(Dirk Meyer) via RT | 1 Oct 07:51 2003
Picon

[openssl.org #704] PATCH some manpages don't install linsk as expected


opessl 0.9.7c RELEASE

while installing:

[...]
EVP_BytesToKey.3 => EVP_BytesToKey.3
[...]
EVP_MD_CTX_copy_ex EVP_MD_CTX_copy.3 => EVP_DigestInit.3
[...]
Modes of DES.7 => des_modes.7
[...]
UI_construct_prompt UI_add_user_data.3 => ui.3
[..]
/usr/local/man//man3/EVP_BytesToKey.3: Too many levels of symbolic links

afer patch:
EVP_MD_CTX_copy_ex.3 => EVP_DigestInit.3
EVP_MD_CTX_copy.3 => EVP_DigestInit.3
Modes_of_DES.7 => des_modes.7
UI_construct_prompt.3 => ui.3
UI_add_user_data.3 => ui.3

kind regards Dirk

- Dirk Meyer, Im Grund 4, 34317 Habichtswald, Germany
- [dirk.meyer <at> dinoex.sub.org],[dirk.meyer <at> guug.de],[dinoex <at> FreeBSD.org]

--- doc/crypto/EVP_BytesToKey.pod.orig	Mon Dec  3 04:07:37 2001
+++ doc/crypto/EVP_BytesToKey.pod	Tue Sep 30 18:55:24 2003
(Continue reading)

(Dirk Meyer) via RT | 1 Oct 07:52 2003
Picon

[openssl.org #705] PATCH FreeBSD osver.h


in __FreeBSD_version == 470101

when cryptodevices where added, this version was not bumped.

added: Tue Dec 17 18:15:06 2002 UTC
http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/opencrypto/cryptodev.h

Version bump 470101: 2002/11/10 15:58:37
http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/sys/param.h.diff?r1=1.61.2.33&r2=1.61.2.34&f=h

Use the next version bump instead 470102: 2003/01/23 21:06:48
http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/sys/param.h.diff?r1=1.61.2.34&r2=1.61.2.35&f=h

kind regards Dirk

- Dirk Meyer, Im Grund 4, 34317 Habichtswald, Germany
- [dirk.meyer <at> dinoex.sub.org],[dirk.meyer <at> guug.de],[dinoex <at> FreeBSD.org]

--- crypto/engine/hw_cryptodev.c.orig	Thu Jan 23 09:10:07 2003
+++ crypto/engine/hw_cryptodev.c	Mon Aug  4 05:39:28 2003
 <at>  <at>  -35,7 +35,7  <at>  <at> 

 #if (defined(__unix__) || defined(unix)) && !defined(USG)
 #include <sys/param.h>
-# if (OpenBSD >= 200112) || ((__FreeBSD_version >= 470101 && __FreeBSD_version < 500000) ||
__FreeBSD_version >= 500041)
+# if (OpenBSD >= 200112) || ((__FreeBSD_version > 470101 && __FreeBSD_version < 500000) ||
__FreeBSD_version >= 500041)
 # define HAVE_CRYPTODEV
(Continue reading)

(Dirk Meyer) via RT | 1 Oct 07:52 2003
Picon

[openssl.org #706] PATCH suuport FreeBSD amd64


Here is a patch to support amd64 on FreeBSD

kind regards Dirk

- Dirk Meyer, Im Grund 4, 34317 Habichtswald, Germany
- [dirk.meyer <at> dinoex.sub.org],[dirk.meyer <at> guug.de],[dinoex <at> FreeBSD.org]

--- config.orig	Thu Mar 20 12:44:31 2003
+++ config	Sun Jul  6 04:39:01 2003
 <at>  <at>  -642,6 +642,7  <at>  <at> 
   alpha*-*-freebsd*) OUT="FreeBSD-alpha" ;;
   sparc64-*-freebsd*) OUT="FreeBSD-sparc64" ;;
   ia64-*-freebsd*) OUT="FreeBSD-ia64" ;;
+  amd64-*-freebsd*) OUT="FreeBSD-amd64" ;;
   *-freebsd[3-9]*) OUT="FreeBSD-elf" ;;
   *-freebsd[1-2]*) OUT="FreeBSD" ;;
   *86*-*-netbsd) OUT="NetBSD-x86" ;;
--- Configure.orig	Sun Sep 28 16:07:01 2003
+++ Configure	Tue Sep 30 19:52:42 2003
 <at>  <at>  -398,6 +398,7  <at>  <at> 
 "FreeBSD-elf",  "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::-pthread
-D_REENTRANT -D_THREAD_SAFE -D_THREADSAFE:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "FreeBSD-sparc64","gcc:-DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer::-pthread -D_REENTRANT
-D_THREAD_SAFE -D_THREADSAFE:::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2 BF_PTR::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "FreeBSD-ia64","gcc:-DL_ENDIAN -DTERMIOS -O
-fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64-cpp.o:::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"FreeBSD-amd64","gcc:-DL_ENDIAN -DTERMIOS -O
-fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "FreeBSD",      "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):::BN_LLONG
(Continue reading)

Neil W Rickert via RT | 1 Oct 07:53 2003
Picon

[openssl.org #707] Documentation bug (man page creation) in openssl-0.9.7c


I skipped the "make report", since this is only a documentation
problem.

The system is solaris 8.  I built openssl using the Sun compiler.

Problem 1:

 The following three man pages (actually links) were created.
 However, they appear to be bogus (with a space in the names):

Modes of DES.7
EVP_MD_CTX_copy_ex EVP_MD_CTX_copy.3
UI_construct_prompt UI_add_user_data.3

Problem 2:

 One of the man pages is an infinitely recursive symlink.

lrwxrwxrwx   1 support  staff         16 Sep 30 18:08 EVP_BytesToKey.3 -> EVP_BytesToKey.3

 -NWR

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev <at> openssl.org
Automated List Manager                           majordomo <at> openssl.org

Jerry Asher via RT | 1 Oct 07:53 2003
Picon

[openssl.org #708] request: wish the website made the terms of the license more clear


I am part of a project that will be using openssl and I can't find the
license anywhere.

It would be great if site and faq could make plain:

A)  The exact license
B)  How you folks would prefer redistributions take place
    a)  do we need to ship source
    b)  can we just include a url to openssl

Thanks,

Jerry Asher

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev <at> openssl.org
Automated List Manager                           majordomo <at> openssl.org

Picon

[openssl.org #709] OpenSSL-0.9.7c on Solaris


I've tried to create a package for OpenSSL-0.9.7c on Solaris (8 and 9) and have seen a potential problem with
the man page creation.  It seems that in the man3 section the files EVP_MD_CTX_copy and
EVP_MD_CTX_copy_ex are created as one file called "EVP_MD_CTX_copy EVP_MD_CTX_copy_ex.3".  I looked
into the file and noticed that line 136 reads as follows:
"EVP_MD_CTX_copy_ex EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type,"

Shouldn't there be a comma between EVP_MD_CTX_copy_ex and EVP_MD_CTX_copy?  Is this a Solaris related
problem or a typo in the pod files?

Thanks,

Jason Czech
SCSU

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev <at> openssl.org
Automated List Manager                           majordomo <at> openssl.org

openssl | 1 Oct 14:23 2003
Picon

Slow heap walking in rand_win.c

I know this has been brought up a few times on this list - but since I
consider it a severe problem and I haven't found an acceptable solution
anywhere, I bring it up again.

Random  number generation in "crypto/rand/rand_win.c" can be extremely
slow!
In our application (connecting to a SSL web service), it takes up to 30
(THIRTY) seconds to initialize the random number. (On a 2.4 GHz Pentium
4)

The reason is the "heap walking" algorithm (the "Heap32Next" procedure
in the "Toolhelp32 snapshot" section). What makes the problem harder is
that it only occurs if the calling process' heap is large, i.e. you
don't notice the problem with a small test program.

I know little about SSL and very little about random number generation,
so I can't provide a patch. I just lowered the number of heap entries 
to
2, i.e. changed

int entrycnt = 80;

in the RAND_poll() procedure in rand_win.c to

int entrycnt = 2;

which made it fast enough for me - but if it's secure enough in the
general case, I can't say.

I know the problem only affects the windows implementation,
(Continue reading)

Koblinger Egmont via RT | 1 Oct 14:46 2003
Picon

[openssl.org #710] chmod 644 /usr/lib/pkgconfig


Hi,

Makefiles of 0.9.7c have a new line:

chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig

I believe you wanted to write

chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig/openssl.pc

This way it chmod's a directory shared by many libraries, so that it
becomes unreadable by non-root users, causing failure to compile many
applications, even ones which have nothing to do with ssl.

--

-- 
Egmont

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev <at> openssl.org
Automated List Manager                           majordomo <at> openssl.org

Lutz Jaenicke via RT | 1 Oct 16:11 2003
Picon

[openssl.org #710] chmod 644 /usr/lib/pkgconfig


[egmont <at> uhulinux.hu - Wed Oct  1 14:46:51 2003]:

> Hi,
> 
> Makefiles of 0.9.7c have a new line:
> 
> chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig
> 
> I believe you wanted to write
> 
> chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig/openssl.pc

Thanks. An appropriate fix has already been checked in.

Best regards,
     Lutz

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev <at> openssl.org
Automated List Manager                           majordomo <at> openssl.org

Ryan A. Krenzischek via RT | 1 Oct 16:20 2003
Picon

[openssl.org #711] More Mangled Entries...


All,

After sending my original email, pkgmk picked up some more problems.  Here
they are:

"/var/tmp/ossl/usr/local/ssl/man/man3/EVP_MD_CTX_copy_ex EVP_MD_CTX_copy.3"

Should be linked to:

EVP_MD_CTX_copy_ex.3 -> EVP_DigestInit.3
 EVP_MD_CTX_copy.3 -> EVP_DigestInit.3

# ls -l  usr/local/ssl/man/man3/UI_construct_prompt*
lrwxrwxrwx   1 root     other          4 Oct  1 09:25
usr/local/ssl/man/man3/UI_construct_prompt UI_add_user_data.3 -> ui.3

...Should be linked to:

UI_construct_prompt.3 -> ui.3
UI_add_user_data.3 -> ui.3

# ls -l usr/local/ssl/man/man7/Modes*
lrwxrwxrwx   1 root     other         11 Oct  1 09:25
usr/local/ssl/man/man7/Modes of DES.7 -> des_modes.7

...Should be linked to:

Modes.7 -> des_modes.7

(Continue reading)


Gmane