> On Jul 18, 2019, at 3:13 PM, Mark Richter wrote:
>
> 2. Not at all clear on what the "_OPT" part means - do I need to change my
> source code to use this for accessors or ???
Just try it and see. The "_OPT" in the symbol version is internally
generated from "-opt" in the shlib_variant SONAME
> On Jul 18, 2019, at 2:57 PM, Mark Richter wrote:
>
> Also, once I figure out the build issues, how can I statically link the ssl
> libraries into my app? (That way we don't require our customers to build and
> install OpenSSL 1.1.1 pon their RHEL 7 hosts.) Are there any gotchas to
> doing
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
> Mark Richter
> Sent: Thursday, July 18, 2019 12:57
>
> Is Linux considered to be the same as (or similar enough to) Unix w.r.t. the
> building instructions? I'm reading the INSTALL file and it doesn't mention
> Linux (
> -Original Message-
> From: openssl-users On Behalf Of Viktor
> Dukhovni
> Sent: Wednesday, July 17, 2019 12:42 PM
> To: openssl-users@openssl.org
> Subject: Re: Errors building 1.1.1 on RHEL 7
>:
> 4. Build and install OpenSSL 1.1.1c with "--prefix=/opt/o
-Original Message- [edited]
From: openssl-users On Behalf Of Viktor
Dukhovni
Sent: Wednesday, July 17, 2019 6:17 PM
To: openssl-users@openssl.org
Subject: Re: Errors building 1.1.1 on RHEL 7
>>> 2. Configure your OpenSSL build to use the corresponding "rpath":
>&
Probably, disregard: the problem seems to be related to the incomplete support
for ISO C11 in GCC on CentOS (and I'm willing to bet - on RHEL).
Changing the standard to "-std=gnu99" lead to a successful build with all the
tests passing.
On 7/18/19, 12:28 PM, "openssl-users on behalf of Blume
I'm getting a somewhat different error trying to build OpenSSL_1_1_1-stable on
CentOS 7 (similar to RHEL 7).
Configuration:
./config --prefix=$HOME/openssl-1.1 --debug --openssldir=$HOME/openssl-1.1/etc
--with-rand-seed=rdcpu enable-aria enable-ec_nistp_64_gcc_128 enable-md2
enable-rc5 enable-
On Thu, Jul 18, 2019 at 12:54:51AM +, Mark Richter wrote:
> I'm still really new at this - a few questions:
Understood.
> 1. Choose some location that is not on the default library search path
> to install the 1.1.1 custom libraries. I use /opt/openssl/1.1/lib
>
> > How do I specify
I'm still really new at this - a few questions:
-Original Message-
From: openssl-users On Behalf Of Viktor
Dukhovni
Sent: Wednesday, July 17, 2019 12:42 PM
To: openssl-users@openssl.org
Subject: Re: Errors building 1.1.1 on RHEL 7
On a system with OpenSSL 1.0.2 or OpenSSL 1.1.0 in
> On Jul 17, 2019, at 3:41 PM, Viktor Dukhovni
> wrote:
>
> On a system with OpenSSL 1.0.2 or OpenSSL 1.1.0 in /usr/lib (on the default
> search path), and especially when you're linking with other libraries that
> in turn were linked against the OpenSSL version in /usr/lib, using OpenSSL
> 1.1.
On a system with OpenSSL 1.0.2 or OpenSSL 1.1.0 in /usr/lib (on the default
search path), and especially when you're linking with other libraries that
in turn were linked against the OpenSSL version in /usr/lib, using OpenSSL
1.1.1 in your application requires care...
> On Jul 17, 2019, at 2:22 PM
It works better with 1.1.1c.
Thank you.
-Original Message-
From: Matt Caswell
Sent: Wednesday, July 17, 2019 1:16 AM
To: Mark Richter ; openssl-users@openssl.org
Subject: Re: Errors building 1.1.1 on RHEL 7
On 16/07/2019 23:27, Mark Richter wrote:
> Result: PASS
Well that'
July 17, 2019 2:53 AM
To: Mark Richter ; Matt Caswell ;
openssl-users@openssl.org
Subject: Re: Errors building 1.1.1 on RHEL 7
FWIW:
I just downloaded openssl 1.1.1c, untarred it on my CentOS 7 box, then ran
./config
make
make test
The tests passed with the following output (the "ok
ncluding FAQ lists, should be found on
this system using "man perl" or "perldoc perl". If you have access to the
Internet, point your browser at http://www.perl.org/, the Perl Home Page.
Mark Richter | Senior Staff Engineer
SolarFlare Communications, Inc. | www.Solarflare.com
9
ications, Inc. | www.Solarflare.com
> 9444 Waples Street, #170, San Diego, CA 92121
> Mobile: +1 949-632-8403
>
>
>
> From: openssl-users on behalf of Matt
> Caswell
> Sent: Tuesday, July 16, 2019 3:20 PM
> To: openssl-users@openssl.org
> Subject: Re: Errors build
w.perl.org/, the Perl Home Page.
Mark Richter | Senior Staff Engineer
SolarFlare Communications, Inc. | www.Solarflare.com
9444 Waples Street, #170, San Diego, CA 92121
Mobile: +1 949-632-8403
From: openssl-users on behalf of Matt
Caswell
Sent
On 16/07/2019 22:23, Mark Richter wrote:
> After I built version 1.1.1 on RHEL 7, I got these errors at the end of the
> 'make test.' What do they mean?
>
>
> Test Summary Report
> ---
> ../test/recipes/15-test_dsa.t(Wstat: 768 Tests: 6 Failed:
> 3)
> F
On Tue, Jul 16, 2019 at 09:23:32PM +, Mark Richter wrote:
> After I built version 1.1.1 on RHEL 7, I got these errors at the end of the
> 'make test.' What do they mean?
The test scripts exited with non-zero exit codes.
> Test Summary Report
> ---
> ../test/recipes/15-test_
On Wed June 1 2011, Dr. Stephen Henson wrote:
> On Tue, May 31, 2011, gvfb wrote:
>
> >
> > >Thanks, I've got the package for shared libraries libssl0.9.8 as well as
> > >the -dev packages which I need to compile IMAP toolkit, I'll probably use
> > >those, unless I manage to install from source
On Tue, May 31, 2011, gvfb wrote:
>
> >Thanks, I've got the package for shared libraries libssl0.9.8 as well as the
> >-dev packages which I need to compile IMAP toolkit, I'll probably use those,
> >unless I manage to install from source and then I will enable mod_ssl on
> >apache, with a simp
On Tue May 31 2011, gvfb wrote:
>
> De: owner-openssl-us...@openssl.org
> Para: openssl-users@openssl.org
> Cc:
> Fecha: Tue, 31 May 2011 23:08:18 -0400
> Asunto: RE: Errors with certificate signing x509v1 when making test. Test
> failed
>
> > > From: o
De: owner-openssl-us...@openssl.org
Para: openssl-users@openssl.org
Cc:
Fecha: Tue, 31 May 2011 23:08:18 -0400
Asunto: RE: Errors with certificate signing x509v1 when making test. Test failed
> > From: owner-openssl-us...@openssl.org On Behalf Of gvfb
> > Sent: Tuesday, 31
> From: owner-openssl-us...@openssl.org On Behalf Of gvfb
> Sent: Tuesday, 31 May, 2011 18:17
>
> Now I'm trying to walk the steps over again, so I will reinstall OpenSSL,
> which is needed for the IMAP toolkit. However, when making OpenSSL
Aside: the people here probably can
On Fri January 30 2009, The Doctor wrote:
>
> From this morning's compile:
>
- - - 380KB snipped - - -
*) You have read the first paragraph of:
http://www.openssl.org/source/repos.html
Correct?
*) Please keep these posts off of the users list;
The developers can speak for themselves, but they
Ajay,
I did not mean the commandline options for nmake, but for the compiler
itself (cl.exe).
Quick check in documentation --> /WX option must be removed (in your
cl.exe commandline, that is the '-WX' option.
Checked the repository --> you should remove the '-WX' from the
Configure script (and p
; : not all dependents
> available;
> target not built
> NMAKE : warning U4010: 'out32dll\ssleay32.dll' : build failed; /K
> specified, con
> tinuing ...
> NMAKE : warning U4011: 'out32dll\randtest.exe' : not all dependents
> available; t
> arget no
vailable; ta
rget not built
NMAKE : warning U4010: 'out32dll\ssleay32.dll' : build failed; /K
specified, con
tinuing ...
NMAKE : warning U4011: 'out32dll\ssltest.exe' : not all dependents
available; ta
rget not built
NMAKE : warning U4010: 'out32dll\ssleay32.dll' : b
On Wed, Sep 17, 2008 at 6:10 AM, DHARNA, AJAY [AG/1000]
<[EMAIL PROTECTED]> wrote:
[...]
> cl /Fotmp32dll\bn_nist.obj -Iinc32 -Itmp32dll /MD /Ox /O2 /Ob2
[...]
> crypto\bn\bn_nist.c(718) : error C2220: warning treated as error - no object
[...]
> Please let me know how I can get past this
Thanks for your responses. I downloaded the latest snapshot
ftp://ftp.openssl.org/snapshot/openssl-0.9.8-stable-SNAP-20080711.tar.gz and
ran the perl configure. Then I executed the ms\do_masm batch file. I
called nmake on the ms\ntdll.mak. The compile still fails :
Assembling: .\crypto\sha\
Did you try building with an up-to-date CVS snapshot?
ftp://ftp.openssl.org/snapshot/
I don't know if you were using some already-released package version, but if
so, then you would miss any fixes since then. (Ie. we don't rerelease 0.9.8x
when bugs are found, we release 0.9.8y instead...)
And
Hi,
This error have been already reported. Check the following link :
http://www.mail-archive.com/[EMAIL PROTECTED]/msg24173.html
I'm not sure if my fix have been put into cvs.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
On Thu, July 10, 2008 10:50 pm, Panthers Rock wrote:
> I am tr
Hello Steve,
Thank you very much for you help. It worked like a charm.
Regards,
Dan
On Aug 15, 2007, at 2:22 PM, Dr. Stephen Henson wrote:
On Wed, Aug 15, 2007, Dan Spirlock wrote:
Hello,
I'm working on an application where I'd like to have the public key
stored in a local variable and com
On Wed, Aug 15, 2007, Dan Spirlock wrote:
> Hello,
>
> I'm working on an application where I'd like to have the public key
> stored in a local variable and compiled with the app, but I'm getting
> a runtime error when I try to read the public key after it has been
> stored in a BIO_mem_buf.
rpretation of this is that the
version number is { 254,255 }.
However, openssl 0.9.8 appear to interpret
this as saying the version is { 01, 00 }
Can the authors please clarify?
thanks,
Rob
> List: openssl-users
> Subject: Re: errors
in DTLS implementation in openssl0.9.8a
> From:
On Sun, Apr 16, 2006, Chris Clark wrote:
> I'm having trouble compiling the current snapshot of OpenSSL under VC++.
>
> Configure and domasm are both successful, but when I run nmake I get
> the following result:
>
> Could anyone point me in the right direction?
>
It would help if you said whi
Try to run ms\do_ms instead of running ms\do_masm
-Daeoh
2006/4/17, Chris Clark <[EMAIL PROTECTED]>:
I'm having trouble compiling the current snapshot of OpenSSL under VC++.Configure and domasm are both successful, but when I run nmake I get
the following result:> nmake -f ms\ntdll.makMicro
Enviado el: jueves, 16 de marzo de 2006 17:41
> Para: 'openssl-users@openssl.org'
> Asunto: RE: Errors when coding X509 attributes - help needed
>
> Dr. Henson,
>
> I am using your ASN1 module, with some modifications to adapt it to the
> RFC3281. I have been busy, but
ultant.
> Funding needed! Details on homepage.
> Homepage: http://www.drh-consultancy.demon.co.uk
> -Mensaje original-
> De: [EMAIL PROTECTED] [mailto:owner-openssl-
> [EMAIL PROTECTED] En nombre de Dr. Stephen Henson
> Enviado el: lunes, 20 de febrero de 2006 13:32
> Par
On Mon, Feb 20, 2006, Daniel Daz Snchez wrote:
> [Sorry for the prior empty mails I am experiencing some problems with mail]
>
> Hello,
>
> Im implementing some X509 attributes for a Openssl based X509 attribute
> certificates API (will be available when finished). I have some problems
> with o
is always better not to use v2.
Did u tried with SSLv23 ..?
Samy
Michael Smith <[EMAIL PROTECTED]>
Sent by:
[EMAIL PROTECTED]
07.02.2006 14:47
Please respond to
openssl-users@openssl.org
To
openssl-users@openssl.org
cc
Subject
Re: Errors with firefox
Classificati
-users@openssl.org
cc
Subject
Re: Errors with firefox
Classification
OK I have been able to 'fix' this by adding the following
directive:
SSLProtocol SSLv2
Does this suggest a buggy SSL v3 implementation in openssl
on my platform? Odd that nobody else is experienci
OK I have been able to 'fix' this by adding the following directive:
SSLProtocol SSLv2
Does this suggest a buggy SSL v3 implementation in openssl on my platform? Odd that nobody else is experiencing it.
Michael
On 1/31/06, Michael Smith <[EMAIL PROTECTED]> wrote:
Hello thereI've previously s
16 01 00 for a DTLS handshake is the right code 16, Content type, and it is a handshake DTLS version is 01 00 Thanks, Prashant.Eduardo Pérez Ureta <[EMAIL PROTECTED]> wrote: Maybe you can try:http://www.aet.tu-cottbus.de/rt2/Ticket/Display.html?id=1245http://bugs.debian.org/cgi-bin/bu
Maybe you can try:
http://www.aet.tu-cottbus.de/rt2/Ticket/Display.html?id=1245
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=335703
This patch may fix the segmentation fault that I also confirm on
openssl-0.9.8a running on linux-2.6.14/686
Some developer should review that patch.
(I'll try it l
On 06/20/2003, Dr. Stephen Henson wrote:
> On Fri, Jun 20, 2003, Todd A. Oberly wrote:
[...]
>> OpenSSL's NSEQ tools are still primitive, and processing it with
>>
>> ./openssl nseq -in ~/deliver.exe
>>
>> still generates an error. :-( So I'm off to report a bug and perhaps
>> write a little to
On Fri, Jun 20, 2003, Todd A. Oberly wrote:
> On 06/19/2003, Todd A. Oberly wrote:
>
> > I wanted to try processing a binary PKCS12 file (ie.
> > split apart the 3 certificates inside) as downloaded from Thawte's
> > FreeMail service, but keep getting the same errors no matter what I try.
> > For
On 06/19/2003, Todd A. Oberly wrote:
> I wanted to try processing a binary PKCS12 file (ie.
> split apart the 3 certificates inside) as downloaded from Thawte's
> FreeMail service, but keep getting the same errors no matter what I try.
> For example
[...]
FYI, I finally figured it out myself. We
On Fri, Jun 21, 2002 at 03:02:46PM +0200, ?ernoevi? Michal wrote:
> I can't compile Apache 1.3.24 with openssl-beta2, mod_ssl and mod_perl, but there is
>no error with 0.96d version. Can anybody see some problems?
Update to mod_ssl-2.8.9, which is adapted for OpenSSL 0.9.7 use.
You will need it
Greetings I did not get this piece of line..
>This is entirely true. The only browser that can really be
>trusted is one into which new certificates can never be installed
>and which refuses to connect to a site if the certificate can't
>be verified.??
what does this mean ?? than h
At 09:16 04/06/02 -0600, you wrote:
>I have said this before in this group and I will repeat it. I see nothing that would
>stop a felon in prison from incorporating a company and getting a cert.
And she should be allowed to. The certificate will say that it was issued to that
company. The ce
I sort of agree with the sentiments expressed by Shalendra Chhabra. The value added
by M$ or verisign is questionable. I would rather I could pop over to my local bank
and get a cert. They know me and I trust them. I do not trust Verisign.
I have said this before in this group and I will re
On 4 Jun 2002, Shalendra Chhabra wrote:
> 1. I am able to generate Certificate and Private Key
> using command line options in Openssl.
> can someone tell me are they considered good? and if they are good
> why do we need Certificates from companies like
> Microsoft, Verisign???
Considere
Whether the certificates are "good" or not depends on your usage of them.
As far as securing your own communications, yes they are good(If properly
created with a decent key etc.). The Microsoft, Verisign, Thawte, etc...
certificates are for the general public's peace of mind. They are normally
See answers below.
I hope it helps.
Best Regards,
Sharon Hezy.
-->-Original Message-
-->From: Shalendra Chhabra [mailto:[EMAIL PROTECTED]]
-->Sent: Tue, June 04, 2002 3:01 PM
-->To: [EMAIL PROTECTED]
-->Subject: Errors
-->
-->
-->I need some help
-->
-->1. I am able to generate Certifica
Hi Mark
"Nazzaro, Mark (Mark)" wrote:
> We are getting the following error messages in our Apache error_log:
> [Wed Nov 21 08:43:40 2001] [error] mod_ssl: SSL handshake failed (server
> mylucent.web.lucent.com:443, client 135.103.93.70) (OpenSSL library error
> follows)
> [Wed Nov 21 08:43:40 20
On Tue, Oct 30, 2001 at 08:22:59PM -0500, DING,SCOTT (HP-PaloAlto,ex1) wrote:
> I tried to install Net_SSLeay as part of process to set perl-ldap up. When I
> compile the Net_SSLeay, I got the errors:
>
> ld: Invalid loader fixup in text space needed in output file for symbol
> "$0058" in inp
Title: Errors with CRL.
What CA generated the CRL? Are you sure it
is in PEM? Does it have the PEM armor (- BEGIN..., END)?
Ryan
-Original Message-
From: Eldi Espinosa (InfoSpace
Inc) [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 04, 2001
1:01 PM
To: '[EMAIL
Mark,
You wrote:
>I get this error message:
>
>make[1]: Entering directory `/export/home6/temp/openssl-0.9.6b/apps'
>rm -f openssl
>gcc -o openssl -DMONOLITH -I../include -fPIC -DTHREADS -D_REENTRANT
>-DDSO_DLFCN -DHAVE_DLFCN_H -mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN
>-DBN_DIV2W openssl.
Are
you login as root (in order to have write permission)?
-Original Message-From: Faine, Mark
[mailto:[EMAIL PROTECTED]]Sent: Wednesday, July 25, 2001
10:44 AMTo: '[EMAIL PROTECTED]'Subject: errors
building openssl 0.9.6b on Solaris 8
I get this error
message:
ma
At 11:16 AM 11/27/00 -0500, Antai wrote:
>Client side:
>11691:error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not
>seeded:md_rand.c:474:You need to read the OpenSSL FAQ,
>http://www.openssl.org/support/faq.html
...
> How to avoid the error?
The error message told you what you need
Louis LeBlanc wrote:
> Just in case anyone is interested, I have come across a problem with
> the SSL session caching. Under heavy load, my app would dump core,
> sometimes the core exceeded 300MB (though a good part of this was
> memory allocated for application functionality). The problem
> d
This post is just for the error tracking...
A am running (Apache/1.3.11 Ben-SSL/1.38) and the change from OpenSSL-0.9.4
to OpenSSL-0.9.5 was uneventful. I'm not sure if I needed to recompile
Apache or not in order to fully use the new OpenSSL package.
Cheers,
- Bennett
__
On Tue, Feb 29, 2000 at 01:08:39AM -0500, Peter Avalos wrote:
> After upgrading from OpenSSL 0.9.4 to 0.9.5, I get this error when trying to
> start apache:
> [error] mod_ssl: Init: Failed to generate temporary 512 bit RSA private key
>
> I can't find any information about this error.
>
> Here's
hari krishna <[EMAIL PROTECTED]>:
> I am trying to install on PC-SOLARIS ver2.7 with gcc
> ver 2.7.2.3 and perl ver 5.004_03.
>
> Any body knows what is it and the resolution.
See INSTALL, lines 122-124.
__
OpenSSL Project
Howard Uman <[EMAIL PROTECTED]>:
> When I issue my usual request to ./Configure the openssl-SNAP-19990802, I
> have been using "solaris-usparc-cc" as my compiler, but that option appears
> to be gone This worked as recently as the openssl-SNAP19990725 file.
> What to do?
Simply trying "./co
65 matches
Mail list logo
