OpenSSL 1.0.0 beta 1 released

classic Classic list List threaded Threaded
21 messages Options
12
Reply | Threaded
Open this post in threaded view
|

OpenSSL 1.0.0 beta 1 released

OpenSSL-4
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


  OpenSSL version 1.0.0 Beta 1
  ============================

  OpenSSL - The Open Source toolkit for SSL/TLS
  http://www.openssl.org/

  OpenSSL is currently in a release cycle.  The first beta is now released.
  The beta release is available for download via HTTP and FTP from the
  following master locations (the various FTP mirrors you can find under
  http://www.openssl.org/source/mirror.html):

    o http://www.openssl.org/source/
    o ftp://ftp.openssl.org/source/

  The file names of the beta are:

    o openssl-1.0.0-beta1.tar.gz
      MD5 checksum: 49f265d9dd8dc011788b34768f63313e
      SHA1 checksum: 89b4490b6091b496042b5fe9a2c8a9015326e446

  The checksums were calculated using the following command:

    openssl md5 < openssl-1.0.0-beta1.tar.gz
    openssl sha1 < openssl-1.0.0-beta1.tar.gz

  Please download and test them as soon as possible. This new OpenSSL
  version incorporates 107 documented changes and bugfixes to the
  toolkit (for a complete list see http://www.openssl.org/source/exp/CHANGES).

  Reports and patches should be sent to [hidden email].
  Discussions around the development of OpenSSL should be sent to
  [hidden email].  Anything else should go to
  [hidden email].

  The best way, at least on Unix, to create a report is to do the
  following after configuration:

      make report

  That will do a few basic checks of the compiler and bc, then build
  and run the tests.  The result will appear on screen and in the file
  "testlog".  Please read the report before sending it to us.  There
  may be problems that we can't solve for you, like missing programs.

  Oh and to those who have noticed the date... the joke is that it
  isn't a joke.

  Yours,
  The OpenSSL Project Team...  

    Mark J. Cox             Ben Laurie          Andy Polyakov
    Ralf S. Engelschall     Richard Levitte     Geoff Thorpe
    Dr. Stephen Henson      Bodo Möller Ulf Möller
    Lutz Jänicke            Nils Larsch
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iQEVAwUBSdNEV6LSm3vylcdZAQIc4gf+Ki9AQzfwES4Up5QRKJCONzIvgIzHpajQ
laGz0L6QQXcMrSrLxubSMfYnnXqX/BfY67C28dLaefEK9xygZMxvbS5d56hm3+3m
SWLWXqHsCrxp4LWm3Kr7senmhBl06LCTYX1AC2VP0ph/UfouQPu15UkuMCt6eDV7
SEUkYDk6TA8Wr7C0nMHnTOQdqx6r/N7OnPEaCCWkMzsMC5KxTkCP9/SGrDam29dt
xV6P5+AntSgNbr9tXYAiQHgMvut9o1O8pTaGdlv2TJ/Ua2ynvmd8hsaO7Ptl3Tpt
Bkaghk+rV3qZgLzWAiHjeebEWyXTSGvMPKM6r5mi8vrqjfbSF4zUKA==
=qESg
-----END PGP SIGNATURE-----
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 1.0.0 beta 1 released

Thomas J. Hruska
OpenSSL wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
>   OpenSSL version 1.0.0 Beta 1
>   ============================
>
>   OpenSSL - The Open Source toolkit for SSL/TLS
>   http://www.openssl.org/
>
>   OpenSSL is currently in a release cycle.  The first beta is now released.
>   The beta release is available for download via HTTP and FTP from the
>   following master locations (the various FTP mirrors you can find under
>   http://www.openssl.org/source/mirror.html):
>
>   Oh and to those who have noticed the date... the joke is that it
>   isn't a joke.
>
>   Yours,
>   The OpenSSL Project Team...  

The problem is that I was under the distinct impression 0.9.9 was the
next release and 1.0.0 was a pipe dream a few years down the road (at
least).  Given these conditions, no one is going to believe you just
because it IS April 1st.  Awfully legitimate looking though.  You really
should have waited a whole 24 hours for this announcement, assuming it
is legit.  If this is legit, you're going to have to re-announce it
tomorrow (and change the release date on the website).  Releasing and
announcing real software on April Fool's is a no-no in any marketing book.

Releasing fake software would definitely take April Fool's Day jokes to
a whole new level.

--
Thomas Hruska
Shining Light Productions

Home of BMP2AVI, Nuclear Vision, ProtoNova, and Win32 OpenSSL.
http://www.slproweb.com/


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 1.0.0 beta 1 released

Kyle Hamilton
I will simply remind you of the following piece of the (signed) announcement:

> Oh and to those who have noticed the date... the joke is that it
>  isn't a joke.

-Kyle H
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 1.0.0 beta 1 released

Thomas J. Hruska
Kyle Hamilton wrote:
> I will simply remind you of the following piece of the (signed) announcement:
>
>> Oh and to those who have noticed the date... the joke is that it
>>  isn't a joke.
>
> -Kyle H

Doesn't matter if it is signed (I noticed that, BTW).  April 1st is all
about looking as legit as possible and pulling "the big one".  The team
will still have to re-announce tomorrow.  Releasing legitimate news of a
product on April 1 (or any holiday for that matter) is a
marketing/advertising snafu of gigantic proportions.  The entire week
that follows a legit April 1 announcement is wasted cleaning up the mess
created in its wake.  Waiting 24 hours to make such a big release and
announcement probably wouldn't kill the team.  I wouldn't believe a
0.9.9 release today either, but it would have been less of a stretch of
the imagination.

--
Thomas Hruska
Shining Light Productions

Home of BMP2AVI, Nuclear Vision, ProtoNova, and Win32 OpenSSL.
http://www.slproweb.com/


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 1.0.0 beta 1 released

Kenneth Goldman
In reply to this post by Kyle Hamilton

Assuming it's not a joke, what's the meaning of a 1.0 as opposed to
0.9.something.

My hope is that you'll say the API is frozen and that there's a commitment
not to break backward compatibility in future releases.

--
Ken Goldman [hidden email]
914-784-7646 (863-7646)

Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 1.0.0 beta 1 released

Geoff Thorpe
In reply to this post by Thomas J. Hruska
On Wednesday 01 April 2009 09:05:05 Thomas J. Hruska wrote:
> The problem is that I was under the distinct impression 0.9.9 was the
> next release and 1.0.0 was a pipe dream a few years down the road (at
> least).

The choice of a 1.0 release is to clearly mark the fact that openssl is
shifting to a common base platform, namely Java. Platform independence
is going to make future development much easier, but represents a
significant enough change to warrant the new major version. This
decision has been driven by increasing demands to support as-yet
unsupported platforms; primarily Amiga, Z80, Casiotone, and Windows.

Regards,
Geoff

--
Un terrien, c'est un singe avec des clefs de char...
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: OpenSSL 1.0.0 beta 1 released

Rene Hollan-2
This is an April Fools' joke, right?


-----Original Message-----
From: [hidden email] on behalf of Geoff Thorpe
Sent: Wed 4/1/2009 12:11 PM
To: [hidden email]
Subject: Re: OpenSSL 1.0.0 beta 1 released
 
On Wednesday 01 April 2009 09:05:05 Thomas J. Hruska wrote:
> The problem is that I was under the distinct impression 0.9.9 was the
> next release and 1.0.0 was a pipe dream a few years down the road (at
> least).

The choice of a 1.0 release is to clearly mark the fact that openssl is
shifting to a common base platform, namely Java. Platform independence
is going to make future development much easier, but represents a
significant enough change to warrant the new major version. This
decision has been driven by increasing demands to support as-yet
unsupported platforms; primarily Amiga, Z80, Casiotone, and Windows.

Regards,
Geoff

--
Un terrien, c'est un singe avec des clefs de char...
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]


winmail.dat (4K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 1.0.0 beta 1 released

Dr. Stephen Henson
In reply to this post by Kenneth Goldman
On Wed, Apr 01, 2009, Kenneth Goldman wrote:

> Assuming it's not a joke, what's the meaning of a 1.0 as opposed to
> 0.9.something.
>
> My hope is that you'll say the API is frozen and that there's a commitment
> not to break backward compatibility in future releases.
>

Here's an outline of the reasons...

A problem which has always been apparent with the current OpenSSL version
scheme is that there are three needs...

1. Bug fixes (including security issues).
2. New features which retain binary compatibility.
3. Major development and revision which may not retain binary compatibility
   and may obsolete old or broken APIs.

We only had two numbers to play with and bug fixes and new features were both
tied into the letter revisions (0.9.8j->0.9.8k) and so on.

Major development was performed by changing the last number i.e.
0.9.8->0.9.9.

The reason why there is a need to have new features independent of major
development is mainly based on timescale. Type #3 releases only happen every
few years largely because making big API changes regularly is not an option.
So if there is a need for a new feature it can be added in a type #2 release:
many people don't want to wait years before some much needed feature is added.
For example TLS extensions and CMS support recently.

[On a more practical note many of my clients want new features added quickly
if possible and that pays the bills]

It was decided that we should no longer combine feature and bugfix releases
and to do that we revised the versioning scheme. The 0.9.x was a legacy from
the SSLeay days so we wanted a clean break and went for 1.0.0 in what would've
been 0.9.9. OpenSSL is more than mature enough to have a 1.0 version number
anyway.

Under this scheme....

1. Bug fix releases will change the letter.
   E.g. 1.0.0 -> 1.0.0a

2. Feature releases will change the last (minor) number.
   E.g. 1.0.0 -> 1.0.1

3. Major development will change the second (major) number.
   E.g. 1.0.0 -> 1.1.0

So effectively we are freezing the API and not (knowingly) making any changes
which will break applications until the 1.1.0 release which on past experience
will be some years away.

We can't freeze the API indefintely because it would effectively halt major
development. Some parts of the API are just too inflexible to support what we
may want to do in future.

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 1.0.0 beta 1 released

Steffen DETTMER
* Dr. Stephen Henson wrote on Thu, Apr 02, 2009 at 13:01 +0200:
 [...]

> Under this scheme....
>
> 1. Bug fix releases will change the letter.
>    E.g. 1.0.0 -> 1.0.0a
>
> 2. Feature releases will change the last (minor) number.
>    E.g. 1.0.0 -> 1.0.1
>
> 3. Major development will change the second (major) number.
>    E.g. 1.0.0 -> 1.1.0

Is the new scheme really
  1.[major].[minor][letter]
this would be different to the probably common [major].[minor].[...]
scheme (which does not need confusing letters at all :)).
BTW, I think after 0.9.9 the natural successor could be 0.9.10 or 0.10.0.

oki,

Steffen



End of message.
------------------------------------------------------------------->8=======














































 
About Ingenico: Ingenico is the world’s leading provider of payment solutions, with over 15 million terminals deployed across the globe. Delivering the very latest secure electronic payment technologies, transaction management and the widest range of value added services, Ingenico is shaping the future direction of the payment solutions market. Leveraging on its global presence and local expertise, Ingenico is reinforcing its leadership by taking banks and businesses beyond payment through offering comprehensive solutions, a true source of differentiation and new revenues streams.
 This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation.
 P Please consider the environment before printing this e-mail
 
 
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 1.0.0 beta 1 released

Michael Haubenwallner
In reply to this post by Dr. Stephen Henson
On Thu, 2009-04-02 at 13:01 +0200, Dr. Stephen Henson wrote:
<snip>

> Under this scheme....
>
> 1. Bug fix releases will change the letter.
>    E.g. 1.0.0 -> 1.0.0a
>
> 2. Feature releases will change the last (minor) number.
>    E.g. 1.0.0 -> 1.0.1
>
> 3. Major development will change the second (major) number.
>    E.g. 1.0.0 -> 1.1.0

<random thoughts>
How do you call the first number then, or what must happen to change it?

Compared to other packages, an usual versioning scheme is:
"packagename-major.minor.micro":
  changing micro for bugfixes.
  changing minor for added features.
  changing major for major development.
So far it's identical to what you do, except that they omit what you
have as first number. And they do 'micro' versioning with numbers too.
When using letters, how would you call the 27th bugfix release?

Even if I can live with, I just don't really like the letter. If you
need to have 'major' as the _second_ number, then I prefer having
'micro' as the fourth number.
</random thoughts>

Just my 0.02, don't want to force anything...

/haubi/

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 1.0.0 beta 1 released

Michael S. Zick-4
In reply to this post by Geoff Thorpe
On Wed April 1 2009, Geoff Thorpe wrote:

> On Wednesday 01 April 2009 09:05:05 Thomas J. Hruska wrote:
> > The problem is that I was under the distinct impression 0.9.9 was the
> > next release and 1.0.0 was a pipe dream a few years down the road (at
> > least).
>
> The choice of a 1.0 release is to clearly mark the fact that openssl is
> shifting to a common base platform, namely Java. Platform independence
> is going to make future development much easier, but represents a
> significant enough change to warrant the new major version. This
> decision has been driven by increasing demands to support as-yet
> unsupported platforms; primarily Amiga, Z80, Casiotone, and Windows.
>

I realize that progress in the security field is slow - but will this
new release support rfc1149?
http://tools.ietf.org/html/rfc1149

That was published back in '90 - it should be well vetted by now.

Mike
> Regards,
> Geoff
>


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 1.0.0 beta 1 released

Yves Rutschle-4
On Thu, Apr 02, 2009 at 08:01:48AM -0500, Michael S. Zick wrote:
> I realize that progress in the security field is slow - but will this
> new release support rfc1149?
> http://tools.ietf.org/html/rfc1149

That's a hardware layer, below IP. SSL is well above that,
over TCP. If your operating system supports rfc1149, you
should be able to use OpenSSL on it transparently (there is
a patch for Linux here: http://www.blug.linux.no/rfc1149/).
 
> That was published back in '90 - it should be well vetted by now.

Vetted? Does that consist in vaccination of the transport
layer against the flu?

Y.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 1.0.0 beta 1 released

Michael S. Zick-4
On Thu April 2 2009, Yves Rutschle wrote:

> On Thu, Apr 02, 2009 at 08:01:48AM -0500, Michael S. Zick wrote:
> > I realize that progress in the security field is slow - but will this
> > new release support rfc1149?
> > http://tools.ietf.org/html/rfc1149
>
> That's a hardware layer, below IP. SSL is well above that,
> over TCP. If your operating system supports rfc1149, you
> should be able to use OpenSSL on it transparently (there is
> a patch for Linux here: http://www.blug.linux.no/rfc1149/).
>

Thanks for the link - I missed that one.
 
> > That was published back in '90 - it should be well vetted by now.
>
> Vetted? Does that consist in vaccination of the transport
> layer against the flu?
>
(???)
I only noticed that myself after making the post.
I am afraid you got me on that question.

I was wondering if they have been able to clean up the audit trail.
Maybe a special wrapper for the transport layer?

Mike
> Y.
>
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    [hidden email]
> Automated List Manager                           [hidden email]
>
>


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 1.0.0 beta 1 released

Victor Duchovni
In reply to this post by Dr. Stephen Henson
On Thu, Apr 02, 2009 at 01:01:00PM +0200, Dr. Stephen Henson wrote:

> It was decided that we should no longer combine feature and bugfix releases
> and to do that we revised the versioning scheme. The 0.9.x was a legacy from
> the SSLeay days so we wanted a clean break and went for 1.0.0 in what would've
> been 0.9.9. OpenSSL is more than mature enough to have a 1.0 version number
> anyway.

This is marvelous news! Thanks. I was just thinking about a follow-up
post to the announcement, requesting separation of feature and bug-fix
releases with 1.0.0 as a golden opportunity to do this, and I very
pleased to see that you beat me to the punch.

> Under this scheme....
>
> 1. Bug fix releases will change the letter.
>    E.g. 1.0.0 -> 1.0.0a
>
> 2. Feature releases will change the last (minor) number.
>    E.g. 1.0.0 -> 1.0.1
>
> 3. Major development will change the second (major) number.
>    E.g. 1.0.0 -> 1.1.0
>
> So effectively we are freezing the API and not (knowingly) making any changes
> which will break applications until the 1.1.0 release which on past experience
> will be some years away.

There are of course other numbering conventions, but this is unimportant,
provided a consistent choice is made and adhered to. The proposal above
is closer in spirit to previous OpenSSL releases, so I can see the logic
of it, especially because of the internal API version bitmasks used by
applications. Congratulations, this is a major step forward.

--
        Viktor.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 1.0.0 beta 1 released

Michael S. Zick-4
On Thu April 2 2009, Victor Duchovni wrote:

> On Thu, Apr 02, 2009 at 01:01:00PM +0200, Dr. Stephen Henson wrote:
>
> > It was decided that we should no longer combine feature and bugfix releases
> > and to do that we revised the versioning scheme. The 0.9.x was a legacy from
> > the SSLeay days so we wanted a clean break and went for 1.0.0 in what would've
> > been 0.9.9. OpenSSL is more than mature enough to have a 1.0 version number
> > anyway.
>
> This is marvelous news! Thanks. I was just thinking about a follow-up
> post to the announcement, requesting separation of feature and bug-fix
> releases with 1.0.0 as a golden opportunity to do this, and I very
> pleased to see that you beat me to the punch.
>
> > Under this scheme....
> >
> > 1. Bug fix releases will change the letter.
> >    E.g. 1.0.0 -> 1.0.0a
> >
> > 2. Feature releases will change the last (minor) number.
> >    E.g. 1.0.0 -> 1.0.1
> >
> > 3. Major development will change the second (major) number.
> >    E.g. 1.0.0 -> 1.1.0

isn't that:
  3. API breakers: 1.0.0 -> 1.1.0
  4. Major development: 1.0.0 -> 2.0.0

That way you can make forward progress past the API breakage when
working towards "Major development" (whatever that is).

It also assigns a significance to the leading number rather than
it just being eye-candy.

Mike

> >
> > So effectively we are freezing the API and not (knowingly) making any changes
> > which will break applications until the 1.1.0 release which on past experience
> > will be some years away.
>
> There are of course other numbering conventions, but this is unimportant,
> provided a consistent choice is made and adhered to. The proposal above
> is closer in spirit to previous OpenSSL releases, so I can see the logic
> of it, especially because of the internal API version bitmasks used by
> applications. Congratulations, this is a major step forward.
>


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 1.0.0 beta 1 released

Geoff Thorpe
In reply to this post by Rene Hollan-2
On Wednesday 01 April 2009 16:34:35 Rene Hollan wrote:
> This is an April Fools' joke, right?

It's April 2, so I can reply now.

Z80. Java. Casiotone. Doesn't the question sort of answer itself?

Cheers,
Geoff

> -----Original Message-----
> From: [hidden email] on behalf of Geoff Thorpe
> Sent: Wed 4/1/2009 12:11 PM
> To: [hidden email]
> Subject: Re: OpenSSL 1.0.0 beta 1 released
>
> On Wednesday 01 April 2009 09:05:05 Thomas J. Hruska wrote:
> > The problem is that I was under the distinct impression 0.9.9 was
> > the next release and 1.0.0 was a pipe dream a few years down the
> > road (at least).
>
> The choice of a 1.0 release is to clearly mark the fact that openssl
> is shifting to a common base platform, namely Java. Platform
> independence is going to make future development much easier, but
> represents a significant enough change to warrant the new major
> version. This decision has been driven by increasing demands to
> support as-yet unsupported platforms; primarily Amiga, Z80, Casiotone,
> and Windows.
>
> Regards,
> Geoff

--
Un terrien, c'est un singe avec des clefs de char...
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 1.0.0 beta 1 released

Dr. Stephen Henson
On Thu, Apr 02, 2009, Geoff Thorpe wrote:

> On Wednesday 01 April 2009 16:34:35 Rene Hollan wrote:
> > This is an April Fools' joke, right?
>
> It's April 2, so I can reply now.
>
> Z80. Java. Casiotone. Doesn't the question sort of answer itself?
>

Personally I think mentioning Windows gave it away...

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 1.0.0 beta 1 released

Geoff Thorpe
On Thursday 02 April 2009 11:24:56 Dr. Stephen Henson wrote:
> On Thu, Apr 02, 2009, Geoff Thorpe wrote:
> > On Wednesday 01 April 2009 16:34:35 Rene Hollan wrote:
> > > This is an April Fools' joke, right?
> >
> > It's April 2, so I can reply now.
> >
> > Z80. Java. Casiotone. Doesn't the question sort of answer itself?
>
> Personally I think mentioning Windows gave it away...

Exactly. I mean porting to Z80 is far-fetched, but porting to Windows?!?!
I mean, OpenSSL is about *security* - porting it to windows is like
fetching a saddle after the horse has bolted...

Cheers,
Geoff

PS: :-), I was responding to a post by someone involved in "win32
openssl", so there was no shortage of clues...

--
Un terrien, c'est un singe avec des clefs de char...
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 1.0.0 beta 1 released

Mark H. Wood
In reply to this post by Michael S. Zick-4
That's a Layer 1/2 issue.  Perhaps you mean RFC 3514?

--
Mark H. Wood, Lead System Programmer   [hidden email]
Friends don't let friends publish revisable-form documents.

attachment0 (205 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 1.0.0 beta 1 released - build fail on Solaris 2.5.1

Ted Mittelstaedt
In reply to this post by OpenSSL-4
This is from /openssl-SNAP-20090405 on Solaris x86 ver 2.5.1 using
gcc 2.95.3:

gcc -I.. -I../.. -I../asn1 -I../evp -I../../include -fPIC -DOPENSSL_PIC
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -O3
-fomit-frame-pointer -march=pentium -Wall -DL_ENDIAN
-DOPENSSL_NO_INLINE_ASM -DOPENSSL_BN_ASM_PART_WORDS
-DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM
-DRMD160_ASM -DAES_ASM -DWHIRLPOOL_ASM
-R/usr/local/lib:/usr/local/ssl/lib -c -o wp-mmx.o wp-mmx.s
Assembler: wp-mmx.s
         aline 29        : Illegal mnemonic
         aline 29        : syntax error
         aline 29        : Illegal register
         aline 30        : Illegal mnemonic
         aline 30        : syntax error
         aline 30        : Illegal register
         aline 31        : Illegal mnemonic
         aline 31        : syntax error
         aline 31        : Illegal register
         aline 32        : Illegal mnemonic
         aline 32        : syntax error
         aline 32        : Illegal register
         aline 33        : Illegal mnemonic
         aline 33        : syntax error
         aline 33        : Illegal register
         aline 34        : Illegal mnemonic
         aline 34        : syntax error
         aline 34        : Illegal register
         aline 35        : Illegal mnemonic
         aline 35        : syntax error
         aline 35        : Illegal register
         aline 36        : Illegal mnemonic
         aline 36        : syntax error
         aline 36        : Illegal register
         aline 38        : Illegal mnemonic
         aline 38        : syntax error
         aline 38        : Illegal register
         aline 39        : Illegal mnemonic
         aline 39        : syntax error
         aline 39        : Illegal register
         aline 40        : Illegal mnemonic
Too many errors - Goodbye
*** Error code 1
make: Fatal error: Command failed for target `wp-mmx.o'
Current working directory
/usr/home/tedm/openssl-SNAP-20090405/crypto/whrlpool
*** Error code 1
make: Fatal error: Command failed for target `subdirs'
Current working directory /usr/home/tedm/openssl-SNAP-20090405/crypto
*** Error code 1
make: Fatal error: Command failed for target `build_crypto'


I then tried it with the "no-asm" parameter to config and it got further
but blew up here:

gcc -I.. -I../.. -I../asn1 -I../evp -I../../include -fPIC -DOPENSSL_PIC
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -O3
-fomit-frame-pointer -march=pentium -Wall -DL_ENDIAN
-DOPENSSL_NO_INLINE_ASM -R/usr/local/lib:/usr/local/ssl/lib  -c  camellia.c
Assembler: camellia.c
         aline 1067      : Illegal mnemonic
         aline 1067      : syntax error
         aline 1073      : Illegal mnemonic
         aline 1073      : syntax error
         aline 1079      : Illegal mnemonic
         aline 1079      : syntax error
         aline 1085      : Illegal mnemonic
         aline 1085      : syntax error
         aline 1092      : Illegal mnemonic
         aline 1092      : syntax error
         aline 1098      : Illegal mnemonic
         aline 1098      : syntax error
         aline 1117      : Illegal mnemonic
         aline 1117      : syntax error
         aline 1124      : Illegal mnemonic
         aline 1124      : syntax error
         aline 2155      : Illegal mnemonic
         aline 2155      : syntax error
         aline 2162      : Illegal mnemonic
         aline 2162      : syntax error
         aline 2169      : Illegal mnemonic
         aline 2169      : syntax error
         aline 2176      : Illegal mnemonic
         aline 2176      : syntax error
         aline 2518      : Illegal mnemonic
         aline 2518      : syntax error
         aline 2525      : Illegal mnemonic
         aline 2525      : syntax error
         aline 2530      : Illegal mnemonic
         aline 2530      : syntax error
         aline 2535      : Illegal mnemonic
Too many errors - Goodbye
*** Error code 1
make: Fatal error: Command failed for target `camellia.o'
Current working directory
/usr/home/tedm/openssl-SNAP-20090405/crypto/camellia
*** Error code 1
make: Fatal error: Command failed for target `subdirs'
Current working directory /usr/home/tedm/openssl-SNAP-20090405/crypto
*** Error code 1
make: Fatal error: Command failed for target `build_crypto'
#

Ted


OpenSSL wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
>   OpenSSL version 1.0.0 Beta 1
>   ============================
>
>   OpenSSL - The Open Source toolkit for SSL/TLS
>   http://www.openssl.org/
>
>   OpenSSL is currently in a release cycle.  The first beta is now released.
>   The beta release is available for download via HTTP and FTP from the
>   following master locations (the various FTP mirrors you can find under
>   http://www.openssl.org/source/mirror.html):
>
>     o http://www.openssl.org/source/
>     o ftp://ftp.openssl.org/source/
>
>   The file names of the beta are:
>
>     o openssl-1.0.0-beta1.tar.gz
>       MD5 checksum: 49f265d9dd8dc011788b34768f63313e
>       SHA1 checksum: 89b4490b6091b496042b5fe9a2c8a9015326e446
>
>   The checksums were calculated using the following command:
>
>     openssl md5 < openssl-1.0.0-beta1.tar.gz
>     openssl sha1 < openssl-1.0.0-beta1.tar.gz
>
>   Please download and test them as soon as possible. This new OpenSSL
>   version incorporates 107 documented changes and bugfixes to the
>   toolkit (for a complete list see http://www.openssl.org/source/exp/CHANGES).
>
>   Reports and patches should be sent to [hidden email].
>   Discussions around the development of OpenSSL should be sent to
>   [hidden email].  Anything else should go to
>   [hidden email].
>
>   The best way, at least on Unix, to create a report is to do the
>   following after configuration:
>
>       make report
>
>   That will do a few basic checks of the compiler and bc, then build
>   and run the tests.  The result will appear on screen and in the file
>   "testlog".  Please read the report before sending it to us.  There
>   may be problems that we can't solve for you, like missing programs.
>
>   Oh and to those who have noticed the date... the joke is that it
>   isn't a joke.
>
>   Yours,
>   The OpenSSL Project Team...  
>
>     Mark J. Cox             Ben Laurie          Andy Polyakov
>     Ralf S. Engelschall     Richard Levitte     Geoff Thorpe
>     Dr. Stephen Henson      Bodo Möller Ulf Möller
>     Lutz Jänicke            Nils Larsch
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
>
> iQEVAwUBSdNEV6LSm3vylcdZAQIc4gf+Ki9AQzfwES4Up5QRKJCONzIvgIzHpajQ
> laGz0L6QQXcMrSrLxubSMfYnnXqX/BfY67C28dLaefEK9xygZMxvbS5d56hm3+3m
> SWLWXqHsCrxp4LWm3Kr7senmhBl06LCTYX1AC2VP0ph/UfouQPu15UkuMCt6eDV7
> SEUkYDk6TA8Wr7C0nMHnTOQdqx6r/N7OnPEaCCWkMzsMC5KxTkCP9/SGrDam29dt
> xV6P5+AntSgNbr9tXYAiQHgMvut9o1O8pTaGdlv2TJ/Ua2ynvmd8hsaO7Ptl3Tpt
> Bkaghk+rV3qZgLzWAiHjeebEWyXTSGvMPKM6r5mi8vrqjfbSF4zUKA==
> =qESg
> -----END PGP SIGNATURE-----
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    [hidden email]
> Automated List Manager                           [hidden email]

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
12