[openssl-users] openssl-users Digest, Vol 24, Issue 12

Hello Notelling hellonotelling at gmail.com
Mon Nov 7 17:39:32 UTC 2016


Your query is being processed

On 7 Nov 2016 5:34 p.m., <openssl-users-request at openssl.org> wrote:

> Send openssl-users mailing list submissions to
>         openssl-users at openssl.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
>         https://mta.openssl.org/mailman/listinfo/openssl-users
> or, via email, send a message with subject or body 'help' to
>         openssl-users-request at openssl.org
>
> You can reach the person managing the list at
>         openssl-users-owner at openssl.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of openssl-users digest..."
>
>
> Today's Topics:
>
>    1. Re: Problem in compiling OpenSSL on Windows-7-32-bit (Ajay Garg)
>    2. How to sort cipher list by ephemeral/non-ephemeral?
>       (Jeffrey Walton)
>    3. Re: How to sort cipher list by ephemeral/non-ephemeral?
>       (Salz, Rich)
>    4. mailing list registration renewal - clarify bounce errors
>       (debbie10t)
>    5. Re: mailing list registration renewal - clarify bounce errors
>       (Salz, Rich)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Mon, 7 Nov 2016 21:52:57 +0530
> From: Ajay Garg <ajaygargnsit at gmail.com>
> To: openssl-users at openssl.org
> Subject: Re: [openssl-users] Problem in compiling OpenSSL on
>         Windows-7-32-bit
> Message-ID:
>         <CAHP4M8UZ_uaeuGCmRnv0xG-K=L0gZoQy9vpC7xch5L8kmoOQ2Q at mail.
> gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> Oops.. sorry.
> OpenSSL-version is 1.0.2d, and nasm-version is 2.12.02.
>
>
>
> On Mon, Nov 7, 2016 at 9:31 PM, Jeremy Farrell <jeremy.farrell at oracle.com>
> wrote:
>
> > What version of OpenSSL? What version of nasm (nasm -v)? People are more
> > likely to be able to help if you provide such basic information.
> >
> > Regards,
> >                            jjf
> >
> > On 07/11/2016 11:42, Ajay Garg wrote:
> >
> > Oops... pardon me.
> > The e) step was not done.
> >
> > The errors came right after step d)
> >
> > On 7 Nov 2016 3:36 p.m., "Ajay Garg" <ajaygargnsit at gmail.com> wrote:
> >
> >> Hi All.
> >>
> >> Following are the steps I followed :
> >>
> >> ############################################################
> >> ###################
> >> a)
> >> Downloaded nasm.exe from internet, and placed it in the include-path.
> >>
> >> b)
> >> *perl Configure VC-WIN32*
> >>
> >> c)
> >>
> >>
> >> *ms\do_nasm.bat *
> >> d)
> >>
> >>
> >> * nmake -f ms\nt.mak *
> >> e)
> >> *make*
> >>
> >>
> >>
> >> *###########################################################
> ####################
> >> *
> >> Compilation runs fine for some time, but then I get hundreds of
> IDENTICAL
> >> errors as follows ::
> >>
> >> ############################################################
> >> ###################
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >> *tmp32\sha1-586.asm:3964: warning: `PTR' is not a NASM keyword
> >> tmp32\sha1-586.asm:3964: error: comma, colon, decorator or end of line
> >> expecte after operand tmp32\sha1-586.asm:3970: error: symbol
> >> `__sha1_block_data_order_avx' redefined tmp32\sha1-586.asm:3970: error:
> >> parser: instruction expected tmp32\sha1-586.asm:3972: error: parser:
> >> instruction expected tmp32\sha1-586.asm:3983: error: parser: instruction
> >> expected tmp32\sha1-586.asm:3985: error: parser: instruction expected
> >> tmp32\sha1-586.asm:3986: error: parser: instruction expected
> >> tmp32\sha1-586.asm:3987: warning: label alone on a line without a colon
> >> might  in error NMAKE : fatal error U1077: '"C:\Program Files\Microsoft
> >> Visual Studio 14.0\VC\ N\nasm.EXE"' : return code '0x1' Stop.*
> >>
> >>
> >> *###########################################################
> ####################
> >> *
> >> Any pointers how to solve this?
> >> I will heartfully grateful.
> >>
> >> Thanks and Regards,
> >> Ajay
> >>
> >
> > --
> > J. J. Farrell
> > Not speaking for Oracle
> >
> >
> > --
> > openssl-users mailing list
> > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
> >
> >
>
>
> --
> Regards,
> Ajay
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://mta.openssl.org/pipermail/openssl-users/
> attachments/20161107/55d53de6/attachment-0001.html>
>
> ------------------------------
>
> Message: 2
> Date: Mon, 7 Nov 2016 12:11:56 -0500
> From: Jeffrey Walton <noloader at gmail.com>
> To: OpenSSL Users <openssl-users at openssl.org>
> Subject: [openssl-users] How to sort cipher list by
>         ephemeral/non-ephemeral?
> Message-ID:
>         <CAH8yC8nZ2gqqa5UZQo5aqYZRBzgyfNwZtJEMGZ95W2GgKtvwOQ at mail.
> gmail.com>
> Content-Type: text/plain; charset=UTF-8
>
> I prefer to use a cipher list like "HIGH:!aNULL:!RC4:!MD5". I prefer
> it because its fairly easy to parse and understand. Its also easy to
> teach to developers.
>
> I want the resulting ciphers sorted with the ephemeral suites at the
> head of the list.
>
> How does one sort the list with ephemeral suites at the top of the list?
>
> -----
>
> If 'openssl ciphers' is stable with respect to its output, then the
> order is (is this @strength?):
>
> # openssl ciphers -v 'HIGH:!aNULL:!MD5:!RC4:!PSK:!SRP:!KRB5' | cut -f 1
> -d ' '
> ECDHE-RSA-AES256-GCM-SHA384
> ECDHE-ECDSA-AES256-GCM-SHA384
> ECDHE-RSA-AES256-SHA384
> ECDHE-ECDSA-AES256-SHA384
> ECDHE-RSA-AES256-SHA
> ECDHE-ECDSA-AES256-SHA
> DHE-DSS-AES256-GCM-SHA384
> DHE-RSA-AES256-GCM-SHA384
> DHE-RSA-AES256-SHA256
> DHE-DSS-AES256-SHA256
> DHE-RSA-AES256-SHA
> DHE-DSS-AES256-SHA
> DHE-RSA-CAMELLIA256-SHA
> DHE-DSS-CAMELLIA256-SHA
> ECDH-RSA-AES256-GCM-SHA384
> ECDH-ECDSA-AES256-GCM-SHA384
> ECDH-RSA-AES256-SHA384
> ECDH-ECDSA-AES256-SHA384
> ECDH-RSA-AES256-SHA
> ECDH-ECDSA-AES256-SHA
> AES256-GCM-SHA384
> AES256-SHA256
> AES256-SHA
> CAMELLIA256-SHA
> ECDHE-RSA-AES128-GCM-SHA256
> ECDHE-ECDSA-AES128-GCM-SHA256
> ECDHE-RSA-AES128-SHA256
> ECDHE-ECDSA-AES128-SHA256
> ECDHE-RSA-AES128-SHA
> ECDHE-ECDSA-AES128-SHA
> DHE-DSS-AES128-GCM-SHA256
> DHE-RSA-AES128-GCM-SHA256
> DHE-RSA-AES128-SHA256
> DHE-DSS-AES128-SHA256
> DHE-RSA-AES128-SHA
> DHE-DSS-AES128-SHA
> DHE-RSA-CAMELLIA128-SHA
> DHE-DSS-CAMELLIA128-SHA
> ECDH-RSA-AES128-GCM-SHA256
> ECDH-ECDSA-AES128-GCM-SHA256
> ECDH-RSA-AES128-SHA256
> ECDH-ECDSA-AES128-SHA256
> ECDH-RSA-AES128-SHA
> ECDH-ECDSA-AES128-SHA
> AES128-GCM-SHA256
> AES128-SHA256
> AES128-SHA
> CAMELLIA128-SHA
> ECDHE-RSA-DES-CBC3-SHA
> ECDHE-ECDSA-DES-CBC3-SHA
> EDH-RSA-DES-CBC3-SHA
> EDH-DSS-DES-CBC3-SHA
> ECDH-RSA-DES-CBC3-SHA
> ECDH-ECDSA-DES-CBC3-SHA
> DES-CBC3-SHA
>
>
> ------------------------------
>
> Message: 3
> Date: Mon, 7 Nov 2016 17:29:49 +0000
> From: "Salz, Rich" <rsalz at akamai.com>
> To: "noloader at gmail.com" <noloader at gmail.com>,
>         "openssl-users at openssl.org" <openssl-users at openssl.org>
> Subject: Re: [openssl-users] How to sort cipher list by
>         ephemeral/non-ephemeral?
> Message-ID:
>         <34a85f79d8ee40ccb89e270a1b6cd428 at usma1ex-dag1mb1.msg.corp.
> akamai.com>
> Content-Type: text/plain; charset="Windows-1252"
>
> You can't do it with keywords. Be explicit about what you want and put it
> in the order you want.  That way you will not be surprised when the
> expansion of a keyword changes.
>
> >From your list, ECDHE first, then decide RSA/ECDSA.  Then AES-GCM.  Why
> do you care about sha384 vs 256? Do you really need camellia-only?
>
> And @STRENGTH is a hack, looking at only one factor.
>
> Here is a real-world example (this ignores some of my advice)
>          ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:
>           ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:AES256-
> GCM-SHA384:
>           AES256-SHA256:DES-CBC3-SHA:ECDHE-RSA-AES128-GCM-SHA256:
>           ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:
>           ECDHE-ECDSA-AES128-SHA256:AES128-GCM-SHA256:AES128-SHA256:
>
> --
> Senior Architect, Akamai Technologies
> Member, OpenSSL Dev Team
> IM: richsalz at jabber.at Twitter: RichSalz
>
>
> ------------------------------
>
> Message: 4
> Date: Mon, 7 Nov 2016 17:32:06 +0000
> From: debbie10t <debbie10t at gmail.com>
> To: openssl-users at openssl.org
> Subject: [openssl-users] mailing list registration renewal - clarify
>         bounce errors
> Message-ID: <ee58a3b7-cb09-fb92-8774-99908d8ad028 at gmail.com>
> Content-Type: text/plain; charset=utf-8; format=flowed
>
> Hi,
>
> today I received an email from openssl-users-request at openssl.org
>
> <quote>
> Your membership in the mailing list openssl-users has been disabled
> due to excessive bounces ..
> </quote>
>
> I can find no evidence of "excessive bounces .." so I am just asking
> here, is this a standard clean up of the ML or have you really received
> excessive bounces from my email address ?
>
> Thank you.
> --
>
>
> ------------------------------
>
> Message: 5
> Date: Mon, 7 Nov 2016 17:34:07 +0000
> From: "Salz, Rich" <rsalz at akamai.com>
> To: "openssl-users at openssl.org" <openssl-users at openssl.org>
> Subject: Re: [openssl-users] mailing list registration renewal -
>         clarify bounce errors
> Message-ID:
>         <2cf7b93033d64c05bc455d9249f36c2b at usma1ex-dag1mb1.msg.corp.
> akamai.com>
> Content-Type: text/plain; charset="Windows-1252"
>
> > I can find no evidence of "excessive bounces .." so I am just asking
> here, is
> > this a standard clean up of the ML or have you really received excessive
> > bounces from my email address ?
>
> The latter.
>
> We have seen some more reports of this recently, and are increasing the
> logging to determine the cause.  Interestingly, it's all from gmail.com
> addresses.
>
>
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> openssl-users mailing list
> openssl-users at openssl.org
> https://mta.openssl.org/mailman/listinfo/openssl-users
>
>
> ------------------------------
>
> End of openssl-users Digest, Vol 24, Issue 12
> *********************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20161107/8074efa6/attachment.html>


More information about the openssl-users mailing list