
> Thanks for your reply. A
On Tue, Jan 13, 2009, Justin A wrote:
> Dr. Stephen,
>
> Thanks for your reply. After changing to what you have mentioned I am getting
> this security error during linking.
>
>
> ===Error log ===
> C:\openssl-0.9.8j>nmake -f ms\nt.mak
>
> Microsoft (R) Prog
usr/bin/perl ./Configure solaris-sparcv9-cc
> /WWW/netuser/GTSAPU/build/extract/openssl/openssl-0.9.8j
>
>
Looks like your initial fix is the correct one: add $(EX_LIBS) to the
Makefile. This wont affect validation because the validated tarball is not
modified.
Steve.
--
Dr Stephen N. He
On Tue, Jan 13, 2009, Mark Lavi wrote:
> On Tue, Jan 13, 2009, Dr. Stephen Henson wrote:
>
> >In these three lines in crypto/sha/Makefile:
> > (cd asm; $(PERL) sha1-ia64.pl ../$@ $(CFLAGS))
> > (cd asm; $(PERL) sha512-ia64.pl ../$@ $(CFLAGS))
> > (cd asm; $(PERL) sha512-ia64.pl ../$@ $(CFLAGS))
>
;
> making all in crypto/md5...
> make[2]: Entering directory
> `/content2/development/mlavi/content/webplatform/src/build/dev/bootstrap
> /openssl-0.9.8j/crypto/md5'
> gcc -I.. -I../.. -I../../include -DOPENSSL_THREADS -D_REENTRANT
> -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN -DTE
s to just --prefix in order to simplify the build. I believe
what follows is enough relevant output, I've omitted the ./config output
and initial portion of make ...
making all in crypto/md5...
make[2]: Entering directory
`/content2/development/mlavi/content/webplatform/src/build/dev/bootst
Dr. Stephen,
Thanks for your reply. After changing to what you have mentioned I am getting
this security error during linking.
===Error log ===
C:\openssl-0.9.8j>nmake -f ms\nt.mak
Microsoft (R) Program Maintenance Utility Version 7.00.8882
Copyright (C) Microsoft Corp 1988-2000. All rig
On Tue, Jan 13, 2009, Mark Lavi wrote:
> Hello all,
>
> I've run into a strange build problem that I did not encounter under
> relatively identical conditions with OpenSSL 0.9.8i on SuSE 9.2 on ia64.
> Even when I simplify my configure arguments to only --prefix and then
> repeat make clean and m
NDIAN -DTERMIO -O2 -Wall -DSHA1_ASM -DSHA256_ASM
-DSHA512_ASM -DAES_ASM -c -o o_dir.o o_dir.c
gcc -I. -I.. -I../include -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN
-DHAVE_DLFCN_H -DL_ENDIAN -DTERMIO -O2 -Wall -DSHA1_ASM -DSHA256_ASM
-DSHA512_ASM -DAES_ASM -c -o o_init.o o_init.c
gcc -I. -I.. -I../includ
WARNING! If you wish to build 64-bit library, then you have to
invoke './Configure solaris64-sparcv9-cc' *manually*.
Configuring for solaris-sparcv9-cc
/usr/bin/perl ./Configure solaris-sparcv9-cc
/WWW/netuser/GTSAPU/build/extract/openssl/openssl-0.9.8j
-Original Message
terbuild
> 3. make
> 4. make install
>
> This is part is successful.
>
> 5. extract openssl-0.9.8j
> 6. ./Configure solaris64-sparcv9-cc fips --prefix=/tmp/WWW/openssl
> no-shared
> 7. make
>
>
What does:
./config -t
In the validated tarball and the 0.9
Steve,
The platform is Solaris 10.
PATH=/usr/ccs/bin:/usr/openwin/bin:/opt/SUNWspro/bin:/usr/bin:/usr/local
/bin:/opt/viscobol:/usr/perl5/bin
Steps:
1. extract openssl-fips-1.2
2. ./config fipscanisterbuild
3. make
4. make install
This is part is successful.
5. extract openssl-0.9.8j
6
ister build -
> FIPS MODULE ) on the same environment.
> 2) When building the fips capable openSSL on version 0.9.8j I am running
> into error as shown below.
>
> Command I used to run the fips-capable openSSL is
>
> C:\openssl-0.9.8j>perl Configure VC-WIN64I fips no-
fips capable openSSL on version 0.9.8j I am running into
error as shown below.
Command I used to run the fips-capable openSSL is
C:\openssl-0.9.8j>perl Configure VC-WIN64I fips no-asm
--with-fipslibdir=C:\FIPS\openssl-fips-1.2\out32dll
C:\openssl-0.9.8j>ms\do_ms
C:\openssl-0.9.8j>
On Mon, Jan 12, 2009, Blasdel, Jerry wrote:
> I am having a problem trying to build OpenSSL-0.9.8j fips enabled. If
> I do not add ${EX_LIBS) to the end of the line below I get errors
> building fips_standalone_sha1. It cannot find socket and connect
> functions.
>
>
>
I am having a problem trying to build OpenSSL-0.9.8j fips enabled. If
I do not add ${EX_LIBS) to the end of the line below I get errors
building fips_standalone_sha1. It cannot find socket and connect
functions.
Am I missing some environment variables or something else
that
could be provided on the status would be appreciated.
Thanks in advance,
JB
OpenSSL proper (as in OpenSSL 0.9.8j) has not, and doubtless never will
be, FIPS 140-2 validated. You're thinking of the "OpenSSL FIPS Object
Module" which is a separate and much smaller crypto
Would anyone have an update on the status of 0.9.8j and when it will be
officially released? Our customer would like us to go back to using
fips now that fips 1.2 has been certified. Is this version of OpenSSL
going through a similar certification process? Any blurb that could be
provided on the
i also wanna know the exact date as my customer is pushing me .
it will be very appreciated...
2008-12-18
opensslmaillist
发件人: Blasdel, Jerry
发送时间: 2008-12-03 01:39:05
收件人: openssl-users@openssl.org
抄送:
主题: OpenSSL-0.9.8j
I read a post to the newsgroup on Nov 18th that said
I read a post to the newsgroup on Nov 18th that said 0.9.8j would be
released in a few days. Does anyone know of the exact date when the new
version will be released? I'm looking to build OpenSSL with the new
fips 1.2.
Thank you,
Jerry
ines:X509_PUBKEY_get:err asn1
> > lib:x_pubkey.c:366:
> > 8956:error:140BF10C:SSL routines:SSL_SET_CERT:x509 lib:ssl_rsa.c:402:
> > ERROR in SERVER
> > 8956:error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared
> > cipher:s3_srvr.c:1037:
> > TLSv1,
ines:SSL_SET_CERT:x509 lib:ssl_rsa.c:402:
> ERROR in SERVER
> 8956:error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared
> cipher:s3_srvr.c:1037:
> TLSv1, cipher (NONE) (NONE)
> 1 handshakes of 256 bytes done
> *** Error code 1 (continuing)
> Test IGE mode
> ../util/
il/shlib_wrap.sh ./igetest
`tests' not remade because of errors.
util/opensslwrap.sh version -a
OpenSSL 0.9.8j-fips-dev xx XXX
built on: Sat Sep 20 08:02:29 MDT 2008
platform: debug-bsdi-x86-elf
options: bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int)
blowfish(idx)
comp
68 matches
Mail list logo
