Displaying 20 results from an estimated 242 matches for "libressl".
Did you mean:
libresolv
2020 Feb 19
2
OpenSSH ver.8.2p1 compilation error on AIX
...06:38, Val Baranov <val.baranov at duke.edu> wrote:
> AIX 7.1 TL5, OpenSSL ver. 1.1.1d. "vac.C" version 11.0.1.23
> Compilation error " The indirection operator cannot be applied to a pointer to an incomplete struct or union " (see full log below) produced for " libressl-api-compat.c ".
> No such error if compiled with OpenSSL ver. 1.0.2r (and the earlier versions)
> Any idea how to fix? Thank you
Are you sure this is the 8.2p1 source? The line numbers from the
error messages don't correspond to those in 8.2p1, but they do match
7.9p1. For example...
2018 Apr 07
6
OpenSSH private key format errors with LibreSSL 2.7
On 2018-04-07 11:24, Bernard Spil wrote:
> On 2018-04-07 9:04, Joel Sing wrote:
>> On Friday 06 April 2018 21:31:01 Bernard Spil wrote:
>>> Hi,
>>>
>>> When using OpenSSH with LibreSSL 2.7.x it cannot read existing RSA
>>> and
>>> ECDSA private keys.
>>>
>>> Error loading key "./id_rsa": invalid format
>>>
>>> Rebuilding OpenSSH with LibreSSL 2.6.x fixes the issue. I had fixed
>>> this
>>>...
2017 Oct 18
3
Status of OpenSSL 1.1 support - Thoughts
...his, but I only make it in step (4), needing the first three
steps to set up a background to keep my own thoughts clear:
1) Fedora (via Jakub) shows it's possible to patch OpenSSH.
2) OpenVPN (via gert) shows it's possible to build a 'shim' of sorts
that allows code to work with libreSSL and OpenSSL 1.1.0.
3) Using that phrase 'as far as I can see' again, it appears that
OpenSSH doesn't really care that (1) and (2) are shown as possible. The
changes required to implement these solutions, in the best view, can be
seen as violating the 'simple/secure' precepts...
2020 Feb 19
0
OpenSSH ver.8.2p1 compilation error on AIX
...nov <val.baranov at duke.edu> wrote:
> > AIX 7.1 TL5, OpenSSL ver. 1.1.1d. "vac.C" version 11.0.1.23
> > Compilation error " The indirection operator cannot be applied to a pointer
> to an incomplete struct or union " (see full log below) produced for " libressl-
> api-compat.c ".
> > No such error if compiled with OpenSSL ver. 1.0.2r (and the earlier
> > versions) Any idea how to fix? Thank you
>
> Are you sure this is the 8.2p1 source? The line numbers from the error
> messages don't correspond to those in 8.2p1, but th...
2018 Apr 07
2
OpenSSH private key format errors with LibreSSL 2.7
On Friday 06 April 2018 21:31:01 Bernard Spil wrote:
> Hi,
>
> When using OpenSSH with LibreSSL 2.7.x it cannot read existing RSA and
> ECDSA private keys.
>
> Error loading key "./id_rsa": invalid format
>
> Rebuilding OpenSSH with LibreSSL 2.6.x fixes the issue. I had fixed this
> issue early on with LibreSSL 2.7 by converting the key to "new file
>...
2015 Nov 10
3
OpenSSH-7.1p1 fails configure check with LibreSSL-2.2.4
On Mon, Nov 9, 2015 at 5:35 PM, Darren Tucker <dtucker at zip.com.au> wrote:
> On Tue, Nov 10, 2015 at 9:22 AM, Austin English <austinenglish at gmail.com> wrote:
>> Howdy,
>>
>> I'm attempting to compile openssh-7.1p1 using libressl-2.2.4 for the
>> ssl implementation. Unfortunately, this fails to work (tested on
>> Debian Unstable and Gentoo):
> [...]
>> conftest.c:225:4: warning: implicit declaration of function 'exit'
>> [-Wimplicit-function-declaration]
>> exit(1);
>>...
2015 Nov 09
2
OpenSSH-7.1p1 fails configure check with LibreSSL-2.2.4
Howdy,
I'm attempting to compile openssh-7.1p1 using libressl-2.2.4 for the
ssl implementation. Unfortunately, this fails to work (tested on
Debian Unstable and Gentoo):
cd libressl-2.2.4
./configure --prefix=/opt/libressl-2.2.4 && make -j8 && sudo make install
cd ../openssh-7.1p1
./configure --with-ssl-dir=/opt/libressl-2.2.4
fails with:
ch...
2017 Oct 16
6
Status of OpenSSL 1.1 support
...OpenSSL upstream actually been told directly by OpenSSH
that this is a problem, or are they only hearing about this from users
trying to compile OpenSSH against 1.1? I've only found evidence of the
latter in public mailing list posts so far.
> [ about the option of building OpenSSH against LibreSSL on Debian ]
>
> > This would be a pretty bad option for me as a distributor - it'd
> > mean I'd have to keep track of LibreSSL security updates.
>
> In the past, that has proven noticeably less stressful than keeping
> track of OpenSSL security updates, and i think...
2016 Nov 02
2
v2.2.26.0 released
libressl is a leaner and safer openssl
Sent from ProtonMail Mobile
On Wed, Nov 2, 2016 at 12:39 PM, Michael A. Peters <'mpeters at domblogger.net'> wrote:
IMHO it would be acceptable to have a LibreSSL patch that is maintained
by the people who want it.
It's free software, and that kin...
2017 Feb 07
3
GCC 4.9 in CentOS 7 ??
On 02/07/2017 01:42 AM, Alice Wonder wrote:
> The software collections looks like it might interfere with some of my
> own packaging (repos that build upon EPEL to provide modern server
> stack based on LibreSSL and a repo for modern multimedia)
Where do you see a conflict? Those packages are structured to avoid
conflict with the base platform, but installing into an alternate root
(/opt/rh/<package collection>) and are normally active only when
specifically enabled in a login session. That is...
2014 Jul 12
1
openssh portable and libressl portable cause recursion between arc4random and RAND_bytes
Hi,
Yesterday I tried to replace the system openssl in a gentoo system with
libressl.
With openssh an interesting issue popped up:
* RAND_bytes in libressl calls arc4random
* arc4random is a compat function both in openssh and libressl
* arc4random from openssh uses RAND_bytes
So what's happening is a recursion. arc4random wants to use RAND_bytes
and RAND_bytes wants to use a...
2017 Oct 18
3
Status of OpenSSL 1.1 support - Thoughts
...:15 PM, Ingo Schwarze <schwarze at usta.de> wrote:
> Hi,
>
> jpbion at jfwest.com wrote on Wed, Oct 18, 2017 at 05:53:21AM -0700:
>
>> 4) As a first result, with no judgement on anyone, just looking at the
>> data - the root cause of this issue seems to be the split of LibreSSL
>> from OpenSSL
>
> No, you are totally misrepresenting the situation. The root cause
> is the split of OpenSSL-1.1 from OpenSSL-1.0, and that OpenSSL
> dumped the large and dangerous work of dealing with the large-scale
> API change on each and every application project inste...
2016 Nov 02
2
v2.2.26.0 released
They have stated they are going to remain API compatible with 1.0.1h (or
g, forget which they forked) - their new stuff is outside of libcrypto.
On 11/02/2016 04:25 AM, Aki Tuomi wrote:
> It does work today, I am just bit worried that it will keep on breaking
> with libressl as they evolve their API. I would personally like to avoid
> more ifdef hell if possible...
>
> Aki
>
>
> On 02.11.2016 13:22, Michael A. Peters wrote:
>> Standard way to fix it (on the LibreSSL page) is to check for
>> LIBRESSL_VERSION_NUMBER - e.g. the patch attached...
2016 Nov 02
3
v2.2.26.0 released
Standard way to fix it (on the LibreSSL page) is to check for
LIBRESSL_VERSION_NUMBER - e.g. the patch attached which I think catches
them all where needed. Note the word think.
It certainly appears to be working anyway with it.
On 11/02/2016 04:07 AM, Aki Tuomi wrote:
> After doing some testing by myself, I noticed that libressl,...
2017 Feb 09
3
GCC 4.9 in CentOS 7 ??
--On Tuesday, February 07, 2017 2:33 PM -0800 Alice Wonder
<alice at domblogger.net> wrote:
> What I mean is this - my LibreSSL package installs in /usr and not in
> /opt and that is intentional, so that it is not possible to have both
> opennsl-devel and libressl-devel installed at the same time, since they
> both are the same API.
That's the very problem that Software Collections endeavors to solve. If
you...
2015 Aug 17
0
LibreSSL on CentOS 7
Hello list,
I've recently been working with LibreSSL on CentOS 7 and I thought I'd
share it.
I would be cautious about using it on production servers, but it seems
to be behaving itself for me.
https://librelamp.com/
I packaged it to install in parallel with OpenSSL rather than replace it.
Apache (2.4.16), MariaDB (5.5.45) and PHP (5.6.12)...
2014 Oct 02
1
Anyone have LibreSSL working on CentOS 6.5?
Hi folks,
I searched the list for LibreSSL and found only one mention of it!
Has anyone gotten this working? I have it compiling no problem, but
removing OpenSSL is another story of course. It seems to be compiled
with FIPS support and of course there is no such thing in LibreSSL -
that is something they tore out
thanks,
-Alan
--
&quo...
2017 Oct 13
8
Status of OpenSSL 1.1 support
.... Did I miss any significant development?
In the `meantime', OpenSSL provides a kind of compat layer [3] which
(they suggested) should be included in the downstream projects [4].
Is this enough / acceptable? What would the project like to see? I know
that OpenBSD itself is more focused on the LibreSSL library but I would
like to avoid that every one carries (and maintains) a big patch around.
[0] https://lists.mindrot.org/pipermail/openssh-unix-dev/2016-September/035378.html
[1] I know that Fedora ships it.
[2] https://lists.mindrot.org/pipermail/openssh-unix-dev/2016-November/035456.html
[3] h...
2015 Aug 23
2
[security] Thunderbird vulnerable to MITM
...underbird has a MITM vulnerability with its otherwise rather groovy
>> auto-configuration feature.
>
>> https://librelamp.com/FooBird#security
>>
>> has what I think would be the easiest solution while keeping the
>> ability to auto-configure stuff.
>
> As for LibreSSL et al, perhaps you could mention all your concerns on
> Fedora ? Its the place where, it often seems, everything in Centos
> originates from.
>
> You will benefit from your own mailing list/web forum. Your attitude and
> concerns are not unique.
>
>
I stopped using Fedora beca...
2015 Aug 07
1
LibreSSL
With 2.2.2 release
http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.2.2-relnotes.txt is there
a paln to provide a drop-in replacement of OpenSSL?
--
Ciao,
luigi
/
+--[Luigi Rosa]--
\
Furious activity is no substitute for understanding.
--H. H. Williams