Loading CHANGES +5 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,11 @@ Changes between 0.9.6d and 0.9.6e [XX xxx XXXX] *) Fix cipher selection routines: ciphers without encryption had no flags for the cipher strength set and where therefore not handled correctly by the selection routines (PR #130). [Lutz Jaenicke] *) Fix EVP_dsa_sha macro. [Nils Larsch] Loading Configure +1 −1 Original line number Diff line number Diff line Loading @@ -154,7 +154,7 @@ my %table=( "solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "solaris-sparcv8-gcc","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "solaris-sparcv9-gcc","gcc:-mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "solaris64-sparcv9-gcc31","gcc:-mcpu=ultrasparc -m64 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "solaris64-sparcv9-gcc31","gcc:-mcpu=ultrasparc -m64 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # gcc pre-2.8 doesn't understand -mcpu=ultrasparc, so fall down to -mv8 # but keep the assembler modules. "solaris-sparcv9-gcc27","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus-gcc27.o:::asm/md5-sparcv8plus-gcc27.o::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", Loading FAQ +41 −2 Original line number Diff line number Diff line Loading @@ -38,6 +38,7 @@ OpenSSL - Frequently Asked Questions * Why does the OpenSSL compilation fail on Alpha Tru64 Unix? * Why does the OpenSSL compilation fail with "ar: command not found"? * Why does the OpenSSL compilation fail on Win32 with VC++? * What is special about OpenSSL on Redhat? [PROG] Questions about programming with OpenSSL Loading Loading @@ -215,8 +216,11 @@ For Solaris 2.6, Tim Nibbe <tnibbe@sprint.net> and others have suggested installing the SUNski package from Sun patch 105710-01 (Sparc) which adds a /dev/random device and make sure it gets used, usually through $RANDFILE. There are probably similar patches for the other Solaris versions. However, be warned that /dev/random is usually a blocking device, which may have some effects on OpenSSL. versions. An official statement from Sun with respect to /dev/random support can be found at http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsrdb/27606&zone_32=SUNWski However, be warned that /dev/random is usually a blocking device, which may have some effects on OpenSSL. * Why do I get an "unable to write 'random state'" error message? Loading Loading @@ -451,6 +455,41 @@ under 'Program Files'). This needs to be done prior to running NMAKE, and the changes are only valid for the current DOS session. * What is special about OpenSSL on Redhat? Red Hat Linux 7.0 and following versions already have a limited version of openssl already installed. This may well apply to other Linux distributions also. This version does not have support for the IDEA, RC5 and MDC-2 algorithms as these are patented within the United States. For information these patent numbers and expiry dates are: MDC-2: 4,908,861 13/03/2007 IDEA: 5,214,703 25/05/2010 RC5: 5,724,428 03/03/2015 However, Europeans and other non-Americans may wish to install all the features. To do this you MUST ensure that you do not overwrite the openssl that is in /usr/bin on your Red Hat machine. Several packages depend on this file, including sendmail and ssh. /usr/local/bin is a good alternative choice. The libraries that come with Red Hat 7.0 onwards have different names and so are not affected. (eg For Red Hat 7.2 they are /lib/libssl.so.0.9.6b and /lib/libcrypto.so.0.9.6b with symlinks /lib/libssl.so.2 and /lib/libcrypto.so.2 respectively). Please note that we have been advised by Red Hat attempting to recompile the openssl rpm with all the cryptography enabled will not work. All other packages depend on the original Red Hat supplied openssl package. It is also worth noting that due to the way Red Hat supplies its packages, updates to openssl on each distribution never change the package version, only the build number. For example, on Red Hat 7.1, the latest openssl package has version number 0.9.6 and build number 9 even though it contains all the relevant updates in packages up to and including 0.9.6b. A possible way around this is to persuade Red Hat to produce a non-US version of Red Hat Linux. [PROG] ======================================================================== * Is OpenSSL thread-safe? Loading INSTALL +7 −3 Original line number Diff line number Diff line Loading @@ -131,8 +131,11 @@ the failure that aren't problems in OpenSSL itself (like missing standard headers). If it is a problem with OpenSSL itself, please report the problem to <openssl-bugs@openssl.org> (note that your message will be forwarded to a public mailing list). Include the output of "make report" in your message. message will be recorded in the request tracker publicly readable via http://www.openssl.org/rt2.html and will be forwarded to a public mailing list). Include the output of "make report" in your message. Please check out the request tracker. Maybe the bug was already reported or has already been fixed. [If you encounter assembler error messages, try the "no-asm" configuration option as an immediate fix.] Loading @@ -150,7 +153,8 @@ try removing any compiler optimization flags from the CFLAGS line in Makefile.ssl and run "make clean; make". Please send a bug report to <openssl-bugs@openssl.org>, including the output of "make report". "make report" in order to be added to the request tracker at http://www.openssl.org/rt2.html. 4. If everything tests ok, install OpenSSL with Loading INSTALL.W32 +12 −0 Original line number Diff line number Diff line Loading @@ -94,6 +94,18 @@ You can also build a static version of the library using the Makefile ms\nt.mak Borland C++ builder 5 --------------------- * Configure for building with Borland Builder: > perl Configure BC-32 * Create the appropriate makefile > ms\do_nasm * Build > make -f ms\bcb.mak Borland C++ builder 3 and 4 --------------------------- Loading Loading
CHANGES +5 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,11 @@ Changes between 0.9.6d and 0.9.6e [XX xxx XXXX] *) Fix cipher selection routines: ciphers without encryption had no flags for the cipher strength set and where therefore not handled correctly by the selection routines (PR #130). [Lutz Jaenicke] *) Fix EVP_dsa_sha macro. [Nils Larsch] Loading
Configure +1 −1 Original line number Diff line number Diff line Loading @@ -154,7 +154,7 @@ my %table=( "solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "solaris-sparcv8-gcc","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "solaris-sparcv9-gcc","gcc:-mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "solaris64-sparcv9-gcc31","gcc:-mcpu=ultrasparc -m64 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "solaris64-sparcv9-gcc31","gcc:-mcpu=ultrasparc -m64 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # gcc pre-2.8 doesn't understand -mcpu=ultrasparc, so fall down to -mv8 # but keep the assembler modules. "solaris-sparcv9-gcc27","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus-gcc27.o:::asm/md5-sparcv8plus-gcc27.o::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", Loading
FAQ +41 −2 Original line number Diff line number Diff line Loading @@ -38,6 +38,7 @@ OpenSSL - Frequently Asked Questions * Why does the OpenSSL compilation fail on Alpha Tru64 Unix? * Why does the OpenSSL compilation fail with "ar: command not found"? * Why does the OpenSSL compilation fail on Win32 with VC++? * What is special about OpenSSL on Redhat? [PROG] Questions about programming with OpenSSL Loading Loading @@ -215,8 +216,11 @@ For Solaris 2.6, Tim Nibbe <tnibbe@sprint.net> and others have suggested installing the SUNski package from Sun patch 105710-01 (Sparc) which adds a /dev/random device and make sure it gets used, usually through $RANDFILE. There are probably similar patches for the other Solaris versions. However, be warned that /dev/random is usually a blocking device, which may have some effects on OpenSSL. versions. An official statement from Sun with respect to /dev/random support can be found at http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsrdb/27606&zone_32=SUNWski However, be warned that /dev/random is usually a blocking device, which may have some effects on OpenSSL. * Why do I get an "unable to write 'random state'" error message? Loading Loading @@ -451,6 +455,41 @@ under 'Program Files'). This needs to be done prior to running NMAKE, and the changes are only valid for the current DOS session. * What is special about OpenSSL on Redhat? Red Hat Linux 7.0 and following versions already have a limited version of openssl already installed. This may well apply to other Linux distributions also. This version does not have support for the IDEA, RC5 and MDC-2 algorithms as these are patented within the United States. For information these patent numbers and expiry dates are: MDC-2: 4,908,861 13/03/2007 IDEA: 5,214,703 25/05/2010 RC5: 5,724,428 03/03/2015 However, Europeans and other non-Americans may wish to install all the features. To do this you MUST ensure that you do not overwrite the openssl that is in /usr/bin on your Red Hat machine. Several packages depend on this file, including sendmail and ssh. /usr/local/bin is a good alternative choice. The libraries that come with Red Hat 7.0 onwards have different names and so are not affected. (eg For Red Hat 7.2 they are /lib/libssl.so.0.9.6b and /lib/libcrypto.so.0.9.6b with symlinks /lib/libssl.so.2 and /lib/libcrypto.so.2 respectively). Please note that we have been advised by Red Hat attempting to recompile the openssl rpm with all the cryptography enabled will not work. All other packages depend on the original Red Hat supplied openssl package. It is also worth noting that due to the way Red Hat supplies its packages, updates to openssl on each distribution never change the package version, only the build number. For example, on Red Hat 7.1, the latest openssl package has version number 0.9.6 and build number 9 even though it contains all the relevant updates in packages up to and including 0.9.6b. A possible way around this is to persuade Red Hat to produce a non-US version of Red Hat Linux. [PROG] ======================================================================== * Is OpenSSL thread-safe? Loading
INSTALL +7 −3 Original line number Diff line number Diff line Loading @@ -131,8 +131,11 @@ the failure that aren't problems in OpenSSL itself (like missing standard headers). If it is a problem with OpenSSL itself, please report the problem to <openssl-bugs@openssl.org> (note that your message will be forwarded to a public mailing list). Include the output of "make report" in your message. message will be recorded in the request tracker publicly readable via http://www.openssl.org/rt2.html and will be forwarded to a public mailing list). Include the output of "make report" in your message. Please check out the request tracker. Maybe the bug was already reported or has already been fixed. [If you encounter assembler error messages, try the "no-asm" configuration option as an immediate fix.] Loading @@ -150,7 +153,8 @@ try removing any compiler optimization flags from the CFLAGS line in Makefile.ssl and run "make clean; make". Please send a bug report to <openssl-bugs@openssl.org>, including the output of "make report". "make report" in order to be added to the request tracker at http://www.openssl.org/rt2.html. 4. If everything tests ok, install OpenSSL with Loading
INSTALL.W32 +12 −0 Original line number Diff line number Diff line Loading @@ -94,6 +94,18 @@ You can also build a static version of the library using the Makefile ms\nt.mak Borland C++ builder 5 --------------------- * Configure for building with Borland Builder: > perl Configure BC-32 * Create the appropriate makefile > ms\do_nasm * Build > make -f ms\bcb.mak Borland C++ builder 3 and 4 --------------------------- Loading
