Re: openssl-users Digest, Vol 24, Issue 12

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Your query is being processed


On 7 Nov 2016 5:34 p.m., <openssl-users-request@xxxxxxxxxxx> wrote:
Send openssl-users mailing list submissions to
        openssl-users@xxxxxxxxxxx

To subscribe or unsubscribe via the World Wide Web, visit
        https://mta.openssl.org/mailman/listinfo/openssl-users
or, via email, send a message with subject or body 'help' to
        openssl-users-request@openssl.org

You can reach the person managing the list at
        openssl-users-owner@openssl.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of openssl-users digest..."


Today's Topics:

   1. Re: Problem in compiling OpenSSL on Windows-7-32-bit (Ajay Garg)
   2. How to sort cipher list by ephemeral/non-ephemeral?
      (Jeffrey Walton)
   3. Re: How to sort cipher list by ephemeral/non-ephemeral?
      (Salz, Rich)
   4. mailing list registration renewal - clarify bounce errors
      (debbie10t)
   5. Re: mailing list registration renewal - clarify bounce errors
      (Salz, Rich)


----------------------------------------------------------------------

Message: 1
Date: Mon, 7 Nov 2016 21:52:57 +0530
From: Ajay Garg <ajaygargnsit@xxxxxxxxx>
To: openssl-users@xxxxxxxxxxx
Subject: Re: Problem in compiling OpenSSL on
        Windows-7-32-bit
Message-ID:
        <CAHP4M8UZ_uaeuGCmRnv0xG-K=L0gZoQy9vpC7xch5L8kmoOQ2Q@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"

Oops.. sorry.
OpenSSL-version is 1.0.2d, and nasm-version is 2.12.02.



On Mon, Nov 7, 2016 at 9:31 PM, Jeremy Farrell <jeremy.farrell@xxxxxxxxxx>
wrote:

> What version of OpenSSL? What version of nasm (nasm -v)? People are more
> likely to be able to help if you provide such basic information.
>
> Regards,
>                            jjf
>
> On 07/11/2016 11:42, Ajay Garg wrote:
>
> Oops... pardon me.
> The e) step was not done.
>
> The errors came right after step d)
>
> On 7 Nov 2016 3:36 p.m., "Ajay Garg" <ajaygargnsit@xxxxxxxxx> wrote:
>
>> Hi All.
>>
>> Following are the steps I followed :
>>
>> ############################################################
>> ###################
>> a)
>> Downloaded nasm.exe from internet, and placed it in the include-path.
>>
>> b)
>> *perl Configure VC-WIN32*
>>
>> c)
>>
>>
>> *ms\do_nasm.bat *
>> d)
>>
>>
>> * nmake -f ms\nt.mak *
>> e)
>> *make*
>>
>>
>>
>> *###############################################################################
>> *
>> Compilation runs fine for some time, but then I get hundreds of IDENTICAL
>> errors as follows ::
>>
>> ############################################################
>> ###################
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> *tmp32\sha1-586.asm:3964: warning: `PTR' is not a NASM keyword
>> tmp32\sha1-586.asm:3964: error: comma, colon, decorator or end of line
>> expecte after operand tmp32\sha1-586.asm:3970: error: symbol
>> `__sha1_block_data_order_avx' redefined tmp32\sha1-586.asm:3970: error:
>> parser: instruction expected tmp32\sha1-586.asm:3972: error: parser:
>> instruction expected tmp32\sha1-586.asm:3983: error: parser: instruction
>> expected tmp32\sha1-586.asm:3985: error: parser: instruction expected
>> tmp32\sha1-586.asm:3986: error: parser: instruction expected
>> tmp32\sha1-586.asm:3987: warning: label alone on a line without a colon
>> might  in error NMAKE : fatal error U1077: '"C:\Program Files\Microsoft
>> Visual Studio 14.0\VC\ N\nasm.EXE"' : return code '0x1' Stop.*
>>
>>
>> *###############################################################################
>> *
>> Any pointers how to solve this?
>> I will heartfully grateful.
>>
>> Thanks and Regards,
>> Ajay
>>
>
> --
> J. J. Farrell
> Not speaking for Oracle
>
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
>


--
Regards,
Ajay
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20161107/55d53de6/attachment-0001.html>

------------------------------

Message: 2
Date: Mon, 7 Nov 2016 12:11:56 -0500
From: Jeffrey Walton <noloader@xxxxxxxxx>
To: OpenSSL Users <openssl-users@xxxxxxxxxxx>
Subject: How to sort cipher list by
        ephemeral/non-ephemeral?
Message-ID:
        <CAH8yC8nZ2gqqa5UZQo5aqYZRBzgyfNwZtJEMGZ95W2GgKtvwOQ@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8

I prefer to use a cipher list like "HIGH:!aNULL:!RC4:!MD5". I prefer
it because its fairly easy to parse and understand. Its also easy to
teach to developers.

I want the resulting ciphers sorted with the ephemeral suites at the
head of the list.

How does one sort the list with ephemeral suites at the top of the list?

-----

If 'openssl ciphers' is stable with respect to its output, then the
order is (is this @strength?):

# openssl ciphers -v 'HIGH:!aNULL:!MD5:!RC4:!PSK:!SRP:!KRB5' | cut -f 1 -d ' '
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-RSA-AES256-SHA384
ECDHE-ECDSA-AES256-SHA384
ECDHE-RSA-AES256-SHA
ECDHE-ECDSA-AES256-SHA
DHE-DSS-AES256-GCM-SHA384
DHE-RSA-AES256-GCM-SHA384
DHE-RSA-AES256-SHA256
DHE-DSS-AES256-SHA256
DHE-RSA-AES256-SHA
DHE-DSS-AES256-SHA
DHE-RSA-CAMELLIA256-SHA
DHE-DSS-CAMELLIA256-SHA
ECDH-RSA-AES256-GCM-SHA384
ECDH-ECDSA-AES256-GCM-SHA384
ECDH-RSA-AES256-SHA384
ECDH-ECDSA-AES256-SHA384
ECDH-RSA-AES256-SHA
ECDH-ECDSA-AES256-SHA
AES256-GCM-SHA384
AES256-SHA256
AES256-SHA
CAMELLIA256-SHA
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-ECDSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-SHA256
ECDHE-ECDSA-AES128-SHA256
ECDHE-RSA-AES128-SHA
ECDHE-ECDSA-AES128-SHA
DHE-DSS-AES128-GCM-SHA256
DHE-RSA-AES128-GCM-SHA256
DHE-RSA-AES128-SHA256
DHE-DSS-AES128-SHA256
DHE-RSA-AES128-SHA
DHE-DSS-AES128-SHA
DHE-RSA-CAMELLIA128-SHA
DHE-DSS-CAMELLIA128-SHA
ECDH-RSA-AES128-GCM-SHA256
ECDH-ECDSA-AES128-GCM-SHA256
ECDH-RSA-AES128-SHA256
ECDH-ECDSA-AES128-SHA256
ECDH-RSA-AES128-SHA
ECDH-ECDSA-AES128-SHA
AES128-GCM-SHA256
AES128-SHA256
AES128-SHA
CAMELLIA128-SHA
ECDHE-RSA-DES-CBC3-SHA
ECDHE-ECDSA-DES-CBC3-SHA
EDH-RSA-DES-CBC3-SHA
EDH-DSS-DES-CBC3-SHA
ECDH-RSA-DES-CBC3-SHA
ECDH-ECDSA-DES-CBC3-SHA
DES-CBC3-SHA


------------------------------

Message: 3
Date: Mon, 7 Nov 2016 17:29:49 +0000
From: "Salz, Rich" <rsalz@xxxxxxxxxx>
To: "noloader@xxxxxxxxx" <noloader@xxxxxxxxx>,
        "openssl-users@xxxxxxxxxxx" <openssl-users@xxxxxxxxxxx>
Subject: Re: How to sort cipher list by
        ephemeral/non-ephemeral?
Message-ID:
        <34a85f79d8ee40ccb89e270a1b6cd428@xxxxxxxxxxxxxxxxxxxxxxxx.akamai.com>
Content-Type: text/plain; charset="Windows-1252"

You can't do it with keywords. Be explicit about what you want and put it in the order you want.  That way you will not be surprised when the expansion of a keyword changes.

>From your list, ECDHE first, then decide RSA/ECDSA.  Then AES-GCM.  Why do you care about sha384 vs 256? Do you really need camellia-only?

And @STRENGTH is a hack, looking at only one factor.

Here is a real-world example (this ignores some of my advice)
         ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:
          ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:AES256-GCM-SHA384:
          AES256-SHA256:DES-CBC3-SHA:ECDHE-RSA-AES128-GCM-SHA256:
          ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:
          ECDHE-ECDSA-AES128-SHA256:AES128-GCM-SHA256:AES128-SHA256:

--
Senior Architect, Akamai Technologies
Member, OpenSSL Dev Team
IM: richsalz@xxxxxxxxx Twitter: RichSalz


------------------------------

Message: 4
Date: Mon, 7 Nov 2016 17:32:06 +0000
From: debbie10t <debbie10t@xxxxxxxxx>
To: openssl-users@xxxxxxxxxxx
Subject: mailing list registration renewal - clarify
        bounce errors
Message-ID: <ee58a3b7-cb09-fb92-8774-99908d8ad028@xxxxxxxxx>
Content-Type: text/plain; charset=utf-8; format=flowed

Hi,

today I received an email from openssl-users-request@openssl.org

<quote>
Your membership in the mailing list openssl-users has been disabled
due to excessive bounces ..
</quote>

I can find no evidence of "excessive bounces .." so I am just asking
here, is this a standard clean up of the ML or have you really received
excessive bounces from my email address ?

Thank you.
--


------------------------------

Message: 5
Date: Mon, 7 Nov 2016 17:34:07 +0000
From: "Salz, Rich" <rsalz@xxxxxxxxxx>
To: "openssl-users@xxxxxxxxxxx" <openssl-users@xxxxxxxxxxx>
Subject: Re: mailing list registration renewal -
        clarify bounce errors
Message-ID:
        <2cf7b93033d64c05bc455d9249f36c2b@xxxxxxxxxxxxxxxxxxxxxxxx.akamai.com>
Content-Type: text/plain; charset="Windows-1252"

> I can find no evidence of "excessive bounces .." so I am just asking here, is
> this a standard clean up of the ML or have you really received excessive
> bounces from my email address ?

The latter.

We have seen some more reports of this recently, and are increasing the logging to determine the cause.  Interestingly, it's all from gmail.com addresses.



------------------------------

Subject: Digest Footer

_______________________________________________
openssl-users mailing list
openssl-users@xxxxxxxxxxx
https://mta.openssl.org/mailman/listinfo/openssl-users


------------------------------

End of openssl-users Digest, Vol 24, Issue 12
*********************************************
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux