New Darwin + ARM7l binaries

[drwetter]

Hi @jpluimers , @f-s , @lainegholson and others,

due to the necessary change cipher renaming for the old CHACHA/POLY ciphers (see PeterMosmans/openssl#43, #379) it's better to recompile and provide binaries reflecting this properly.

The ready-to-compile snapshot of @PeterMosmans fork including IPv6 is @ https://github.com/drwetter/openssl-pm-snapshot .

For input of what's planned in terms of putting them @ github, see #362 . In any case I will prefer to put not-stripped binaries @ testssl.sh for DL and stipped ones in the git repo. Pls just do PRs and I'll pick them

Q: did make report go through w/o problems?
Q: how many ciphers does your binary list?
Q: do you have the output of 'openssl version -a` handy?

Thx, Dirk

[PeterMosmans]

For what's it worth, after numerous requests from @drwetter I could create a 1.0.2-chacha-ipv6 branch. Then, we could tag 1.0.2-chacha-ipv6 versions to match testssl.sh releases, to standardize this process. Is that an idea Dirk ? Each time a new version of testssl.sh released, we can tag a 1.0.2-chacha version

[drwetter]

Hi Peter,

Am 06/23/2016 um 12:29 PM schrieb Peter Mosmans:

For what's it worth, after numerous requests from @drwetter https://github.com/drwetter I
could create a 1.0.2-chacha-ipv6 branch. Then, we could /tag/ 1.0.2-chacha-ipv6 versions to
match testssl.sh releases, to standardize this process. Is that an idea Dirk ? Each time a new
version of testssl.sh released, we can tag a 1.0.2-chacha version

totally fine with me!

Feel free to help yourself from the current snapshot I created @
https://github.com/drwetter/openssl-pm-snapshot . It just includes the Fedora
IPv6 patch.

For Unices it works like a charm. The catch is only other platforms, specifically Windows.

Cheers, Dirk

[drwetter]

BTW: new Linux/FreeBSD binaries (static and dynamic/Kerberos) are @ https://testssl.sh/openssl-1.0.2i-chacha.pm.ipv6.Linux+FreeBSD.tar.gz .

[ghost]

done for arm without krb: #391

[drwetter]

Am 24. Juni 2016 17:03:20 MESZ, schrieb f-s [email protected]:

done for arm without krb:
#391

Saw that, thx! I'll wait until boarding is completed.

Cheers , Dirk

Set from my mobile. Excuse my brevity&typos

[drwetter]

@jpluimers : do you think you could provide the binaries soon?

[jpluimers]

Sorry @drwetter , took a while to make time to update the script so I could easier update the below gists. They're done now, but note the failure in openssl.darwin-i386-cc.testlog.txt (in the reports gist).

Binaries: https://gist.github.com/9257ba6e27afea1b98376d9d4411c88c.git
Reports: https://gist.github.com/cf064f2893fd489f0f936097c11f794b.git
Statistics: https://gist.github.com/ca0ed0f53c279aa87fc2ffd505d3fc8a.git (version info, cipher count, cipher lists)
Build script: https://gist.github.com/f4de3937630b87753133.git

[drwetter]

Thx, @jpluimers . The perl script util/selftest.pl seem to had problems reading maketest.log. The last test side by side compared with the 64bit arch seems to have been fine.

You do not have by any chance the maketest.log file from the 32bit arch?

[jpluimers]

Nope, but I could re-run the build for you and hunt for it. Do you want me to do that this weekend?

[drwetter]

Yes, please. That would help.

Sent from my mobile. Excuse my brevity&typos+the phone's autocorrection

[jpluimers]

It's coming up. It took me a while to figure out why sometimes maketest.log didn't exist. It appears it's not made by make test but by make report.

[drwetter]

Ok!

What again was the primary architecture for MacOSX, 64bit, right?

[jpluimers]

Yes, x64 the primary. I've updated the same gists as before:

Binaries: https://gist.github.com/9257ba6e27afea1b98376d9d4411c88c.git
Reports: https://gist.github.com/cf064f2893fd489f0f936097c11f794b.git (including maketest.log files)
Statistics: https://gist.github.com/ca0ed0f53c279aa87fc2ffd505d3fc8a.git (version info, cipher count, cipher lists)
Build script: https://gist.github.com/f4de3937630b87753133.git

[drwetter]

Thank you

Sent from my mobile. Excuse my brevity&typos+the phone's autocorrection

[drwetter]

Thx! @f-s and @jpluimers . I've update the OSX 64 bit file (stripped) @ github. The remaining files I uploaded @ https://testssl.sh/openssl-1.0.2i-chacha.pm.ipv6.contributed/ as I want to restrict in the future github inaries only to the ones really neccessary.

I'll remove the ones even in the history at a later point of time (later because it's ugly and git pull will be broken)

For the ARM binary I am not sure how frequent it is being used. If people come back yelling at me I might reconsider to put the binary @ github

[jpluimers]

If I start running this from a RaspberryPi I will let you know about binaries there.

[drwetter]

+1

Yes, please

Sent from my mobile. Excuse my brevity&typos+the phone's autocorrection

[drwetter]

Right in the evening I am just a bit lazy, so I just reopen this one.

I pushed a new set of binaries for Linux and FreeBSD. Can anybody help out for

• Darwin 64Bit
• Darwin 32Bit
• Arm7l
  (* more?)

The Darwin 64Bit Binary will be as usual provided by github, the others I'll put on https://testssl.sh/ .

Instructions:

* git clone https://github.com/drwetter/openssl-1.0.2.bad.git
* cd openssl-1.0.2.bad
* patch -p1 < fedora-dirk-ipv6.patch
* $TESTSSLDIR/utils/make-openssl.sh 

[drwetter]

@jpluimers ?
@fs-s?

[drwetter]

Anybody else?

Otherwise I would have to release 3.0 without an updated Apple binary -- that in turn would mean that we can't support Darwin

[ghost]

Sorry, I no longer run that hardware

[drwetter]

ok, thanks anyway for the feedback. The other two people running ARM7l haven't their github account anymore..

[drwetter]

Solved via #1204