From rsalz at akamai.com  Thu Sep  3 18:42:57 2015
From: rsalz at akamai.com (Richard Salz)
Date: Thu, 03 Sep 2015 14:42:57 -0400
Subject: Return value in dh_pmeth.c
Message-ID: <E1ZXZTN-0004Lh-AX@rsalz>

A non-matching kdf_type moves from return 1 to return 0 if NO_CMS compiles out the KDF_X9_42 change - that is a different error return and that seems incorrect to be making that change as part of handling conditional compilation additions.
Although it looks like that change is one that should be made - and attention drawn to it - in that returning 1 == success for this function and not deriving anything because you don't know or support the kdf type should return an error condition (<= 0 for this function).


From linshufan0707 at 163.com  Fri Sep  4 01:10:10 2015
From: linshufan0707 at 163.com (=?utf-8?B?5p6X5Lmm5biG?=)
Date: Fri, 4 Sep 2015 09:10:10 +0800
Subject: about the chipersuite for CoAP
Message-ID: <312F73E3-EC1B-49C9-94EF-0B89F93A00F5@163.com>

Constrained Application Protocol (CoAP) [RFC7252] currently specifies TLS_PSK_WITH_AES_128_CCM_8/TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
 as the mandatory to implement cipher suite for use with shared secrets.

REF URL:http://datatracker.ietf.org/doc/draft-ietf-dice-profile/?include_text=1 <http://datatracker.ietf.org/doc/draft-ietf-dice-profile/?include_text=1>

So, is there any plan about it for openssl? or there is some other consideration?
I extremely hope it will be implemented in next version 1.0.2e, thanks!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-bugs-mod/attachments/20150904/5a5875b9/attachment.html>

From openssl at roumenpetrov.info  Fri Sep  4 18:33:23 2015
From: openssl at roumenpetrov.info (Roumen Petrov)
Date: Fri, 04 Sep 2015 21:33:23 +0300
Subject: incomplete get methods for X509_VERIFY_PARAM
Message-ID: <55E9E3F3.2040809@roumenpetrov.info>

Hello,

In master branch structure X509_VERIFY_PARAM is declared as opaque.

For following attributes "get"-method is not defined:
- check_time : applicable if flag X509_V_FLAG_USE_CHECK_TIME is set
- inh_flags
- purpose
- trust
- policies: stack of opaques ASN1 objects
- id : opaque structure, may require own set of "get"-methods

It seems to me for attributes name, flags and depth access is complete.
Please finish declaration of X509_VERIFY_PARAM  as opaque structure with 
definition of "get"-methods.

Regards,
Roumen Petrov


From alessandro at ghedini.me  Sat Sep  5 13:49:09 2015
From: alessandro at ghedini.me (Alessandro Ghedini)
Date: Sat, 5 Sep 2015 15:49:09 +0200
Subject: [openssl-dev #1542] others quick patches for memory leaks in
 pk7_smime.c and pk7_mime.c
Message-ID: <20150905134909.GA19379@kronk.local>

The proposed patch is mangled and very hard to read, but I think all proposed
changes have already been committed, or the code has been removed.

So I think this can be closed now.

Cheers


From alessandro at ghedini.me  Sat Sep  5 13:49:41 2015
From: alessandro at ghedini.me (Alessandro Ghedini)
Date: Sat, 5 Sep 2015 15:49:41 +0200
Subject: [openssl-dev #1543] memory leak in crypto/asn1/x_x509a.c
Message-ID: <20150905134941.GB19379@kronk.local>

Same as #1542, the patch is mangled but I think everything is already fixed so
this can be closed.

Cheers


From yancm at SDF.ORG  Wed Sep  9 09:53:32 2015
From: yancm at SDF.ORG (yancm)
Date: Wed, 09 Sep 2015 05:53:32 -0400
Subject: Unable to build openssl git master branch on NetBSD for > 24 hours
Message-ID: <03afe488fc06b0b393a2101aef3ed213@SDF.ORG>

Hi,

I've been tracking the dev branch of openssl for several months.  In the 
last 24-48 hours was a source change that broke the build on my box 
(NetBSD 6_Stable / i386 architecture).  I have cleaned and re- 
./config'd but still see the build fail at:
gmake[2]: Entering directory '/usr/local/src/openssl/apps'
( :; LIBDEPS="${LIBDEPS:--L.. -lssl -L.. -lcrypto }"; 
LDCMD="${LDCMD:-cc}"; LDFLAGS="${LDFLAGS:--DOPENSSL_THREADS -pthread 
-D_THREAD_SAFE -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -Wa,--noexecstack 
-DL_ENDIAN -Wall -O3 -fomit-frame-pointer -DOPENSSL_BN_ASM_PART_WORDS 
-DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m 
-DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM 
-DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM}"; 
LIBPATH=`for x in $LIBDEPS; do echo $x; done | sed -e 's/^ *-L//;t' -e d 
| uniq`; LIBPATH=`echo $LIBPATH | sed -e 's/ /:/g'`; 
LD_LIBRARY_PATH=$LIBPATH:$LD_LIBRARY_PATH ${LDCMD} ${LDFLAGS} -o 
${APPNAME:=openssl} openssl.o asn1pars.o ca.o ciphers.o cms.o crl.o 
crl2p7.o dgst.o dhparam.o dsa.o dsaparam.o ec.o ecparam.o enc.o engine.o 
errstr.o gendsa.o genpkey.o genrsa.o nseq.o ocsp.o passwd.o pkcs12.o 
pkcs7.o pkcs8.o pkey.o pkeyparam.o pkeyutl.o prime.o rand.o req.o rsa.o 
rsautl.o s_client.o s_server.o s_time.o sess_id.o smime.o speed.o 
spkac.o srp.o ts.o verify.o version.o x509.o rehash.o apps.o opt.o 
s_cb.o s_socket.o app_rand.o ${LIBDEPS} )
gmake[2]: Leaving directory '/usr/local/src/openssl/apps'
gmake[2]: Entering directory '/usr/local/src/openssl'
Not available; use c_rehash script
Makefile:428: recipe for target 'rehash.time' failed
gmake[2]: *** [rehash.time] Error 1
gmake[2]: Leaving directory '/usr/local/src/openssl'
Makefile:139: recipe for target 'openssl' failed
gmake[1]: *** [openssl] Error 2
gmake[1]: Leaving directory '/usr/local/src/openssl/apps'
Makefile:290: recipe for target 'build_apps' failed
gmake: *** [build_apps] Error 1

Looks like something is broken in or around c_rehash?

best regards,
gene



From shay.gueron at intel.com  Thu Sep 10 06:34:45 2015
From: shay.gueron at intel.com (Gueron, Shay)
Date: Thu, 10 Sep 2015 06:34:45 +0000
Subject: [PATCH]  Fast 1536-bit modular exponentiation with the new VPMADD52
 instructions 
Message-ID: <3DE91BD01FD68540858FC917201D9B9939C9CF3E@hasmsx107.ger.corp.intel.com>

Hello everyone,

This patch is a contribution to OpenSSL.

It extends the patch "Id 3590" (from Nov 04, 2014; by Gueron and Krasnov) entitled "Fast modular exponentiation with the new VPMADD52 instructions". This contribution includes 1536-bit modular exponentiation (constant time) with the RSA fix to use these functions.

An efficient 1536-bit modular exponentiation is useful for speeding up RSA3072 (decrypt/sign).
RSA3072 provides 128 bit equivalent security (compared to 112 bits offered by RSA2048).

Significant performance gains can be expected on future processors that will support VPMADD52.
Details:

The underlying method is VNRMM which explained in [1].

VPMADD52 instructions (VPMADD52LUQ and VPMADD52HUQ) were announced in
https://software.intel.com/sites/default/files/managed/0d/53/319433-022.pdf
(see also the Intel(r) Software Development Emulator at
https://software.intel.com/en-us/articles/intel-software-development-emulator)

(currently, building the patch requires "binutils" version 2.24 (at least)., which can be downloaded from
http://ftp.gnu.org/gnu/binutils/)


Reference:
[1] S. Gueron, V. Krasnov: "New CPU instructions for speeding up modular exponentiation"
(to be published)

Developers and authors:
***************************************************************************
Shay Gueron (1, 2), Nir Drucker (1)
(1) Intel Corporation, Israel Development Center, Haifa, Israel
(2) University of Haifa, Israel
***************************************************************************
Copyright (c) 2015, Intel Corp.




---------------------------------------------------------------------
Intel Israel (74) Limited

This e-mail and any attachments may contain confidential material for
the sole use of the intended recipient(s). Any review or distribution
by others is strictly prohibited. If you are not the intended
recipient, please contact the sender and delete all copies.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-bugs-mod/attachments/20150910/51c78a7f/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: rsaz-1356-vpmadd.patch
Type: application/octet-stream
Size: 44842 bytes
Desc: rsaz-1356-vpmadd.patch
URL: <http://mta.openssl.org/pipermail/openssl-bugs-mod/attachments/20150910/51c78a7f/attachment-0001.obj>

From ralf.vennemann at web.de  Thu Sep 10 13:46:22 2015
From: ralf.vennemann at web.de (ralf.vennemann at web.de)
Date: Thu, 10 Sep 2015 15:46:22 +0200
Subject: mkstack.pl does generate new safestack.h until release 1.0.1m
Message-ID: <trinity-cd33adb7-bd47-4d85-aaaa-6fffc95cb30c-1441892782380@3capp-webde-bs49>

Hello,

since OpenSSL release 1.0.1m the mkstack.pl script does not generate a new safestack.h file if new DECLARE_STACK_OF macros are available.
I found the following issues:

1. The format of the following comment in safestack.h has changed:
  Old style (required by mkstack.pl):
    /* This block of defines is updated by util/mkstack.pl, please do not touch! */

  New style:
    /*
     * This block of defines is updated by util/mkstack.pl, please do not touch!
     */

2. The following line is missing in safestack.h (but required by the mkstack.pl script):
  /* End of util/mkstack.pl block, you may now edit :-) */

Regards,
Ralf


From ivo.raisr at oracle.com  Thu Sep 10 20:59:12 2015
From: ivo.raisr at oracle.com (Ivo Raisr)
Date: Thu, 10 Sep 2015 22:59:12 +0200
Subject: bug and fix - warning about uninitialized variables in ssl_asn1.c,
 function i2d_SSL_SESSION()
Message-ID: <55F1EF20.5020708@oracle.com>

When OpenSSL 1.0.2 is built on Linux with "no-psk" config option, the 
following warnings are emitted by the compiler:

ssl_asn1.c: In function ?i2d_SSL_SESSION?:
ssl_asn1.c:124:57: warning: unused variable ?v8? [-Wunused-variable]
      int v1 = 0, v2 = 0, v3 = 0, v4 = 0, v5 = 0, v7 = 0, v8 = 0;
                                                          ^
ssl_asn1.c:124:49: warning: unused variable ?v7? [-Wunused-variable]
      int v1 = 0, v2 = 0, v3 = 0, v4 = 0, v5 = 0, v7 = 0, v8 = 0;
                                                  ^
This is because variables v7 and v8 are defined unconditionally, 
regardless whether OPENSSL_NO_PSK is defined or not.
Similar to existing constructs with OPENSSL_NO_TLSEXT, OPENSSL_NO_COMP
and OPENSSL_NO_SRP, also OPENSSL_NO_PSK needs the following:

+#ifndef OPENSSL_NO_PSK
+    int v7 = 0, v8 = 0;
+#endif

See the attached patch.

Tested by building with and without "no-psk". Builds are clean
and successful.

Kind regards,
Ivo Raisr
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ssl_asn1_no-psk.patch
Type: text/x-patch
Size: 694 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-bugs-mod/attachments/20150910/8c95ee6f/attachment.bin>

From afelsher at cisco.com  Fri Sep 11 15:08:43 2015
From: afelsher at cisco.com (Andrew Felsher (afelsher))
Date: Fri, 11 Sep 2015 15:08:43 +0000
Subject: IV-setting bug on AES/CCM decryption
Message-ID: <4A26CC88823F2141ADDABB49292DF506212A1C88@xmb-aln-x13.cisco.com>

Hi,

While running some tests on a module using OpenSSL, we noticed that when using EVP_CIPHER_CTX_ctrl(context, EVP_CTRL_CCM_SET_IVLEN, length, NULL) to set the IV length, AES/CCM decryption does not seem to detect a bad IV length. With encryption, it is detected and an appropriate error code is returned. And AES/GCM, for example, detects the bad IV length for both encryption and decryption.

Regards,
Andrew Felsher
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-bugs-mod/attachments/20150911/d4cfe3e1/attachment.html>

From foleyj at cisco.com  Fri Sep 11 17:23:30 2015
From: foleyj at cisco.com (John Foley)
Date: Fri, 11 Sep 2015 13:23:30 -0400
Subject: Invalid use of memcpy() causing decrypt failure
Message-ID: <55F30E12.6090800@cisco.com>

We're seeing intermittent failures in the AES key wrap test cases in
test/evp_test in the 1.0.2d release.  We believe the problem is due to
using memcpy() with overlapping src/dst memory regions.  The following
thread provides some insight into this memcpy() issue:

https://bugzilla.redhat.com/show_bug.cgi?id=638477

The documentation for memcpy() states to use memmove() when the memory
regions overlap.  The attached patch resolves the problem.  Please
consider accepting this patch in the 1.0.2 stable and master branches.

Thank you.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: aes_wrap_fix.patch
Type: text/x-patch
Size: 704 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-bugs-mod/attachments/20150911/313dee07/attachment.bin>

From bkaduk at akamai.com  Fri Sep 11 19:47:18 2015
From: bkaduk at akamai.com (Benjamin Kaduk)
Date: Fri, 11 Sep 2015 14:47:18 -0500
Subject: SSLv2 session reuse is broken on the 1.0.2 branch
Message-ID: <55F32FC6.1030705@akamai.com>

SSLv2 support has been removed from master, but is still present in 1.0.2.

Adding a range check in ssl_get_prev_session() broke the SSLv2 codepath
because it supplied NULL as the 'limit' parameter that had not
previously been used for SSLv2 (or v3), so the fix is just to supply a
non-NULL limit.

Patch at https://github.com/openssl/openssl/pull/395 .


From leif.thuresson at foxt.com  Sat Sep 12 17:42:31 2015
From: leif.thuresson at foxt.com (Leif Thuresson)
Date: Sat, 12 Sep 2015 19:42:31 +0200
Subject: TLS-PSK - SSL_use_psk_identity_hint()
Message-ID: <55F46407.3020403@foxt.com>

I understand that there has been an overhaul of the TLS-PSK support.
Is there any chance to get the SSL_use_psk_identity_hint() function 
fixed in the process?
The current implementation of this function is useless at least in my 
use case.
I want to set the a PSK hint based on the address etc. of incoming 
connections to a server.
The current implementation stores the PSK hint set with 
SSL_use_psk_identity_hint() in the SSL_SESSION object
and if the session is not created SSL_use_psk_identity_hint() returns OK 
and ignores the hint?
Typically you would like to use this function in conjunction with 
creating the SSL object so storing the PSK hint
in the SSL_SESSION object is a problem since the session is not yet created.

Thanks,

/Leif Thuresson


From nilsson at fastmail.se  Mon Sep 14 00:27:53 2015
From: nilsson at fastmail.se (Martin Nilsson)
Date: Mon, 14 Sep 2015 02:27:53 +0200
Subject: Fix for comment out of sync with code (t1_lib.c:ssl_check_for_safari)
Message-ID: <1442190473.2380466.382611457.4C6C5DB8@webmail.messagingengine.com>

$ diff -c t1_lib.c t1_lib_2.c 
*** t1_lib.c    2015-09-14 02:23:04.180535915 +0200
--- t1_lib_2.c  2015-09-14 02:23:22.620374882 +0200
***************
*** 1827,1833 ****
   * ssl_check_for_safari attempts to fingerprint Safari using OS X
   * SecureTransport using the TLS extension block in |d|, of length
   |n|.
   * Safari, since 10.6, sends exactly these extensions, in this order:
!  *   SNI,
   *   elliptic_curves
   *   ec_point_formats
   *
--- 1827,1834 ----
   * ssl_check_for_safari attempts to fingerprint Safari using OS X
   * SecureTransport using the TLS extension block in |d|, of length
   |n|.
   * Safari, since 10.6, sends exactly these extensions, in this order:
!  *   SNI
!  *   signature_algorithms
   *   elliptic_curves
   *   ec_point_formats
   *

-- 
  Martin Nilsson
  nilsson at fastmail.se


From eijdenberg at google.com  Mon Sep 14 18:15:42 2015
From: eijdenberg at google.com (Adam Eijdenberg)
Date: Mon, 14 Sep 2015 18:15:42 +0000
Subject: [PATCH] Add Certificate Transparency Support
Message-ID: <CAP9QY5bGYfrDe53CaoCdFzBtNYA6bNPWRknuxVWORbUSb4GGyw@mail.gmail.com>

First of a series of patches to add comprehensive Certificate Transparency
support to OpenSSL.  Splitting into chunks to help review process.

The first sets of patches will add private API surface only.
Later patches will add tests and public API surface.

Many thanks to Rob Stradling and Dr. Stephen Henson for the code in these
patches.

https://github.com/openssl/openssl/pull/396

This first patch looks larger than it really is - much of it is boilerplate
related to adding the new Makefile, new error codes, running "make update"
etc.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-bugs-mod/attachments/20150914/aa4ac0c4/attachment.html>

From horatiu at ddhosted.com  Tue Sep 15 07:57:16 2015
From: horatiu at ddhosted.com (Horatiu N)
Date: Tue, 15 Sep 2015 10:57:16 +0300
Subject: monitoring software depending on openssl not working on cloudflare
 ssl websites
In-Reply-To: <55F7CEFD.3000400@ddhosted.com>
References: <55F7CEFD.3000400@ddhosted.com>
Message-ID: <55F7CF5C.2000609@ddhosted.com>

Greetings,

Using the nagios plugins (latest debian package for 8.1) to check
availability of https websites using cloudflare gives errors
> CRITICAL - Cannot make SSL connection.
> 139729452828304:error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error:s23_clnt.c:770:

same goes if i attempt to run
> openssl s_client -connect <target>:443 

This basically makes monitoring impossible at this time,
Any idea how to remedy this situation ?

i attached a textfile with sample domains as extracted from the
certificate's "Certificate Subject alt name"
it's reproducible on any target as long as it's online

openssl version
> OpenSSL 1.0.1k 8 Jan 2015


dpkg -l openssl
> ii  openssl                     1.0.1k-3+deb8u1    amd64              Secure Sockets Layer toolkit - cryptographic utility

tried also to compile the newest one from openssl.org and use it, same
problem.



-------------- next part --------------
*.bluusun.com
*.coridonculturevoyages.com
*.filelist.ro
*.flro.org
*.footsy.ml
*.futurete.pt
*.howtowork.ru
*.indiviser.ru
*.jungs.ru
*.linica.ru
*.metafront.ru
*.mightytravels.com
*.segabite.ru
*.shrine.moe
*.soundgreat.ru
*.supersadovod.ru
*.tactum.ru
*.theonlyjoy.ru
*.wakarimasenlol.com
bluusun.com
coridonculturevoyages.com
filelist.ro
flro.org
footsy.ml
futurete.pt
howtowork.ru
indiviser.ru
jungs.ru
linica.ru
metafront.ru
mightytravels.com
segabite.ru
shrine.moe
soundgreat.ru
supersadovod.ru
tactum.ru
theonlyjoy.ru
wakarimasenlol.com
*.alvimu.ga
*.bellowusersyp10.cf
*.blankorientalvr40.ga
*.carterjk.com
*.dualmountingbg66.ml
*.improverespectedml51.gq
*.lovableshooterfm10.gq
*.mutesnoutedof56.ml
*.muztube.com
*.oberonrarean96.gq
*.paristravelbook.net
*.prospectusnebulamj12.ml
*.quarkrollesyp10.ga
*.travelstokyo.net
*.triple.ph
*.triple.site
*.vomeratomzj61.ga
*.waxmanassociates.com
*.werremeyer.com
alvimu.ga
bellowusersyp10.cf
blankorientalvr40.ga
carterjk.com
dualmountingbg66.ml
improverespectedml51.gq
lovableshooterfm10.gq
mutesnoutedof56.ml
muztube.com
oberonrarean96.gq
paristravelbook.net
prospectusnebulamj12.ml
quarkrollesyp10.ga
travelstokyo.net
triple.ph
triple.site
vomeratomzj61.ga
waxmanassociates.com
werremeyer.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3709 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mta.openssl.org/pipermail/openssl-bugs-mod/attachments/20150915/55eed6e3/attachment-0001.bin>

From cberube at us.ibm.com  Tue Sep 15 08:31:32 2015
From: cberube at us.ibm.com (Christopher Berube)
Date: Tue, 15 Sep 2015 08:31:32 +0000
Subject: Build Bug w/ OpenSSL on Windows? No Applink
Message-ID: <201509150831.t8F8Vnex026880@d01av05.pok.ibm.com>

An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-bugs-mod/attachments/20150915/826ad42a/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 34078 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-bugs-mod/attachments/20150915/826ad42a/attachment-0001.jpe>

From bkaduk at akamai.com  Tue Sep 15 15:15:21 2015
From: bkaduk at akamai.com (Benjamin Kaduk)
Date: Tue, 15 Sep 2015 10:15:21 -0500
Subject: cvsignore files are obsolete
Message-ID: <55F83609.3060705@akamai.com>

Now that everything's in git, the .cvsignore files seem to serve no
useful purpose, and should be removed.

-Ben


From beomgeunbae at gmail.com  Wed Sep 16 03:41:55 2015
From: beomgeunbae at gmail.com (BeomGeun Bae)
Date: Wed, 16 Sep 2015 12:41:55 +0900
Subject: RSA_generate_key()
Message-ID: <CAMCn57HJZ1_t_Jh5_1VkNaxSsoVSJWF7GbUJAa_5-J6qaeOeYA@mail.gmail.com>

I don't know where i need to ask but have a question for RSA_generate_key().
Do you have minimum cpu performance to run RSA_generate_key() for 2048bits?
When I tested it in our system (4,000mips), it task more than 10 seconds.
Is this expected?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-bugs-mod/attachments/20150916/ea94f3fb/attachment.html>

From ug at celemony.com  Wed Sep 16 08:20:35 2015
From: ug at celemony.com (Uwe Granzow)
Date: Wed, 16 Sep 2015 10:20:35 +0200
Subject: Fix xmm6 register clobbering in
 crypto/bn/asm/x86_64-mont5.pl:bn_power5() under Win64
Message-ID: <4C22BDED-F783-404A-BF1F-77E32F0C6470@celemony.com>

Hi,

i had some problems on Win64 using BIO_do_handshake/BIO_should_retry in a loop. The compiler optimizer placed a local variable value in the xmm6 register.
The content of this register was destroyed after calling BIO_do_handshake. I debugged this and found that the xmm6/xmm7 registers were not restored.
I fixed this with following diff for openssl-1.0.2d / x86_64-mont5.pl (bn_power5 and bn_from_mont8x):

1013a1014,1020
> ___
> $code.=<<___ if ($win64);
> movaps	-88(%rsi),%xmm6
> movaps	-72(%rsi),%xmm7
> ___
> $code.=<<___;
> 
2005a2013,2019
> ___
> $code.=<<___ if ($win64);
> movaps	-88(%rsi),%xmm6
> movaps	-72(%rsi),%xmm7
> ___
> $code.=<<___;
> 

The fix in bn_from_mont8x was not necessary for me but i think the lines are also missing there.

Best regards
Uwe Granzow
________________________________________
Celemony Software GmbH
Uwe Granzow
ug at celemony.com
________________________________________



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-bugs-mod/attachments/20150916/bfe9278e/attachment.html>

From fdasilvayy at gmail.com  Wed Sep 16 12:24:08 2015
From: fdasilvayy at gmail.com (Filipe Da Silva)
Date: Wed, 16 Sep 2015 14:24:08 +0200
Subject: [PATCH] early "references = 1" init
Message-ID: <CAMdnPMpjVfwBtnuvaqq0=KwD72oubHDhRLqSCP3Lgk1Ojgo-Xw@mail.gmail.com>

Hi ,

While looking at this commit
https://github.com/openssl/openssl/commit/64b25758edca688a30f02c260262150f7ad0bc7d

I notice a code path that can triggera  REF_CHECK error message "...,
bad reference count\n" in some particular case.
I see the same pattern in other code places.

I have not check if this issue is present in any released branch, but
I guess it is possible.

Please find attached the fix related to the trunk/master code.

Regards,
Filipe DA SILVA
-------------- next part --------------
A non-text attachment was scrubbed...
Name: early_ref_init.patch
Type: text/x-patch
Size: 1853 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-bugs-mod/attachments/20150916/b923c1dd/attachment.bin>

From alessandro at ghedini.me  Wed Sep 16 16:35:05 2015
From: alessandro at ghedini.me (Alessandro Ghedini)
Date: Wed, 16 Sep 2015 18:35:05 +0200
Subject: [PATCH] Fix potential read buffer overflow in PACKET_strndup()
Message-ID: <20150916163504.GA15338@kronk.local>

Hello,

see GitHub pull request at
https://github.com/openssl/openssl/pull/399

It provides a short analysis of the problem and a fix.

Cheers


From floss at apjanke.net  Thu Sep 17 06:51:10 2015
From: floss at apjanke.net (Andrew Janke)
Date: Thu, 17 Sep 2015 01:51:10 -0500
Subject: PR: website spelling and grammar: strategiy etc
Message-ID: <55FA62DE.4070305@apjanke.net>

Hi, OpenSSL folks,

I found some typos and other errors while reading through the 
openssl.org web site. I've submitted suggested changes as a PR to the 
openssl/web repo on GitHub. https://github.com/openssl/web/pull/8

Cheers,
Andrew Janke


From aaronmdjones at gmail.com  Thu Sep 17 07:12:07 2015
From: aaronmdjones at gmail.com (Aaron Jones)
Date: Thu, 17 Sep 2015 07:12:07 +0000
Subject: Minor corrections to codingstyle.txt
Message-ID: <55FA67C7.1040804@gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hello.

Please find attached a patch to codingstyle.txt to fix some minor
grammatical errors and such trivialities.

Regards,
Aaron Jones
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJV+me2AAoJEG6FTA+q1M6k0uEP/Rl/p9J/KbysC6wxZt+t4/Z+
m8P2onGkIYEHzuDcGG9ff0EFVS5kaj2/40qbte+EX3XJpfZUs6IZoiG9ClqJULGC
PueK2BgYD5vjOI8R4n1e5FlpaTWdeoJJEPK9znPzCpF/MU1LyCrBysN1+67c4gYF
FoYZYdtXPqpS0u0SmpXWL5ZKUyS9ElPajCyfMDl048RaUw04rdXV5yFAb+jl2Hx/
0YCfdxRFwqfQVwdgkCs31KX4dpZXLXCWOBwzFlHeeDQrD01XqDCylNNSkypG5RiJ
ibWHGQwlR0183Bmn+IoU2+1nyKfy9a4AcNctQ78mLQuzsvs667bWxiYDstuApqo/
AeLvfCDp+eB6DPLrE+h+5bAtOOSst8UvfkC37t3+Lxo6nOCKEyblx+0jX6BAEotq
Jv42ysau/f0DeF2+Ob2+YVyxlfJaet7aMdNebvYI1ozjZOFePnQffwgtafi4lQ+m
wCTHG8t9DnJCdRLZX4esNq3VNJMINWOBxU7eLSxwyyVHkFaO9ELSp/9xhWJK2TkB
TetTq92lFOfBEtFhIe6vKFgo06SavZ2fx2iFH8UNNarfP/V5KH10sUJzG+giwhO6
EMSaDwyr4O3oQlYo0NgfI4TVTaG/CK/6Ycu+G12Rd3R3MZqxq26LlsF/4civi25H
GZ2LhDnwrq+RvtmudtzP
=8HJK
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: codingstyle.txt.diff
Type: text/x-patch
Size: 4652 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-bugs-mod/attachments/20150917/c4de695b/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: codingstyle.txt.diff.sig
Type: application/pgp-signature
Size: 543 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-bugs-mod/attachments/20150917/c4de695b/attachment-0001.sig>

From hkario at redhat.com  Thu Sep 17 12:52:30 2015
From: hkario at redhat.com (Hubert Kario)
Date: Thu, 17 Sep 2015 14:52:30 +0200
Subject: [Patch] Fix EECDHE typo in ciphers(1)
Message-ID: <4780609.ZHMZU9bJPd@pintsize.usersys.redhat.com>

OpenSSL 1.0.1 ciphers man page specifies "EECDHE" alias, the actual 
alias supported by ciphers command is "EECDH".

https://github.com/openssl/openssl/pull/405
-- 
Regards,
Hubert Kario
Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purky?ova 99/71, 612 45, Brno, Czech Republic
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <http://mta.openssl.org/pipermail/openssl-bugs-mod/attachments/20150917/99901627/attachment.sig>

From alessandro at ghedini.me  Thu Sep 17 21:20:06 2015
From: alessandro at ghedini.me (Alessandro Ghedini)
Date: Thu, 17 Sep 2015 23:20:06 +0200
Subject: [PATCH] Print debug info for extended master secret extension
Message-ID: <20150917212006.GA24360@kronk.local>

Hello,

see GitHub pull request at
https://github.com/openssl/openssl/pull/404

This is like RT#4016, but for extended master secret.

Cheers


From michal.bozon at gmail.com  Fri Sep 18 13:45:11 2015
From: michal.bozon at gmail.com (Michal Bozon)
Date: Fri, 18 Sep 2015 15:45:11 +0200
Subject: [PATCH] Fix typo in prime.c error message
Message-ID: <CAJ-1OcJH-NVv1iF_ZBBCnWSG5qNeats-T-xwBb+WYN8=3kCrHw@mail.gmail.com>

s/Specifiy/Specify/

regards,
Michal Bozon
-------------- next part --------------
--- apps/prime.c.0
+++ apps/prime.c
@@ -121,7 +121,7 @@
         char *s;
 
         if (!bits) {
-            BIO_printf(bio_err, "Specifiy the number of bits.\n");
+            BIO_printf(bio_err, "Specify the number of bits.\n");
             goto end;
         }
         bn = BN_new();

From vitus at wagner.pp.ru  Sat Sep 19 10:09:10 2015
From: vitus at wagner.pp.ru (Victor Wagner)
Date: Sat, 19 Sep 2015 13:09:10 +0300
Subject: [BUG] engine-provided ciphers are unavailable for command-line utility
Message-ID: <20150919100907.GA4766@wagner.pp.ru>

In the branches 1.0.0, 1.0.1 and 1.0.2 of OpenSSL, some command line commands
which accepts cipher argument (at least enc, cms and smime) delays
engine initialization until all the command-line options are parsed.

Thus, if user specifies cipher, which is available only from engine,
such as -gost89, these commands report "Unknown cipher" if appropriate
engine is not specified in the configuration file.

I.e. it is not possible to run

openssl enc -engine gost -gost89 -e

or

openssl cms -engine gost -encrypt -gost89

while 

openssl dgst -engine gost -md_gost94

works just fine.

Also, it is not possible to get list of ciphers including
engine-provided ones, using openssl enc -engine gost -help,
because help is printed inside option-parsing loop before engine is
initialized.


Problem is already fixed in the master branch, where option parsing is
completely reworked.

FIX is quite trivial for the  branches mentioned above too. Just move call of
setup_engine up into the option parsing loop. This would also minimize
need of #ifndef OPENSSL_NO_ENGINE conditional, because all engine
initialization would go into one place


From ldgibbons at avaya.com  Mon Sep 21 23:47:53 2015
From: ldgibbons at avaya.com (Gibbons, Lee D (Doug))
Date: Mon, 21 Sep 2015 23:47:53 +0000
Subject: FIPS Object Module User Guide corrections needed for (*get_entropy)()
Message-ID: <B6098DA5C903984DB3AB435DEAFB70CD826A4CC4@AZ-US1EXMB04.global.avaya.com>

This is to highlight a bug in the FIPS Object Module 2.10 and corrective documentation in its User Guide.

The User Guide for the FIPS Object Module 2.10 describes the (*get_entropy)() callback:

                size_t (*get_entropy)(DRBG_CTX *ctx, unsigned char **pout,
           int entropy, size_t min_len, size_t max_len)

                "A call to this function requests entropy bits of entropy in a buffer of between min_len and
                max_len size bytes inclusive. The values of these are mechanism specific and taken from
                SP800-90 tables. This callback should then return the amount of data in the buffer *pout and the
                length in the return value, or zero in case of being unable to retrieve sufficient entropy."

The caller of (*get_entropy)() is the static function fips_get_entropy(). Notice how it constructs the <entropy> value, which should be in bits:

     rv = dctx->get_entropy(dctx, &tout, entropy + bl,
                min_len + bl, max_len + bl);
     *pout = tout + bl;
     if (rv < (min_len + bl) || (rv % bl))
           return 0;

The "entropy + bl" expression is mixing types, adding bits and bytes together. Anyone defining a (*get_entropy)() callback had better ignore the <entropy> parameter. What's more, the callback had better return <min_len> rounded up to a dctx->entropy_blocklen boundary or face failure. The User Guide mentions none of this.

I realize the FIPS Object Module is frozen. The documentation should be corrected to expose the real restrictions on the callback.

Doug Gibbons | Consulting Engineer | Avaya Inc. | 12121 Grant St | 2S-237 | Thornton, CO 80241 | 303-538-3538 | ldgibbons at avaya.com<mailto:ldgibbons at avaya.com>


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-bugs-mod/attachments/20150921/b3cf9b73/attachment.html>

From noloader at gmail.com  Tue Sep 22 00:39:23 2015
From: noloader at gmail.com (Jeffrey Walton)
Date: Mon, 21 Sep 2015 20:39:23 -0400
Subject: 1.0.2d and Configure issue under X32 (ARFLAGS is architecture name?)
Message-ID: <CAH8yC8kV4-DYomYxt_SxBf5YLT60PGLW4Z1MHdWFN01rEebKTw@mail.gmail.com>

I experienced this issue under X32. X32 provides 32-bit integers,
longs and pointers combined with the richness of x86_64 register set.
Debian has a chroot environment for X32 at
https://wiki.debian.org/X32Port.

It appears ARFLAGS is set to the architecture when using RPATH options
in Configure's $cflags and $ldflags. RPATHS are important (IMHO)
because OpenSSL can get into a situation where /usr/local/bin/openssl
uses /usr/local/lib/libssl.so, but libssl.so uses the system's
/usr/lib/libcrypto.so.

I added a Configure target that provides RPATH options to $cflags
(field 2) and $ldflags (field 6):

    # ./Configure LIST | grep x32
    linux-x32
    linux-x32-rpath
    linux32-s390x

Here's what it looks like (copy and paste from under emacs; ignore the
back slashes):

    "linux-x32-rpath",    "gcc:-mx32 -DL_ENDIAN -O3 -Wall
-Wl,-rpath=/usr/local/ssl\
    /lib::-D_REENTRANT::-Wl,-rpath=/usr/local/ssl/lib
-ldl:SIXTY_FOUR_BIT RC4_CHUNK\
    _LL DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC
-mx32:.so.\$(\
    SHLIB_MAJOR).\$(SHLIB_MINOR):::x32",

And below is what it results in, which fails under `make` because `ARFLAGS=m32`.

Jeff

**********

# unset ARFLAGS
# ./Configure linux-x32-rpath shared enable-ec_nistp_64_gcc_128
Configuring for linux-x32-rpath
    no-gmp          [default]  OPENSSL_NO_GMP (skip dir)
    no-jpake        [experimental] OPENSSL_NO_JPAKE (skip dir)
    no-krb5         [krb5-flavor not specified] OPENSSL_NO_KRB5
    no-libunbound   [experimental] OPENSSL_NO_LIBUNBOUND (skip dir)
    no-md2          [default]  OPENSSL_NO_MD2 (skip dir)
    no-rc5          [default]  OPENSSL_NO_RC5 (skip dir)
    no-rfc3779      [default]  OPENSSL_NO_RFC3779 (skip dir)
    no-sctp         [default]  OPENSSL_NO_SCTP (skip dir)
    no-ssl-trace    [default]  OPENSSL_NO_SSL_TRACE (skip dir)
    no-store        [experimental] OPENSSL_NO_STORE (skip dir)
    no-unit-test    [default]  OPENSSL_NO_UNIT_TEST (skip dir)
    no-zlib         [default]
    no-zlib-dynamic [default]
IsMK1MF=0
CC            =gcc
CFLAG         =-fPIC -mx32 -DOPENSSL_PIC -DOPENSSL_THREADS
-D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -mx32 -DL_ENDIAN -O3 -Wall
-Wl,-rpath=/usr/local/ssl/lib -DOPENSSL_IA32_SSE2
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m
-DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM
-DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM
EX_LIBS       =-Wl,-rpath=/usr/local/ssl/lib -ldl
CPUID_OBJ     =x86_64cpuid.o
BN_ASM        =x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o
rsaz_exp.o rsaz-x86_64.o rsaz-avx2.o
EC_ASM        =ecp_nistz256.o ecp_nistz256-x86_64.o
DES_ENC       =des_enc.o fcrypt_b.o
AES_ENC       =aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o
aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o
aesni-mb-x86_64.o
BF_ENC        =bf_enc.o
CAST_ENC      =c_enc.o
RC4_ENC       =rc4-x86_64.o rc4-md5-x86_64.o
RC5_ENC       =rc5_enc.o
MD5_OBJ_ASM   =md5-x86_64.o
SHA1_OBJ_ASM  =sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
sha1-mb-x86_64.o sha256-mb-x86_64.o
RMD160_OBJ_ASM=
CMLL_ENC      =cmll-x86_64.o cmll_misc.o
MODES_OBJ     =ghash-x86_64.o aesni-gcm-x86_64.o
ENGINES_OBJ   =
PROCESSOR     =
RANLIB        =/usr/bin/ranlib
ARFLAGS       =x32
PERL          =/usr/bin/perl
SIXTY_FOUR_BIT mode
DES_UNROLL used
DES_INT used
RC4_CHUNK is unsigned long long
created directory `include/openssl'
...


From vladimir.kotal at oracle.com  Tue Sep 22 09:45:24 2015
From: vladimir.kotal at oracle.com (Vladimir Kotal)
Date: Tue, 22 Sep 2015 11:45:24 +0200
Subject: apps/rehash.c fails to compile on Solaris (+ fix)
Message-ID: <56012334.5080802@oracle.com>


apps/rehash.c fails to compile on Solaris and other systems that do not 
define NAME_MAX in limits.h.

Namely, Solaris has this comment in limits.h:

/*
  * POSIX 1003.1a, section 2.9.5, table 2-5 contains [NAME_MAX] and the
  * related text states:
  *
  * A definition of one of the values from Table 2-5 shall be omitted 
from the
  * <limits.h> on specific implementations where the corresponding value is
  * equal to or greater than the stated minimum, but where the value can 
vary
  * depending on the file to which it is applied. The actual value 
supported for
  * a specific pathname shall be provided by the pathconf() (5.7.1) 
function.
  *
  * This is clear that any machine supporting multiple file system types
  * and/or a network can not include this define, regardless of protection
  * by the _POSIX_SOURCE and _POSIX_C_SOURCE flags.
  *
  * #define      NAME_MAX        14
  */


See pull request https://github.com/openssl/openssl/pull/408 for the 
actual fix.

Cheers,


v.


From toutati at free.fr  Wed Sep 23 22:58:03 2015
From: toutati at free.fr (touti)
Date: Thu, 24 Sep 2015 00:58:03 +0200
Subject: bug (seems to be) to install openssl on OSX 10.6.8
Message-ID: <56032E7B.6050007@free.fr>

Hello,
thank's for the work to all of you.

I tried to install openssl with brew
have a look on problems I encountered in
https://github.com/Homebrew/homebrew/issues/44280

I tried also with
$ ./configure darwin64-x86_64-cc --prefix=/usr/local/openssl-1.0.2d

But after

$ make
can't build ? and I got this:

ghash-x86_64.s:890:junk `.15473355479995e+19' after expression
make[2]: *** [ghash-x86_64.o] Error 1
make[1]: *** [subdirs] Error 1
make: *** [build_crypto] Error 1

Thank you if you can help me !
++
Anne-lise Martenot aka touti||||
|||||
---------------


$ make
making all in crypto...
/usr/bin/perl ../util/mkbuildinf.pl "cc -I. -I.. -I../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM" "darwin64-x86_64-cc" >buildinf.h
cc -I. -I.. -I../include -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN 
-DHAVE_DLFCN_H -arch x86_64 -O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m 
-DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM 
-DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -c -o 
cryptlib.o cryptlib.c
cc -I. -I.. -I../include -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN 
-DHAVE_DLFCN_H -arch x86_64 -O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m 
-DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM 
-DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -c -o mem.o mem.c
cc -I. -I.. -I../include -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN 
-DHAVE_DLFCN_H -arch x86_64 -O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m 
-DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM 
-DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -c -o 
mem_dbg.o mem_dbg.c
cc -I. -I.. -I../include -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN 
-DHAVE_DLFCN_H -arch x86_64 -O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m 
-DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM 
-DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -c -o 
cversion.o cversion.c
cc -I. -I.. -I../include -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN 
-DHAVE_DLFCN_H -arch x86_64 -O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m 
-DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM 
-DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -c -o 
ex_data.o ex_data.c
cc -I. -I.. -I../include -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN 
-DHAVE_DLFCN_H -arch x86_64 -O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m 
-DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM 
-DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -c -o 
cpt_err.o cpt_err.c
cc -I. -I.. -I../include -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN 
-DHAVE_DLFCN_H -arch x86_64 -O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m 
-DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM 
-DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -c -o 
ebcdic.o ebcdic.c
cc -I. -I.. -I../include -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN 
-DHAVE_DLFCN_H -arch x86_64 -O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m 
-DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM 
-DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -c -o uid.o uid.c
cc -I. -I.. -I../include -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN 
-DHAVE_DLFCN_H -arch x86_64 -O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m 
-DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM 
-DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -c -o 
o_time.o o_time.c
cc -I. -I.. -I../include -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN 
-DHAVE_DLFCN_H -arch x86_64 -O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m 
-DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM 
-DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -c -o o_str.o 
o_str.c
cc -I. -I.. -I../include -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN 
-DHAVE_DLFCN_H -arch x86_64 -O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m 
-DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM 
-DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -c -o o_dir.o 
o_dir.c
cc -I. -I.. -I../include -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN 
-DHAVE_DLFCN_H -arch x86_64 -O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m 
-DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM 
-DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -c -o 
o_fips.o o_fips.c
cc -I. -I.. -I../include -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN 
-DHAVE_DLFCN_H -arch x86_64 -O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m 
-DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM 
-DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -c -o 
o_init.o o_init.c
cc -I. -I.. -I../include -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN 
-DHAVE_DLFCN_H -arch x86_64 -O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m 
-DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM 
-DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -c -o 
fips_ers.o fips_ers.c
ar r ../libcrypto.a cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o 
cpt_err.o ebcdic.o uid.o o_time.o o_str.o o_dir.o o_fips.o o_init.o 
fips_ers.o x86_64cpuid.o
/usr/bin/ranlib: file: ../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../libcrypto.a(fips_ers.o) has no symbols
test -z "" || ar r ../libcrypto.a fipscanister.o
/usr/bin/ranlib ../libcrypto.a || echo Never mind.
/usr/bin/ranlib: file: ../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../libcrypto.a(fips_ers.o) has no symbols
making all in crypto/objects...
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o o_names.o o_names.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o obj_dat.o obj_dat.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o obj_lib.o obj_lib.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o obj_err.o obj_err.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o obj_xref.o obj_xref.c
ar r ../../libcrypto.a o_names.o obj_dat.o obj_lib.o obj_err.o obj_xref.o
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
/usr/bin/ranlib ../../libcrypto.a || echo Never mind.
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
making all in crypto/md4...
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o md4_dgst.o md4_dgst.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o md4_one.o md4_one.c
ar r ../../libcrypto.a md4_dgst.o md4_one.o
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
/usr/bin/ranlib ../../libcrypto.a || echo Never mind.
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
making all in crypto/md5...
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o md5_dgst.o md5_dgst.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o md5_one.o md5_one.c
ar r ../../libcrypto.a md5_dgst.o md5_one.o md5-x86_64.o
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
/usr/bin/ranlib ../../libcrypto.a || echo Never mind.
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
making all in crypto/sha...
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o sha_dgst.o sha_dgst.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o sha1dgst.o sha1dgst.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o sha_one.o sha_one.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o sha1_one.o sha1_one.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o sha256.o sha256.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o sha512.o sha512.c
ar r ../../libcrypto.a sha_dgst.o sha1dgst.o sha_one.o sha1_one.o 
sha256.o sha512.o sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o 
sha1-mb-x86_64.o sha256-mb-x86_64.o
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
/usr/bin/ranlib ../../libcrypto.a || echo Never mind.
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
making all in crypto/mdc2...
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o mdc2dgst.o mdc2dgst.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o mdc2_one.o mdc2_one.c
ar r ../../libcrypto.a mdc2dgst.o mdc2_one.o
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
/usr/bin/ranlib ../../libcrypto.a || echo Never mind.
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
making all in crypto/hmac...
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o hmac.o hmac.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o hm_ameth.o hm_ameth.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o hm_pmeth.o hm_pmeth.c
ar r ../../libcrypto.a hmac.o hm_ameth.o hm_pmeth.o
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
/usr/bin/ranlib ../../libcrypto.a || echo Never mind.
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
making all in crypto/ripemd...
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o rmd_dgst.o rmd_dgst.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o rmd_one.o rmd_one.c
ar r ../../libcrypto.a rmd_dgst.o rmd_one.o
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
/usr/bin/ranlib ../../libcrypto.a || echo Never mind.
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
making all in crypto/whrlpool...
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o wp_dgst.o wp_dgst.c
ar r ../../libcrypto.a wp_dgst.o wp-x86_64.o
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
/usr/bin/ranlib ../../libcrypto.a || echo Never mind.
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
making all in crypto/des...
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o set_key.o set_key.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o ecb_enc.o ecb_enc.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o cbc_enc.o cbc_enc.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o ecb3_enc.o ecb3_enc.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o cfb64enc.o cfb64enc.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o cfb64ede.o cfb64ede.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o cfb_enc.o cfb_enc.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o ofb64ede.o ofb64ede.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o enc_read.o enc_read.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o enc_writ.o enc_writ.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o ofb64enc.o ofb64enc.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o ofb_enc.o ofb_enc.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o str2key.o str2key.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o pcbc_enc.o pcbc_enc.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o qud_cksm.o qud_cksm.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o rand_key.o rand_key.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o des_enc.o des_enc.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o fcrypt_b.o fcrypt_b.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o fcrypt.o fcrypt.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o xcbc_enc.o xcbc_enc.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o rpc_enc.o rpc_enc.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o cbc_cksm.o cbc_cksm.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o ede_cbcm_enc.o ede_cbcm_enc.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o des_old.o des_old.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o des_old2.o des_old2.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o read2pwd.o read2pwd.c
ar r ../../libcrypto.a set_key.o ecb_enc.o cbc_enc.o ecb3_enc.o 
cfb64enc.o cfb64ede.o cfb_enc.o ofb64ede.o enc_read.o enc_writ.o 
ofb64enc.o ofb_enc.o str2key.o pcbc_enc.o qud_cksm.o rand_key.o 
des_enc.o fcrypt_b.o fcrypt.o xcbc_enc.o rpc_enc.o cbc_cksm.o 
ede_cbcm_enc.o des_old.o des_old2.o read2pwd.o
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
/usr/bin/ranlib ../../libcrypto.a || echo Never mind.
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
making all in crypto/aes...
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o aes_misc.o aes_misc.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o aes_ecb.o aes_ecb.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o aes_cfb.o aes_cfb.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o aes_ofb.o aes_ofb.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o aes_ctr.o aes_ctr.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o aes_ige.o aes_ige.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o aes_wrap.o aes_wrap.c
ar r ../../libcrypto.a aes_misc.o aes_ecb.o aes_cfb.o aes_ofb.o 
aes_ctr.o aes_ige.o aes_wrap.o aes-x86_64.o vpaes-x86_64.o 
bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o 
aesni-mb-x86_64.o
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
/usr/bin/ranlib ../../libcrypto.a || echo Never mind.
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
making all in crypto/rc2...
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o rc2_ecb.o rc2_ecb.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o rc2_skey.o rc2_skey.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o rc2_cbc.o rc2_cbc.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o rc2cfb64.o rc2cfb64.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o rc2ofb64.o rc2ofb64.c
ar r ../../libcrypto.a rc2_ecb.o rc2_skey.o rc2_cbc.o rc2cfb64.o rc2ofb64.o
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
/usr/bin/ranlib ../../libcrypto.a || echo Never mind.
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
making all in crypto/rc4...
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o rc4_enc.o rc4_enc.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o rc4_skey.o rc4_skey.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o rc4_utl.o rc4_utl.c
ar r ../../libcrypto.a rc4_enc.o rc4_skey.o rc4_utl.o
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
/usr/bin/ranlib ../../libcrypto.a || echo Never mind.
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
making all in crypto/idea...
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o i_cbc.o i_cbc.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o i_cfb64.o i_cfb64.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o i_ofb64.o i_ofb64.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o i_ecb.o i_ecb.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o i_skey.o i_skey.c
ar r ../../libcrypto.a i_cbc.o i_cfb64.o i_ofb64.o i_ecb.o i_skey.o
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
/usr/bin/ranlib ../../libcrypto.a || echo Never mind.
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
making all in crypto/bf...
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o bf_skey.o bf_skey.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o bf_ecb.o bf_ecb.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o bf_enc.o bf_enc.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o bf_cfb64.o bf_cfb64.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o bf_ofb64.o bf_ofb64.c
ar r ../../libcrypto.a bf_skey.o bf_ecb.o bf_enc.o bf_cfb64.o bf_ofb64.o
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
/usr/bin/ranlib ../../libcrypto.a || echo Never mind.
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
making all in crypto/cast...
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o c_skey.o c_skey.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o c_ecb.o c_ecb.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o c_enc.o c_enc.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o c_cfb64.o c_cfb64.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o c_ofb64.o c_ofb64.c
ar r ../../libcrypto.a c_skey.o c_ecb.o c_enc.o c_cfb64.o c_ofb64.o
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
/usr/bin/ranlib ../../libcrypto.a || echo Never mind.
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
making all in crypto/camellia...
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o cmll_ecb.o cmll_ecb.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o cmll_ofb.o cmll_ofb.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o cmll_cfb.o cmll_cfb.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o cmll_ctr.o cmll_ctr.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o cmll_utl.o cmll_utl.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o cmll_misc.o cmll_misc.c
ar r ../../libcrypto.a cmll_ecb.o cmll_ofb.o cmll_cfb.o cmll_ctr.o 
cmll_utl.o cmll-x86_64.o cmll_misc.o
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
/usr/bin/ranlib ../../libcrypto.a || echo Never mind.
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
making all in crypto/seed...
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o seed.o seed.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o seed_ecb.o seed_ecb.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o seed_cbc.o seed_cbc.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o seed_cfb.o seed_cfb.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o seed_ofb.o seed_ofb.c
ar r ../../libcrypto.a seed.o seed_ecb.o seed_cbc.o seed_cfb.o seed_ofb.o
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
/usr/bin/ranlib ../../libcrypto.a || echo Never mind.
/usr/bin/ranlib: file: ../../libcrypto.a(ebcdic.o) has no symbols
/usr/bin/ranlib: file: ../../libcrypto.a(fips_ers.o) has no symbols
making all in crypto/modes...
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o cbc128.o cbc128.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o ctr128.o ctr128.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o cts128.o cts128.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o cfb128.o cfb128.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o ofb128.o ofb128.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o gcm128.o gcm128.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o ccm128.o ccm128.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o xts128.o xts128.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o wrap128.o wrap128.c
cc -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 
-O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM -DECP_NISTZ256_ASM -c -o ghash-x86_64.o ghash-x86_64.s
ghash-x86_64.s:890:junk `.15473355479995e+19' after expression
make[2]: *** [ghash-x86_64.o] Error 1
make[1]: *** [subdirs] Error 1
make: *** [build_crypto] Error 1


|

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-bugs-mod/attachments/20150924/9c4739b9/attachment-0001.html>

From beldmit at gmail.com  Thu Sep 24 15:23:52 2015
From: beldmit at gmail.com (Dmitry Belyavsky)
Date: Thu, 24 Sep 2015 18:23:52 +0300
Subject: Error processing set_serial parameter of the req command
Message-ID: <CADqLbzJjurKq5YNuALDbvcZZM0d8bz0c+gTN4_800Xd3BdiyOw@mail.gmail.com>

Hello!

Current master treats -set_serial as digest alg and expects -set-serial
instead.
It is the only place in apps, x509 and ca commands seem to accept
-set_serial.

-- 
SY, Dmitry Belyavsky
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-bugs-mod/attachments/20150924/09e512d6/attachment.html>

From TiantianL at tender-retail.com  Thu Sep 24 15:44:59 2015
From: TiantianL at tender-retail.com (Tiantian Liu)
Date: Thu, 24 Sep 2015 15:44:59 +0000
Subject: a crash happened inside SSL_Connect function
Message-ID: <E7E411D854F89D4A9AB2B4569C56264E42AECA18@cpt-exch06w-p.magrit.int>

Hi,

I am a software developer who is struggling on an application development based on OpenSSL 1.0.1 (released on 2012-03-14) under Linux (32-bit Redhat).

I used to use the SSL functions from OpenSSL 0.9.8, and my application worked fine.  I applied the SSLv23_method() to setup the SSL context and communicate with customer's server over various SSL/TLS protocols.

While, recently my customer required me to upgrade my OpenSSL library, because their server only support TLS1.2. So I downloaded OpenSSL 1.0.1 source package, then complied and installed successfully.
I configured the OpenSSL as:
                #./config -prefix=/usr shared     //I have to generate the shared library like libssl.so, libcrypto.so

Then I found my SSL context, setup by SSLv23_method(), stopped working, I can't reach their server anymore.  It looked like they didn't understand my handshake message when I called SSL_Connect().

So I switched to the TLSv1_2_method()  to build SSL context. However, my program crashed every time when I called SSL_Connect(), I mean crash happened inside the SSL_Connect(), and it didn't return at all.

Now I have tried 2 methods:

1.       SSLv23_method() to build SSL context

SSL_METHOD *meth;
SSL_CTX *ctx;
......
meth = SSLv23_method();
ctx = SSL_CTX_new(meth);

//Only allow TLSv1_1 or higher
SSL_CTX_set_options(ctx, SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1);

......

The SSL_Connect() resulted in:
ConnectSSL [SSL_connect(ssl)] failed: 5
SSL_ERROR_SYSCALL: 5



2.       TLSv1_2_method() to build SSL context

SSL_METHOD *meth;
SSL_CTX *ctx;
......
meth = TLSv1_2_method();
ctx = SSL_CTX_new(meth);


then, the SSL_connect() crashed when I invoked it.

Currently, I don't know how to attack this issue, all the code worked fine before. I just changed the SSLv23_method  to TLSv1_2_method.  Is there any difference between that 2 functions? What I should do if I want to use the TLSv1_2_method?

I am very pleased if anyone of you have any idea to help me.
Thanks,
Tyler

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-bugs-mod/attachments/20150924/7572d05b/attachment.html>

From dlmeetei at gmail.com  Thu Sep 24 19:15:51 2015
From: dlmeetei at gmail.com (Devchandra L Meetei)
Date: Fri, 25 Sep 2015 00:45:51 +0530
Subject: [PATCH] Request for new API to get role of SSL
Message-ID: <CAKmFMKdmPSeSeLXmz8=8ugz1N21OJ9TTTxhUGmGTfzBwxN=5yg@mail.gmail.com>

In a bid to use openssl's non blocking mode with bio pair, we are calling
SSL_do_handshake to perform handshake and we would like to do callback
based on role of SSL.

and Seems that OpenSSL does not expose any APi for doing the same.


The attached patch adds a new API, which returns the ```server``` member of
```ssl_st```.

> int SSL_get_role(const SSL *s)

It currently does not have any test included and Will be happy to update
the patch with test case if openssl team is okay with the API change.




-- 
Warm Regards
--Dev
OpenPegasus Developer

"I'm one of those people that think Thomas Edison and the light bulb
changed the world more than Karl Marx ever did,? Steve Jobs
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-bugs-mod/attachments/20150925/92e4aa67/attachment.html>

From alessandro at ghedini.me  Fri Sep 25 13:16:03 2015
From: alessandro at ghedini.me (Alessandro Ghedini)
Date: Fri, 25 Sep 2015 15:16:03 +0200
Subject: [PATCH] Fix build failure
Message-ID: <20150925131603.GA17219@kronk.local>

Hello,

due to commit a93d3e0 the ./config script currently fails with the error:

> Operating system: x86_64-whatever-linux2
> This system (linux-x86_64) is not supported. See file INSTALL for details.

see the following GitHub pull request for a fix:
https://github.com/openssl/openssl/pull/412

Cheers


From hkario at redhat.com  Fri Sep 25 13:19:52 2015
From: hkario at redhat.com (Hubert Kario)
Date: Fri, 25 Sep 2015 15:19:52 +0200
Subject: Client Hello longer than 2^14 bytes are rejected
Message-ID: <2666857.mJb7Wub1ca@pintsize.usersys.redhat.com>

Current OpenSSL-1.0.1, 1.0.2 as well as state-machine-rewrite branches 
reject Client Hello messages bigger than 2^14+4 bytes.

RFC 5246 specifies maximum size of just the extensions field to be 
2^16-1:

      struct {
          ProtocolVersion client_version;
          Random random;
          SessionID session_id;
          CipherSuite cipher_suites<2..2^16-2>;
          CompressionMethod compression_methods<1..2^8-1>;
          select (extensions_present) {
              case false:
                  struct {};
              case true:
                  Extension extensions<0..2^16-1>;
          };
      } ClientHello;

reproducer:
openssl req -x509 -newkey rsa -keyout localhost.key -out localhost.crt\
-nodes -batch
~/dev/openssl/apps/openssl s_server -key localhost.key -cert\
localhost.crt -www

pip install --pre tlslite-ng
git clone https://github.com/tomato42/tlsfuzzer.git

cd tlsfuzzer
PYTHONPATH=. python scripts/test-record-layer-fragmentation.py
-- 
Regards,
Hubert Kario
Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purky?ova 99/71, 612 45, Brno, Czech Republic
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <http://mta.openssl.org/pipermail/openssl-bugs-mod/attachments/20150925/a3cb58cb/attachment-0001.sig>

From matt at openssl.org  Fri Sep 25 15:33:40 2015
From: matt at openssl.org (Matt Caswell)
Date: Fri, 25 Sep 2015 16:33:40 +0100
Subject: Client Hello longer than 2^14 bytes are rejected
In-Reply-To: <2666857.mJb7Wub1ca@pintsize.usersys.redhat.com>
References: <2666857.mJb7Wub1ca@pintsize.usersys.redhat.com>
Message-ID: <56056954.1010002@openssl.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256



On 25/09/15 14:19, Hubert Kario wrote:
> Current OpenSSL-1.0.1, 1.0.2 as well as state-machine-rewrite
> branches reject Client Hello messages bigger than 2^14+4 bytes.


Right. The reason for that is that there is an explicit (deliberate)
check for it. Each message in its call to ssl_get_message specifies
the max size. For ClientHello:

    n = s->method->ssl_get_message(s,
                                   SSL3_ST_SR_CLNT_HELLO_B,
                                   SSL3_ST_SR_CLNT_HELLO_C,
                                   SSL3_MT_CLIENT_HELLO,
                                   SSL3_RT_MAX_PLAIN_LENGTH, &ok);

The max size here is the fifth param, i.e. SSL3_RT_MAX_PLAIN_LENGTH
(=16384, or the max possible size that can fit into a single record).
Every message has one of these defined. Some of them are quite
arbitrary values.

E.g. for ServerHello
    n = s->method->ssl_get_message(s,
                                   SSL3_ST_CR_SRVR_HELLO_A,
                                   SSL3_ST_CR_SRVR_HELLO_B, -1, 20000,
&ok);

Why 20000? No idea.

The same restriction exists in the state-machine-rewrite branches
because I'm ultra-cautious. I am reluctant to remove an explicit check
like that without understanding why it's there in the first place.
Especially if its not breaking anything. Are we ever likely to
encounter a ClientHello > 16384 bytes?

Matt
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJWBWlUAAoJENnE0m0OYESR0GUIAKPpYctFSqG7RVtPI8mKdw75
Ml+18+fOh4QE6RoKVLoBB3FglAZujZ8RMXlOZ6bivF8KrLygoAT6ECF/a0ee3kpk
UAlYOY9HEHistlY+BeAs0jx2VsAKb10mO+Z+C6jV+Uql2GSTFqzrdGSdS6pxOuL1
EJr4WFh32sj+ApvTpDw6XVuvNypVpoEY5KeDj+4ZPKnQdp/TcoErLEzIgzIsGm7b
FNXkpgTy8Xamr+S6afQYgNi6MOlHIIRlOXkDqkOyRpjHfqLU748EympIUkWNq8EZ
dw8Sxk6PRTe9BqgtjX10benF3K7N9yuli2sLHoHFZvwTVqWvNqMgA2jyJIoCgM8=
=bEaO
-----END PGP SIGNATURE-----


From hkario at redhat.com  Fri Sep 25 16:23:01 2015
From: hkario at redhat.com (Hubert Kario)
Date: Fri, 25 Sep 2015 18:23:01 +0200
Subject: Client Hello longer than 2^14 bytes are rejected
In-Reply-To: <56056954.1010002@openssl.org>
References: <2666857.mJb7Wub1ca@pintsize.usersys.redhat.com>
 <56056954.1010002@openssl.org>
Message-ID: <2347005.W6PQb4aIbL@pintsize.usersys.redhat.com>

On Friday 25 September 2015 16:33:40 Matt Caswell wrote:
> On 25/09/15 14:19, Hubert Kario wrote:
> > Current OpenSSL-1.0.1, 1.0.2 as well as state-machine-rewrite
> > branches reject Client Hello messages bigger than 2^14+4 bytes.
> 
> Right. The reason for that is that there is an explicit (deliberate)
> check for it. Each message in its call to ssl_get_message specifies
> the max size. For ClientHello:
> 
>     n = s->method->ssl_get_message(s,
>                                    SSL3_ST_SR_CLNT_HELLO_B,
>                                    SSL3_ST_SR_CLNT_HELLO_C,
>                                    SSL3_MT_CLIENT_HELLO,
>                                    SSL3_RT_MAX_PLAIN_LENGTH, &ok);
> 
> The max size here is the fifth param, i.e. SSL3_RT_MAX_PLAIN_LENGTH
> (=16384, or the max possible size that can fit into a single record).

well, except that this doesn't include the message type and message 
length fields, so the message (from the point of view of record layer) 
is actually 2^14+4 bytes so it won't fit into a single record :)

the actual maximum size is:

 4 + # handshake protocol header
 2 + # client_version
 32 + # only valid length for random
 1 + # length of session_id
 32 + # maximum size for session_id
 2 + # length of cipher suites
 2^16-2 + # maximum length of cipher suites array
 1 + # length of compression_methods
 2^8-1 + # maximum length of compression methods
 2 + # length of extensions
 2^16-1 # maximum length of extensions
= 131400 or 131396 without header

> Every message has one of these defined. Some of them are quite
> arbitrary values.
> 
> E.g. for ServerHello
>     n = s->method->ssl_get_message(s,
>                                    SSL3_ST_CR_SRVR_HELLO_A,
>                                    SSL3_ST_CR_SRVR_HELLO_B, -1, 20000,
> &ok);
> 
> Why 20000? No idea.
> 
> The same restriction exists in the state-machine-rewrite branches
> because I'm ultra-cautious.

entirely understandable

> I am reluctant to remove an explicit check
> like that without understanding why it's there in the first place.
> Especially if its not breaking anything. Are we ever likely to
> encounter a ClientHello > 16384 bytes?

with actual TLSv1.2? likely "nothing" and "never".

But the same could have been said about version number not being 
anything but 3.0 or 3.1 when TLSv1.0 was published, and we all know how 
well this turned out to be...

Given that TLSv1.3 has a 1RTT mode planned (so Client Key Exchange ends 
up as an extension, possibly multiple ones), and that quantum computing 
resistant algorithms usually require fairly large key sizes (large 
enough that protocol limitations itself are problematic), we may see 
Client Hellos larger than 16k in not so far future.

-- 
Regards,
Hubert Kario
Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purky?ova 99/71, 612 45, Brno, Czech Republic
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <http://mta.openssl.org/pipermail/openssl-bugs-mod/attachments/20150925/ff2c7c13/attachment.sig>

From haiyang_yin at yahoo.ca  Wed Sep 30 03:37:46 2015
From: haiyang_yin at yahoo.ca (Haiyang Yin)
Date: Wed, 30 Sep 2015 03:37:46 +0000 (UTC)
Subject: bug: openssl clean up crash
Message-ID: <830657612.2927488.1443584266236.JavaMail.yahoo@mail.yahoo.com>

Hello,
I am using memory-based bio to handle dtls sessions. Crash happened after close notify received and SSL was cleaned up ? OpenSSL version is 1.0.2d. If more detailed information required, pls. let me known.
Thanks,
2015-09-29 22:59:32.968954 [ DEBUG ] [ StunTransManager.cpp ] [ 95 ] StunTransManager::init()
Program received signal SIGSEGV, Segmentation fault.[Switching to Thread 0x7fffe77fe700 (LWP 16074)]0x00007ffff73ced29 in sk_value () from /usr/local/ssl/lib/libcrypto.so.1.0.0(gdb) bt#0 ?0x00007ffff73ced29 in sk_value () from /usr/local/ssl/lib/libcrypto.so.1.0.0#1 ?0x00007ffff731f8db in int_free_ex_data () from /usr/local/ssl/lib/libcrypto.so.1.0.0#2 ?0x00007ffff73c495a in BIO_free () from /usr/local/ssl/lib/libcrypto.so.1.0.0#3 ?0x00007ffff73c5274 in BIO_free_all () from /usr/local/ssl/lib/libcrypto.so.1.0.0#4 ?0x00007ffff774df5b in SSL_free () from /usr/local/ssl/lib/libssl.so.1.0.0#5 ?0x000000000077ca35 in TestDtlsSession::cleanup (this=0x7fffd4000a50) at /home/hyin/projects/intelligent_home_gateway/test/src/TestDtlsSession.cpp:418#6 ?0x000000000077bcaa in TestDtlsSession::~TestDtlsSession (this=0x7fffd4000a50, __in_chrg=<optimized out>) at /home/hyin/projects/intelligent_home_gateway/test/src/TestDtlsSession.cpp:141#7 ?0x0000000000786760 in __gnu_cxx::new_allocator<TestDtlsSession>::destroy<TestDtlsSession> (this=0x7fffd4000a50, __p=0x7fffd4000a50) at /usr/include/c++/4.9/ext/new_allocator.h:124#8 ?0x000000000078671d in std::allocator_traits<std::allocator<TestDtlsSession> >::_S_destroy<TestDtlsSession> (__a=..., __p=0x7fffd4000a50) at /usr/include/c++/4.9/bits/alloc_traits.h:282#9 ?0x00000000007866c5 in std::allocator_traits<std::allocator<TestDtlsSession> >::destroy<TestDtlsSession> (__a=..., __p=0x7fffd4000a50) at /usr/include/c++/4.9/bits/alloc_traits.h:411#10 0x000000000078656f in std::_Sp_counted_ptr_inplace<TestDtlsSession, std::allocator<TestDtlsSession>, (__gnu_cxx::_Lock_policy)2>::_M_dispose (this=0x7fffd4000a40)? ? at /usr/include/c++/4.9/bits/shared_ptr_base.h:524#11 0x000000000073a8d6 in std::_Sp_counted_base<(__gnu_cxx::_Lock_policy)2>::_M_release (this=0x7fffd4000a40) at /usr/include/c++/4.9/bits/shared_ptr_base.h:149#12 0x0000000000739a81 in std::__shared_count<(__gnu_cxx::_Lock_policy)2>::~__shared_count (this=0x7fffe77f5738, __in_chrg=<optimized out>) at /usr/include/c++/4.9/bits/shared_ptr_base.h:666#13 0x0000000000783392 in std::__shared_ptr<TestDtlsSession, (__gnu_cxx::_Lock_policy)2>::~__shared_ptr (this=0x7fffe77f5730, __in_chrg=<optimized out>) at /usr/include/c++/4.9/bits/shared_ptr_base.h:914#14 0x00000000007833d2 in std::shared_ptr<TestDtlsSession>::~shared_ptr (this=0x7fffe77f5730, __in_chrg=<optimized out>) at /usr/include/c++/4.9/bits/shared_ptr.h:93#15 0x0000000000781fae in TestStunServer::handleCallback (this=0x7fffffffd230, spTransport=..., sessionMap=..., sender=..., encrypted=0x7fffd8000970 "\025\376", <incomplete sequence \375>,?? ? encryptedLen=39, decrypted=0x7fffe77f59e0 "", decryptedLen=@0x7fffe77f5858: 32768, ready=@0x7fffe77f57c7: false) at /home/hyin/projects/intelligent_home_gateway/test/src/TestStunServer.cpp:637#16 0x00000000007812d6 in TestStunServer::transCallback4 (this=0x7fffffffd230, event=com::purplehyacinth::intellihomegateway::transport::DATA_EVT, sender=...,?? ? data=0x7fffd8000970 "\025\376", <incomplete sequence \375>, dataLen=39) at /home/hyin/projects/intelligent_home_gateway/test/src/TestStunServer.cpp:539#17 0x000000000078594e in std::_Mem_fn<void (TestStunServer::*)(com::purplehyacinth::intellihomegateway::transport::CallbackEvent_e, com::purplehyacinth::intellihomegateway::transport::TransportAddress const&, char const*, unsigned long)>::operator()<com::purplehyacinth::intellihomegateway::transport::CallbackEvent_e, com::purplehyacinth::intellihomegateway::transport::TransportAddress const&, char const*, unsigned long, void>(TestStunServer*, com::purplehyacinth::intellihomegateway::transport::CallbackEvent_e&&, com::purplehyacinth::intellihomegateway::transport::TransportAddress const&, char const*&&, unsigned long&&) const (this=0xc0a070, __object=0x7fffffffd230) at /usr/include/c++/4.9/functional:569#18 0x000000000078539a in std::_Bind<std::_Mem_fn<void (TestStunServer::*)(com::purplehyacinth::intellihomegateway::transport::CallbackEvent_e, com::purplehyacinth::intellihomegateway::transport::TransportAddress const&, char const*, unsigned long)> (TestStunServer*, std::_Placeholder<1>, std::_Placeholder<2>, std::_Placeholder<3>, std::_Placeholder<4>)>::__call<void, com::purplehyacinth::intellihomegateway::transport::CallbackEvent_e&&, com::purplehyacinth::intellihomegateway::transport::TransportAddress const&, char const*&&, unsigned long&&, 0ul, 1ul, 2ul, 3ul, 4ul>(std::tuple<com::purplehyacinth::intellihomegateway::transport::CallbackEvent_e&&, com::purplehyacinth::intellihomegateway::transport::TransportAddress const&, char const*&&, unsigned long&&>&&, std::_Index_tuple<0ul, 1ul, 2ul, 3ul, 4ul>) (? ? this=0xc0a070, __args=<unknown type in /home/hyin/projects/intelligent_home_gateway/bin/IntelliHomeGatewayTest, CU 0x81488, DIE 0xa0b38>) at /usr/include/c++/4.9/functional:1264#19 0x000000000078479f in std::_Bind<std::_Mem_fn<void (TestStunServer::*)(com::purplehyacinth::intellihomegateway::transport::CallbackEvent_e, com::purplehyacinth::intellihomegateway::transport::TransportAddress const&, char const*, unsigned long)> (TestStunServer*, std::_Placeholder<1>, std::_Placeholder<2>, std::_Placeholder<3>, std::_Placeholder<4>)>::operator()<com::purplehyacinth::intellihomegateway::transport::CallbackEvent_e, com::purplehyacinth::intellihomegateway::transport::TransportAddress const&, char const*, unsigned long, void>(com::purplehyacinth::intellihomegateway::transport::CallbackEvent_e&&, com::purplehyacinth::intellihomegateway::transport::TransportAddress const&, char const*&&, unsigned long&&) (this=0xc0a070) at /usr/include/c++/4.9/functional:1323#20 0x0000000000783f59 in std::_Function_handler<void (com::purplehyacinth::intellihomegateway::transport::CallbackEvent_e, com::purplehyacinth::intellihomegateway::transport::TransportAddress const&, char const*, unsigned long), std::_Bind<std::_Mem_fn<void (TestStunServer::*)(com::purplehyacinth::intellihomegateway::transport::CallbackEvent_e, com::purplehyacinth::intellihomegateway::transport::TransportAddress const&, char const*, unsigned long)> (TestStunServer*, std::_Placeholder<1>, std::_Placeholder<2>, std::_Placeholder<3>, std::_Placeholder<4>)> >::_M_invoke(std::_Any_data const&, com::purplehyacinth::intellihomegateway::transport::CallbackEvent_e, com::purplehyacinth::intellihomegateway::transport::TransportAddress const&, char const*, unsigned long) (__functor=...,?? ? __args#0=com::purplehyacinth::intellihomegateway::transport::DATA_EVT, __args#1=..., __args#2=0x7fffd8000970 "\025\376", <incomplete sequence \375>, __args#3=39)? ? at /usr/include/c++/4.9/functional:2039#21 0x00000000008928b6 in std::function<void (com::purplehyacinth::intellihomegateway::transport::CallbackEvent_e, com::purplehyacinth::intellihomegateway::transport::TransportAddress const&, char const*, unsigned long)>::operator()(com::purplehyacinth::intellihomegateway::transport::CallbackEvent_e, com::purplehyacinth::intellihomegateway::transport::TransportAddress const&, char const*, unsigned long) const (this=0xc2d508, __args#0=com::purplehyacinth::intellihomegateway::transport::DATA_EVT, __args#1=..., __args#2=0x7fffd8000970 "\025\376", <incomplete sequence \375>, __args#3=39)? ? at /usr/include/c++/4.9/functional:2439#22 0x0000000000891841 in com::purplehyacinth::intellihomegateway::transport::ServerCallbackDispatcher::dispatch (this=0xc2d500)? ? at /home/hyin/projects/intelligent_home_gateway/src/com/purplehyacinth/intellihomegateway/transport/ServerCallbackDispatcher.cpp:173#23 0x000000000089684b in std::_Mem_fn<bool (com::purplehyacinth::intellihomegateway::transport::ServerCallbackDispatcher::*)()>::operator()<, void>(com::purplehyacinth::intellihomegateway::transport::ServerCallbackDispatcher*) const (this=0xc086d0, __object=0xc2d500) at /usr/include/c++/4.9/functional:569#24 0x00000000008967c2 in std::_Bind<std::_Mem_fn<bool (com::purplehyacinth::intellihomegateway::transport::ServerCallbackDispatcher::*)()> (com::purplehyacinth::intellihomegateway::transport::ServerCallbackDispatcher*)>::__call<bool, , 0ul>(std::tuple<>&&, std::_Index_tuple<0ul>) (this=0xc086d0,?? ? __args=<unknown type in /home/hyin/projects/intelligent_home_gateway/bin/IntelliHomeGatewayTest, CU 0x6aa2e7, DIE 0x6c96ef>) at /usr/include/c++/4.9/functional:1264#25 0x0000000000896664 in std::_Bind<std::_Mem_fn<bool (com::purplehyacinth::intellihomegateway::transport::ServerCallbackDispatcher::*)()> (com::purplehyacinth::intellihomegateway::transport::ServerCallbackDispatcher*)>::operator()<, bool>() (this=0xc086d0) at /usr/include/c++/4.9/functional:1323#26 0x0000000000896481 in std::_Function_handler<bool (), std::_Bind<std::_Mem_fn<bool (com::purplehyacinth::intellihomegateway::transport::ServerCallbackDispatcher::*)()> (com::purplehyacinth::intellihomegateway::transport::ServerCallbackDispatcher*)> >::_M_invoke(std::_Any_data const&) (__functor=...) at /usr/include/c++/4.9/functional:2025#27 0x000000000081dc9e in std::function<bool ()>::operator()() const (this=0xc3daa0) at /usr/include/c++/4.9/functional:2439---Type <return> to continue, or q <return> to quit--- ?#28 0x000000000081d630 in com::purplehyacinth::intellihomegateway::common::ScopedThread<std::function<bool ()> >::run() (this=0xc3daa0)? ? at /home/hyin/projects/intelligent_home_gateway/inc/common/ScopedThread.hpp:209#29 0x000000000081fdbf in std::_Mem_fn<void (com::purplehyacinth::intellihomegateway::common::ScopedThread<std::function<bool ()> >::*)()>::operator()<, void>(com::purplehyacinth::intellihomegateway::common::ScopedThread<std::function<bool ()> >*) const (this=0xc3dbe8, __object=0xc3daa0) at /usr/include/c++/4.9/functional:569#30 0x000000000081fd28 in std::_Bind<std::_Mem_fn<void (com::purplehyacinth::intellihomegateway::common::ScopedThread<std::function<bool ()> >::*)()> (com::purplehyacinth::intellihomegateway::common::ScopedThread<std::function<bool ()> >*)>::__call<void, , 0ul>(std::tuple<>&&, std::_Index_tuple<0ul>) (this=0xc3dbe8,?? ? __args=<unknown type in /home/hyin/projects/intelligent_home_gateway/bin/IntelliHomeGatewayTest, CU 0x39f627, DIE 0x3b467a>) at /usr/include/c++/4.9/functional:1264#31 0x000000000081fca2 in std::_Bind<std::_Mem_fn<void (com::purplehyacinth::intellihomegateway::common::ScopedThread<std::function<bool ()> >::*)()> (com::purplehyacinth::intellihomegateway::common::ScopedThread<std::function<bool ()> >*)>::operator()<, void>() (this=0xc3dbe8) at /usr/include/c++/4.9/functional:1323#32 0x000000000081fbf6 in std::_Bind_simple<std::_Bind<std::_Mem_fn<void (com::purplehyacinth::intellihomegateway::common::ScopedThread<std::function<bool ()> >::*)()> (com::purplehyacinth::intellihomegateway::common::ScopedThread<std::function<bool ()> >*)> ()>::_M_invoke<>(std::_Index_tuple<>) (this=0xc3dbe8) at /usr/include/c++/4.9/functional:1700#33 0x000000000081fae3 in std::_Bind_simple<std::_Bind<std::_Mem_fn<void (com::purplehyacinth::intellihomegateway::common::ScopedThread<std::function<bool ()> >::*)()> (com::purplehyacinth::intellihomegateway::common::ScopedThread<std::function<bool ()> >*)> ()>::operator()() (this=0xc3dbe8) at /usr/include/c++/4.9/functional:1688#34 0x000000000081f9fc in std::thread::_Impl<std::_Bind_simple<std::_Bind<std::_Mem_fn<void (com::purplehyacinth::intellihomegateway::common::ScopedThread<std::function<bool ()> >::*)()> (com::purplehyacinth::intellihomegateway::common::ScopedThread<std::function<bool ()> >*)> ()> >::_M_run() (this=0xc3dbd0) at /usr/include/c++/4.9/thread:115#35 0x00007ffff6dbce40 in ?? () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6#36 0x00007ffff7bc4182 in start_thread (arg=0x7fffe77fe700) at pthread_create.c:312#37 0x00007ffff651d47d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111(gdb)?(gdb)?(gdb)?(gdb) q
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-bugs-mod/attachments/20150930/cb352f4d/attachment-0001.html>

From Feng.Chen at hrblock.com  Wed Sep 30 23:23:04 2015
From: Feng.Chen at hrblock.com (Chen, Feng)
Date: Wed, 30 Sep 2015 18:23:04 -0500
Subject: Bug - Header files in include folder differ for different
 extractiing methods
Message-ID: <DD2220C1BC39C04795ACC71A9D93467B2EB94184BF@BCMSG01.hrbinc.hrblock.net>

Hi OpenSSL,

I downloaded OpenSSL 1.0.0s.tar.gz and extracted files using following three ways. The header files in "openssl 1.0.0s\include\openssl" folder are different.
I am working on Windows 7 Enterprise 64-bits with Service Pack 1.

1. Use Cygwin (version 1.7.25) command "tar xvf"
    All header files have type "C/C++ Header" and size 1KB. The contents look like:
!<symlink>??. . / . . / c r y p t o / a e s / a e s . h  

   But those symlinks DO NOT work on Windows.

2. Highlight the tar.gz file, click right mouse, select "Extract Files"
    All header files are of "SYMLINK" type and 0KB. The symbolic link works fine. Whenever I opened it in text editor or displayed it in Command windows, the actual file is displayed.

3. Download and Install 7-zip program from www.7-zip.org, then use "Open Archive" to open tar.gz, then right click the tar file and open, drag the folder to Desktop
    All header files are real header files, not symbolic links.

Is this a bug in packaging? What is the expected results on Windows?

Thanks,

Feng Chen