OpenSSL version 1.0.1g released

classic Classic list List threaded Threaded
15 messages Options
Reply | Threaded
Open this post in threaded view
|

OpenSSL version 1.0.1g released

openssl
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


   OpenSSL version 1.0.1g released
   ===============================

   OpenSSL - The Open Source toolkit for SSL/TLS
   http://www.openssl.org/

   The OpenSSL project team is pleased to announce the release of
   version 1.0.1g of our open source toolkit for SSL/TLS. For details
   of changes and known issues see the release notes at:

        http://www.openssl.org/news/openssl-1.0.1-notes.html

   OpenSSL 1.0.1g is available for download via HTTP and FTP from the
   following master locations (you can find the various FTP mirrors under
   http://www.openssl.org/source/mirror.html):

     * http://www.openssl.org/source/
     * ftp://ftp.openssl.org/source/

   The distribution file name is:

    o openssl-1.0.1g.tar.gz
      Size: 4509047
      MD5 checksum: de62b43dfcd858e66a74bee1c834e959
      SHA1 checksum: b28b3bcb1dc3ee7b55024c9f795be60eb3183e3c

   The checksums were calculated using the following commands:

    openssl md5 openssl-1.0.1g.tar.gz
    openssl sha1 openssl-1.0.1g.tar.gz

   Yours,

   The OpenSSL Project Team.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBCAAGBQJTQtiiAAoJENNXdQf6QOniC/EQALRkau9Gx+qzyp1nx1FDTJI1
ox93n7SKC3QIjX4veVuFjpaPymNQXVRM8IbgET5tE4GPT5w+PrscpyGSJJr8yvWN
TKy48JSKl13GVMODnEC6nEffsS/sci5o2PHXhDYa7aC+xRF6UUSMa8tqXnhGJP7e
uv7a1tYjtgE8Ix9tdoK32UkPOM0Z1qr11lPFDdG0GrIs+mbjPirdKSgvQm22w4IU
jyn5AmmReA6ZnIpffOHGQY5OgpGTg4yg+aaFKenisOfIL80raNZlVuWrzDkTUS9k
+gikqtBRg1pFMd1UGpl0S7sIXZNm01yv4K4aO3a9aykXqPQLOc8WmvfDgf99+8HR
zUrowh7Xf1CvHsgIs4s0XaggZdXhkXpMpSWdWpVh7ZVm/TPInoPWwyj8Zp/TL8XF
N/GrNHRLuWvSgCuyA7qhkee33FmtCblnYTHSLyGQrVpfq/cVEzvpznsZnObjFG+/
4Gss0qUVQZ0LJUUKZHx5cGvHliXYEeZQaBz/VLJ7J8fvy6Fsp0vKFjbrobG6srB6
pa6NYQKjHhobx+eEW380j3r60iBiz1GjdMSOdLvnSOA9dOcWmXFxl5GLcASnM+F0
kGtZBjLXsaImnp749V50sme+bNgQ/ErUvikTLXefk0rtUnfjCmJec44Kn5Gh7J1k
iI/CjhJrI2B83C48m2kE
=lxo1
-----END PGP SIGNATURE-----
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL version 1.0.1g release signed with unauthorized key???

Jakob Bohm-7
Attention: The .asc file I downloaded directly from openssl.org for the
1.0.1g tarball was signed with a key NOT authorized by the
fingerprints.txt file distributed in previous tarballs, nor by the
(unverifiable) fingerprints.txt available from

    http://www.openssl.org/docs/misc/

Specifically, it was signed by a PGP key purporting to belong to Dr.
Henson, but with a different identifier and a different e-mail address
than the authorized key listed for him in fingerprints.txt.

I suspect this is just a mixup at your end, but one cannot feel too
sure without a valid file signature consistent with the securely
distributed signature list.

For now, I will have to avoid installing this critical security update
and try the workaround instead.

On 4/7/2014 7:38 PM, OpenSSL wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
>
>     OpenSSL version 1.0.1g released
>     ===============================
>
>     OpenSSL - The Open Source toolkit for SSL/TLS
>     http://www.openssl.org/
>
>     The OpenSSL project team is pleased to announce the release of
>     version 1.0.1g of our open source toolkit for SSL/TLS. For details
>     of changes and known issues see the release notes at:
>
>          http://www.openssl.org/news/openssl-1.0.1-notes.html
>
>     OpenSSL 1.0.1g is available for download via HTTP and FTP from the
>     following master locations (you can find the various FTP mirrors under
>     http://www.openssl.org/source/mirror.html):
>
>       * http://www.openssl.org/source/
>       * ftp://ftp.openssl.org/source/
>
>     The distribution file name is:
>
>      o openssl-1.0.1g.tar.gz
>        Size: 4509047
>        MD5 checksum: de62b43dfcd858e66a74bee1c834e959
>        SHA1 checksum: b28b3bcb1dc3ee7b55024c9f795be60eb3183e3c
>
>     The checksums were calculated using the following commands:
>
>      openssl md5 openssl-1.0.1g.tar.gz
>      openssl sha1 openssl-1.0.1g.tar.gz
>
>     Yours,
>
>     The OpenSSL Project Team.
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.11 (GNU/Linux)
>
> iQIcBAEBCAAGBQJTQtiiAAoJENNXdQf6QOniC/EQALRkau9Gx+qzyp1nx1FDTJI1
> ox93n7SKC3QIjX4veVuFjpaPymNQXVRM8IbgET5tE4GPT5w+PrscpyGSJJr8yvWN
> TKy48JSKl13GVMODnEC6nEffsS/sci5o2PHXhDYa7aC+xRF6UUSMa8tqXnhGJP7e
> uv7a1tYjtgE8Ix9tdoK32UkPOM0Z1qr11lPFDdG0GrIs+mbjPirdKSgvQm22w4IU
> jyn5AmmReA6ZnIpffOHGQY5OgpGTg4yg+aaFKenisOfIL80raNZlVuWrzDkTUS9k
> +gikqtBRg1pFMd1UGpl0S7sIXZNm01yv4K4aO3a9aykXqPQLOc8WmvfDgf99+8HR
> zUrowh7Xf1CvHsgIs4s0XaggZdXhkXpMpSWdWpVh7ZVm/TPInoPWwyj8Zp/TL8XF
> N/GrNHRLuWvSgCuyA7qhkee33FmtCblnYTHSLyGQrVpfq/cVEzvpznsZnObjFG+/
> 4Gss0qUVQZ0LJUUKZHx5cGvHliXYEeZQaBz/VLJ7J8fvy6Fsp0vKFjbrobG6srB6
> pa6NYQKjHhobx+eEW380j3r60iBiz1GjdMSOdLvnSOA9dOcWmXFxl5GLcASnM+F0
> kGtZBjLXsaImnp749V50sme+bNgQ/ErUvikTLXefk0rtUnfjCmJec44Kn5Gh7J1k
> iI/CjhJrI2B83C48m2kE
> =lxo1
> -----END PGP SIGNATURE-----
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> Announcement Mailing List                 [hidden email]
> Automated List Manager                           [hidden email]
>


Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  http://www.wisemo.com
Transformervej 29, 2730 Herlev, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL version 1.0.1g release signed with unauthorized key???

Dustin Oprea


On Apr 9, 2014 7:30 PM, "Jakob Bohm" <[hidden email]> wrote:
>
> Attention: The .asc file I downloaded directly from openssl.org for the 1.0.1g tarball was signed with a key NOT authorized by the fingerprints.txt file distributed in previous tarballs, nor by the (unverifiable) fingerprints.txt available from
>
>    http://www.openssl.org/docs/misc/
>
> Specifically, it was signed by a PGP key purporting to belong to Dr. Henson, but with a different identifier and a different e-mail address
> than the authorized key listed for him in fingerprints.txt.
>
> I suspect this is just a mixup at your end, but one cannot feel too
> sure without a valid file signature consistent with the securely distributed signature list.
>
> For now, I will have to avoid installing this critical security update
> and try the workaround instead.

Not great timing.

Dustin

>
> On 4/7/2014 7:38 PM, OpenSSL wrote:
>>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA256
>>
>>
>>     OpenSSL version 1.0.1g released
>>     ===============================
>>
>>     OpenSSL - The Open Source toolkit for SSL/TLS
>>     http://www.openssl.org/
>>
>>     The OpenSSL project team is pleased to announce the release of
>>     version 1.0.1g of our open source toolkit for SSL/TLS. For details
>>     of changes and known issues see the release notes at:
>>
>>          http://www.openssl.org/news/openssl-1.0.1-notes.html
>>
>>     OpenSSL 1.0.1g is available for download via HTTP and FTP from the
>>     following master locations (you can find the various FTP mirrors under
>>     http://www.openssl.org/source/mirror.html):
>>
>>       * http://www.openssl.org/source/
>>       * ftp://ftp.openssl.org/source/
>>
>>     The distribution file name is:
>>
>>      o openssl-1.0.1g.tar.gz
>>        Size: 4509047
>>        MD5 checksum: de62b43dfcd858e66a74bee1c834e959
>>        SHA1 checksum: b28b3bcb1dc3ee7b55024c9f795be60eb3183e3c
>>
>>     The checksums were calculated using the following commands:
>>
>>      openssl md5 openssl-1.0.1g.tar.gz
>>      openssl sha1 openssl-1.0.1g.tar.gz
>>
>>     Yours,
>>
>>     The OpenSSL Project Team.
>>
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.4.11 (GNU/Linux)
>>
>> iQIcBAEBCAAGBQJTQtiiAAoJENNXdQf6QOniC/EQALRkau9Gx+qzyp1nx1FDTJI1
>> ox93n7SKC3QIjX4veVuFjpaPymNQXVRM8IbgET5tE4GPT5w+PrscpyGSJJr8yvWN
>> TKy48JSKl13GVMODnEC6nEffsS/sci5o2PHXhDYa7aC+xRF6UUSMa8tqXnhGJP7e
>> uv7a1tYjtgE8Ix9tdoK32UkPOM0Z1qr11lPFDdG0GrIs+mbjPirdKSgvQm22w4IU
>> jyn5AmmReA6ZnIpffOHGQY5OgpGTg4yg+aaFKenisOfIL80raNZlVuWrzDkTUS9k
>> +gikqtBRg1pFMd1UGpl0S7sIXZNm01yv4K4aO3a9aykXqPQLOc8WmvfDgf99+8HR
>> zUrowh7Xf1CvHsgIs4s0XaggZdXhkXpMpSWdWpVh7ZVm/TPInoPWwyj8Zp/TL8XF
>> N/GrNHRLuWvSgCuyA7qhkee33FmtCblnYTHSLyGQrVpfq/cVEzvpznsZnObjFG+/
>> 4Gss0qUVQZ0LJUUKZHx5cGvHliXYEeZQaBz/VLJ7J8fvy6Fsp0vKFjbrobG6srB6
>> pa6NYQKjHhobx+eEW380j3r60iBiz1GjdMSOdLvnSOA9dOcWmXFxl5GLcASnM+F0
>> kGtZBjLXsaImnp749V50sme+bNgQ/ErUvikTLXefk0rtUnfjCmJec44Kn5Gh7J1k
>> iI/CjhJrI2B83C48m2kE
>> =lxo1
>> -----END PGP SIGNATURE-----
>> ______________________________________________________________________
>> OpenSSL Project                                 http://www.openssl.org
>> Announcement Mailing List                 [hidden email]
>> Automated List Manager                           [hidden email]
>>
>
>
> Enjoy
>
> Jakob
> --
> Jakob Bohm, CIO, Partner, WiseMo A/S.  http://www.wisemo.com
> Transformervej 29, 2730 Herlev, Denmark.  Direct +45 31 13 16 10
> This public discussion message is non-binding and may contain errors.
> WiseMo - Remote Service Management for PCs, Phones and Embedded
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    [hidden email]
> Automated List Manager                           [hidden email]

Reply | Threaded
Open this post in threaded view
|

OpenSSL version 1.0.1g fails to link on Win32

gjcoram
In reply to this post by openssl
Hi -
I just compiled OpenSSL 1.0.1g for Win32 using Visual Studio 2005; my
application failed to link because of an unresolved external
_check_winnt

In crypto/rand/rand_win.c, function readscreen, this line:
  if (GetVersion() < 0x80000000 && OPENSSL_isservice()>0)

was changed to
  if (check_winnt() && OPENSSL_isservice()>0)


And also in crypto/cryptlib.c, function OPENSSL_showfatal, this line:
    if (GetVersion() < 0x80000000 && OPENSSL_isservice() > 0)

was changed to
    if (check_winnt() && OPENSSL_isservice() > 0)


I can't seem to find where check_winnt() is declared/defined.  So, I
just changed it back.  This seems to work for me, but I thought I
should mention it for other users.

-Geoffrey
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL version 1.0.1g fails to link on Win32

Steven Kneizys
I just compiled 32 bit with "ntdll.mak" with "nasm 2.11.02" and Visual Studio Express 2013 with no issues, with and without the "DOPENSSL_NO_HEARTBEATS" option.  I was making it to drop the keys files into Apache 2.2.26:
openssl.exe
ssleay32.dll
libeay32.dll

I am doing this to compile:
  perl Configure VC-WIN32 --prefix=C:\ApacheSoftware\Apache22\bin --openssldir=C:\ApacheSoftware\Apache22\conf 
  ms\do_nasm
  nmake -f ms\ntdll.mak

I know this is in the docs and such but so many people are working in this right now I just thought I'd post that it can work OK with a newer VS version.

Steve...


On Wed, Apr 9, 2014 at 9:36 PM, Geoffrey Coram <[hidden email]> wrote:
Hi -
I just compiled OpenSSL 1.0.1g for Win32 using Visual Studio 2005; my
application failed to link because of an unresolved external
_check_winnt

In crypto/rand/rand_win.c, function readscreen, this line:
  if (GetVersion() < 0x80000000 && OPENSSL_isservice()>0)

was changed to
  if (check_winnt() && OPENSSL_isservice()>0)


And also in crypto/cryptlib.c, function OPENSSL_showfatal, this line:
    if (GetVersion() < 0x80000000 && OPENSSL_isservice() > 0)

was changed to
    if (check_winnt() && OPENSSL_isservice() > 0)


I can't seem to find where check_winnt() is declared/defined.  So, I
just changed it back.  This seems to work for me, but I thought I
should mention it for other users.

-Geoffrey
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]



--
Steve Kneizys
Senior Business Process Engineer
Voice: (610) 256-1396  [For Emergency Service (888)864-3282]
Ferrilli Information Group -- Quality Service and Solutions for Higher Education
web: http://www.ferrilli.com/

Making you a success while exceeding your expectations.
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL version 1.0.1g fails to link on Win32

gjcoram
Thanks for the report.  Is "check_winnt()" in the Windows libraries or
in OpenSSL?  I tried Googling it, but didn't come up with anything,
and I didn't find a declaration in the OpenSSL source code.

I do nmake -f ntlib.mak, which makes some static libraries for me,
using only code in crypto/ and ssl/  I suppose if check_winnt() is in
a different directory, that would be my problem (and my fault for not
re-running perl Configure).

-Geoffrey




On 04/09/2014 21:58, Steven Kneizys <[hidden email]> wrote:

>
> I just compiled 32 bit with "ntdll.mak" with "nasm 2.11.02" and
> Visual Studio Express 2013 with no issues, with and without the
> "DOPENSSL_NO_HEARTBEATS" option.  I was making it to drop the keys
> files
> into Apache 2.2.26:
> openssl.exe
> ssleay32.dll
> libeay32.dll
>
> I am doing this to compile:
>   perl Configure VC-WIN32 --prefix=C:\ApacheSoftware\Apache22\bin
> --openssldir=C:\ApacheSoftware\Apache22\conf
>   ms\do_nasm
>   nmake -f ms\ntdll.mak
>
> I know this is in the docs and such but so many people are working
> in this right now I just thought I'd post that it can work OK with a
> newer VS version.
>
> Steve...
>
>
> On Wed, Apr 9, 2014 at 9:36 PM, Geoffrey Coram <[hidden email]>
> wrote:
>
> > Hi -
> > I just compiled OpenSSL 1.0.1g for Win32 using Visual Studio 2005;
> my
> > application failed to link because of an unresolved external
> > _check_winnt
> >
> > In crypto/rand/rand_win.c, function readscreen, this line:
> >   if (GetVersion() < 0x80000000 && OPENSSL_isservice()>0)
> >
> > was changed to
> >   if (check_winnt() && OPENSSL_isservice()>0)
> >
> >
> > And also in crypto/cryptlib.c, function OPENSSL_showfatal, this
> line:
> >     if (GetVersion() < 0x80000000 && OPENSSL_isservice() > 0)
> >
> > was changed to
> >     if (check_winnt() && OPENSSL_isservice() > 0)
> >
> >
> > I can't seem to find where check_winnt() is declared/defined.  So,
> > I just changed it back.  This seems to work for me, but I thought
> > I should mention it for other users.
> >
> > -Geoffrey
> >
>
> ______________________________________________________________________
> > OpenSSL Project                                
> http://www.openssl.org
> > User Support Mailing List                    
> [hidden email]
> > Automated List Manager                          
> [hidden email]
> >
>
>
>
> --
> Steve Kneizys
> Senior Business Process Engineer
> Voice: (610) 256-1396  [For Emergency Service (888)864-3282]
> Ferrilli Information Group -- Quality Service and Solutions for
> Higher
> Education
> web: http://www.ferrilli.com/ <http://www.figsolutions.com/>
>
> Making you a success while exceeding your expectations.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL version 1.0.1g release signed with unauthorized key???

Wim Lewis-3
In reply to this post by Jakob Bohm-7

On 9 Apr 2014, at 4:12 PM, Jakob Bohm wrote:
> Attention: The .asc file I downloaded directly from openssl.org for the 1.0.1g tarball was signed with a key NOT authorized by the fingerprints.txt file distributed in previous tarballs, nor by the (unverifiable) fingerprints.txt available from
>
>   http://www.openssl.org/docs/misc/
>
> Specifically, it was signed by a PGP key purporting to belong to Dr. Henson, but with a different identifier and a different e-mail address
> than the authorized key listed for him in fingerprints.txt.
>
> I suspect this is just a mixup at your end, but one cannot feel too
> sure without a valid file signature consistent with the securely distributed signature list.

I also noticed this--- previous tarballs were all signed by the F295C759 key (fingerprint ending in D57EE597), but this announcement and the 1.0.1g tarball were both signed by the FA40E9E2 key. However, the new key (all three of its userids) *is* signed by the old key, so there is I think some assurance that the new key also belongs to Dr Stephen Henson and that the release is legitimate.


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: OpenSSL version 1.0.1g fails to link on Win32

J. J. Farrell-2
In reply to this post by gjcoram
Googling "check_winnt" suggests openssl/e_os.h.

> From: Geoffrey Coram [mailto:[hidden email]]
> Sent: Thursday, April 10, 2014 3:27 AM
>
> Thanks for the report.  Is "check_winnt()" in the Windows libraries or
> in OpenSSL?  I tried Googling it, but didn't come up with anything,
> and I didn't find a declaration in the OpenSSL source code.
>
> I do nmake -f ntlib.mak, which makes some static libraries for me,
> using only code in crypto/ and ssl/  I suppose if check_winnt() is in
> a different directory, that would be my problem (and my fault for not
> re-running perl Configure).
>
> -Geoffrey
>
> On 04/09/2014 21:58, Steven Kneizys <[hidden email]> wrote:
> >
> > I just compiled 32 bit with "ntdll.mak" with "nasm 2.11.02" and
> > Visual Studio Express 2013 with no issues, with and without the
> > "DOPENSSL_NO_HEARTBEATS" option.  I was making it to drop the keys
> > files
> > into Apache 2.2.26:
> > openssl.exe
> > ssleay32.dll
> > libeay32.dll
> >
> > I am doing this to compile:
> >   perl Configure VC-WIN32 --prefix=C:\ApacheSoftware\Apache22\bin
> > --openssldir=C:\ApacheSoftware\Apache22\conf
> >   ms\do_nasm
> >   nmake -f ms\ntdll.mak
> >
> > I know this is in the docs and such but so many people are working
> > in this right now I just thought I'd post that it can work OK with a
> > newer VS version.
> >
> > Steve...
> >
> >
> > On Wed, Apr 9, 2014 at 9:36 PM, Geoffrey Coram <[hidden email]>
> > wrote:
> >
> > > Hi -
> > > I just compiled OpenSSL 1.0.1g for Win32 using Visual Studio 2005;
> > my
> > > application failed to link because of an unresolved external
> > > _check_winnt
> > >
> > > In crypto/rand/rand_win.c, function readscreen, this line:
> > >   if (GetVersion() < 0x80000000 && OPENSSL_isservice()>0)
> > >
> > > was changed to
> > >   if (check_winnt() && OPENSSL_isservice()>0)
> > >
> > >
> > > And also in crypto/cryptlib.c, function OPENSSL_showfatal, this
> > line:
> > >     if (GetVersion() < 0x80000000 && OPENSSL_isservice() > 0)
> > >
> > > was changed to
> > >     if (check_winnt() && OPENSSL_isservice() > 0)
> > >
> > >
> > > I can't seem to find where check_winnt() is declared/defined.  So,
> > > I just changed it back.  This seems to work for me, but I thought
> > > I should mention it for other users.
> > >
> > > -Geoffrey
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL version 1.0.1g fails to link on Win32

Thomas J. Hruska
On 4/9/2014 8:03 PM, Jeremy Farrell wrote:
> Googling "check_winnt" suggests openssl/e_os.h.

findstr /sic:"check_winnt" *

Is, IMO, easier and more informative than using Google.  Results in:

apps\apps.c:            if (check_winnt())
crypto\bio\bss_log.c:   if (check_winnt())
crypto\cryptlib.c:    if (check_winnt() && OPENSSL_isservice() > 0)
crypto\rand\rand_win.c:  if (check_winnt() && OPENSSL_isservice()>0)
e_os.h:#  define check_winnt() (1)
e_os.h:#  define check_winnt() (GetVersion() < 0x80000000)

Used four times, has two #defines.

--
Thomas Hruska
Shining Light Productions

Home of BMP2AVI and Win32 OpenSSL.
http://www.slproweb.com/
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL version 1.0.1g fails to link on Win32

gjcoram
Thanks, Thomas; I had found the calls in the crypto/ source files, but
I didn't search at the right level to find the #defines.

After updating e_os.h, I am now able to compile & link the original
source code for 1.0.1g.  Sorry for the false alarm.


On 04/10/2014 03:52, "Thomas J. Hruska"
<[hidden email]> wrote:

>
> On 4/9/2014 8:03 PM, Jeremy Farrell wrote:
> > Googling "check_winnt" suggests openssl/e_os.h.
>
> findstr /sic:"check_winnt" *
>
> Is, IMO, easier and more informative than using Google.  Results in:
>
> apps\apps.c:            if (check_winnt())
> crypto\bio\bss_log.c:   if (check_winnt())
> crypto\cryptlib.c:    if (check_winnt() && OPENSSL_isservice() > 0)
> crypto\rand\rand_win.c:  if (check_winnt() && OPENSSL_isservice()>0)
> e_os.h:#  define check_winnt() (1)
> e_os.h:#  define check_winnt() (GetVersion() < 0x80000000)
>
> Used four times, has two #defines.
>
> --
> Thomas Hruska
> Shining Light Productions
>
> Home of BMP2AVI and Win32 OpenSSL.
> http://www.slproweb.com/
>
>
> ______________________________________________________________________
> OpenSSL Project                                
> http://www.openssl.org
> User Support Mailing List                    
> [hidden email]
> Automated List Manager                          
> [hidden email]

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL version 1.0.1g fails to link on Win32

Mike Bonnain
In reply to this post by Thomas J. Hruska
Hi Geoffrey,

It's defined in e_os.h because it's been deprecated in Win8. Microsoft wants you to use GetVersionEx() or VerifyVersionInfo(). Part of their plot to convince us old-timers that the world is no longer flat and that COM is actually a reasonable way to write code... Next thing they will tell us will probably be that the earth is no longer the center of the universe.

-mike


On Thu, Apr 10, 2014 at 1:52 AM, Thomas J. Hruska <[hidden email]> wrote:
On 4/9/2014 8:03 PM, Jeremy Farrell wrote:
Googling "check_winnt" suggests openssl/e_os.h.

findstr /sic:"check_winnt" *

Is, IMO, easier and more informative than using Google.  Results in:

apps\apps.c:            if (check_winnt())
crypto\bio\bss_log.c:   if (check_winnt())
crypto\cryptlib.c:    if (check_winnt() && OPENSSL_isservice() > 0)
crypto\rand\rand_win.c:  if (check_winnt() && OPENSSL_isservice()>0)
e_os.h:#  define check_winnt() (1)
e_os.h:#  define check_winnt() (GetVersion() < 0x80000000)

Used four times, has two #defines.

--
Thomas Hruska
Shining Light Productions

Home of BMP2AVI and Win32 OpenSSL.
http://www.slproweb.com/

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: [Bulk] Re: OpenSSL version 1.0.1g fails to link on Win32

Gisle Vanem-3
In reply to this post by Thomas J. Hruska
"Thomas J. Hruska" <[hidden email]> wrote:

> Is, IMO, easier and more informative than using Google.  Results in:
>
> apps\apps.c:            if (check_winnt())
> crypto\bio\bss_log.c:   if (check_winnt())
> crypto\cryptlib.c:    if (check_winnt() && OPENSSL_isservice() > 0)
> crypto\rand\rand_win.c:  if (check_winnt() && OPENSSL_isservice()>0)
> e_os.h:#  define check_winnt() (1)
> e_os.h:#  define check_winnt() (GetVersion() < 0x80000000)

The full lines are:

  #if defined(_MSC_VER) && _MSC_VER>=1800
  #  define check_winnt() (1)
  #else
  #  define check_winnt() (GetVersion() < 0x80000000)
  #endif

So what if I use MSVC v16 to build and run on Win-Vista+?
Maybe the code should test the WINVER/_WIN32_WINNT
versions before testing _MSC_VER?

--gv
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: OpenSSL version 1.0.1g fails to link on Win32

J. J. Farrell-2
In reply to this post by Thomas J. Hruska
Perhaps, if you already have the source tree available in an environment where you can run findstr on it, and know about findstr. Google does a much quicker and easier job on this problem for everyone else, and is arguably more informative since it gives the check-in comments as well as at least some of the definitions and uses.

> From: Thomas J. Hruska [mailto:[hidden email]]
> Sent: Thursday, April 10, 2014 8:53 AM
>
> On 4/9/2014 8:03 PM, Jeremy Farrell wrote:
> > Googling "check_winnt" suggests openssl/e_os.h.
>
> findstr /sic:"check_winnt" *
>
> Is, IMO, easier and more informative than using Google.  Results in:
>
> apps\apps.c:            if (check_winnt())
> crypto\bio\bss_log.c:   if (check_winnt())
> crypto\cryptlib.c:    if (check_winnt() && OPENSSL_isservice() > 0)
> crypto\rand\rand_win.c:  if (check_winnt() && OPENSSL_isservice()>0)
> e_os.h:#  define check_winnt() (1)
> e_os.h:#  define check_winnt() (GetVersion() < 0x80000000)
>
> Used four times, has two #defines.
>
> --
> Thomas Hruska
> Shining Light Productions
>
> Home of BMP2AVI and Win32 OpenSSL.
> http://www.slproweb.com/
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL version 1.0.1g fails to link on Win32

gjcoram
In reply to this post by Mike Bonnain
On 04/10/2014 05:31, Mike Bonnain <[hidden email]> wrote:

>
> Hi Geoffrey,
>
> It's defined in e_os.h because it's been deprecated in Win8.
> Microsoft wants you to use GetVersionEx() or VerifyVersionInfo().
> Part of their plot to convince us old-timers that the world is no
> longer flat and that COM is actually a reasonable way to write
> code... Next thing they will tell us will probably be that the earth
> is no longer the center of the universe.
>
> -mike

They'd probably fall off a chair if they knew I was still compiling
for Windows CE 2.0 ... :)
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL version 1.0.1g fails to link on Win32

gjcoram
In reply to this post by J. J. Farrell-2
Actually, I tried Google, and it split check_winnt into check winnt
because I didn't put the quotes around it, and hence found lots of
unrelated pages.

I had only extracted crypto/ and ssl/ from the source tarball, so my
"search" from Windows Explorer didn't find it.

My own fault in both cases.



On 04/10/2014 13:45, Jeremy Farrell <[hidden email]> wrote:

>
> Perhaps, if you already have the source tree available in an
> environment where you can run findstr on it, and know about findstr.
> Google does a much quicker and easier job on this problem for
> everyone else, and is arguably more informative since it gives the
> check-in comments as well as at least some of the definitions and
> uses.
>
> > From: Thomas J. Hruska [mailto:[hidden email]]
> > Sent: Thursday, April 10, 2014 8:53 AM
> >
> > On 4/9/2014 8:03 PM, Jeremy Farrell wrote:
> > > Googling "check_winnt" suggests openssl/e_os.h.
> >
> > findstr /sic:"check_winnt" *
> >
> > Is, IMO, easier and more informative than using Google.  Results
> in:
> >
> > apps\apps.c:            if (check_winnt())
> > crypto\bio\bss_log.c:   if (check_winnt())
> > crypto\cryptlib.c:    if (check_winnt() && OPENSSL_isservice() >
> 0)
> > crypto\rand\rand_win.c:  if (check_winnt() &&
> OPENSSL_isservice()>0)
> > e_os.h:#  define check_winnt() (1)
> > e_os.h:#  define check_winnt() (GetVersion() < 0x80000000)
> >
> > Used four times, has two #defines.
> >
> > --
> > Thomas Hruska
> > Shining Light Productions
> >
> > Home of BMP2AVI and Win32 OpenSSL.
> > http://www.slproweb.com/
>
>
> ______________________________________________________________________
> OpenSSL Project                                
> http://www.openssl.org
> User Support Mailing List                    
> [hidden email]
> Automated List Manager                          
> [hidden email]

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]