OpenSSL 1.0.1-beta2

Showing 1-11 of 11 messages
OpenSSL 1.0.1-beta2 Adam 3/6/12 3:51 PM
Hi,

I'm wondering if anyone has tried to compile OpenSSL 1.0.1-beta2 or
beta3 for Android.  I tried to incorporate beta2 into the ICS source
using the patches in the [SRC]/external/openssl directory with no
luck.  If anyone has any experience with this I would appreciate the
advice.

Thanks,

Adam
Re: [android-security-discuss] OpenSSL 1.0.1-beta2 Brian Carlstrom 3/6/12 4:27 PM
I typically do this for the Android team at Google but I have not done it for 1.0.1. I know from experience that 0.9.8 to 1.0.0 was non-trivial (leading to bug http://code.google.com/p/android/issues/detail?id=15356#c6) If you do make get it to work, I'd be happy if you wanted to share your work on AOSP for feedback.

-bri


--
You received this message because you are subscribed to the Google Groups "Android Security Discussions" group.
To post to this group, send email to android-secu...@googlegroups.com.
To unsubscribe from this group, send email to android-security-discuss+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.


Re: OpenSSL 1.0.1-beta2 Adam 3/7/12 6:53 AM
Thanks for the heads-up,

I'll be playing around with this for the next while.  So far only two
of the patches fail, so hopefully the manual changes can be kept to a
minimum.  If I make any headway I'll surely share the results for
feedback and advice.

Thanks again.


Adam


On Mar 6, 7:27 pm, Brian Carlstrom <b...@google.com> wrote:
> I typically do this for the Android team at Google but I have not done it
> for 1.0.1. I know from experience that 0.9.8 to 1.0.0 was non-trivial
> (leading to bughttp://code.google.com/p/android/issues/detail?id=15356#c6) If
> you do make get it to work, I'd be happy if you wanted to share your work
> on AOSP for feedback.
>
> -bri
>
>
>
>
>
>
>
Re: OpenSSL 1.0.1-beta2 vkasirajan 4/27/12 12:22 AM
Hi Adam,
 
Were you successful in this? I'm looking for openSSL 1.0.1 on ICS. Any pointers will be helpful.
 
Thanks and best regards,
Re: OpenSSL 1.0.1-beta2 vkasirajan 4/27/12 12:24 AM
Hi Adam,
 
Any updates on this? Were you able to integrate openssl 1.0.1?
 
Thanks and best regards,

On Wednesday, March 7, 2012 5:21:32 AM UTC+5:30, Adam wrote:
Re: OpenSSL 1.0.1-beta2 jumper 4/27/12 1:14 AM
Hi Adam / Carl,
 
Do u have any updates onto this? We are trying to get the OpenSSL 1.0.1 to work with ICS and not yet succeeded. Any help on that would be appreciated.
 
Thanks,
 

On Wednesday, March 7, 2012 5:21:32 AM UTC+5:30, Adam wrote:
Re: [android-security-discuss] Re: OpenSSL 1.0.1-beta2 Brian Carlstrom 4/27/12 8:57 PM
Sure, I was able to update 1.0.1, 1.0.1a, and am now looking at 1.0.1b. There weren't any real conflicts, just us adding things adjacent to their add things. They did have a few compile issues along the way that I had to work around (such as build issue for non-x86 hosts in 1.0.1a)

-bri

--
You received this message because you are subscribed to the Google Groups "Android Security Discussions" group.
To view this discussion on the web visit https://groups.google.com/d/msg/android-security-discuss/-/26HTrQ46rooJ.

To post to this group, send email to android-secu...@googlegroups.com.
To unsubscribe from this group, send email to android-security-discuss+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.

Re: [android-security-discuss] Re: OpenSSL 1.0.1-beta2 jumper 5/14/12 5:21 AM
Hi Brian -

Can you please share the Android.mk files and patch files / steps that you had executed for compiling OpenSSL1.0.1b?

-br
Re: [android-security-discuss] Re: OpenSSL 1.0.1-beta2 Brian Carlstrom 5/14/12 10:42 AM
Yes, I could, but I worried about doing so outside of AOSP, since the external/openssl changes were only part of the work, changes were also made to users of openssl to deal with issues surrounding TLSv1.1 and TLSv1.2 interoperability. 

I don't understand this rush to 1.0.1. this is not a minor upgrade. we've had to push new  patches back to OpenSSL upstream for almost every release. I think 1.0.1c might the the first one where we didn't need build fixes patches for upstream. they've continued to fix interoperability issues as well. Why does everyone seem so eager to have this? Security patches continue to be made on the 1.0.0 (and even 0.9.8) lines

-bri

To view this discussion on the web visit https://groups.google.com/d/msg/android-security-discuss/-/Xi_47o8LmM0J.

To post to this group, send email to android-secu...@googlegroups.com.
To unsubscribe from this group, send email to android-security-discuss+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.

Re: [android-security-discuss] Re: OpenSSL 1.0.1-beta2 jumper 5/14/12 11:15 PM
Hi Brian -

Thanks for the immediate response. The protocol stack that i am working on needs to support secure communication using TLS 1.1 and that is the reason I thought if I migrate the platform from OpenSSL 1.0.0 to OpenSSL 1.0.1 I will be able to make the connection using the TLS 1.1.

Thanks.

-br
Re: [android-security-discuss] Re: OpenSSL 1.0.1-beta2 Brian Carlstrom 5/15/12 11:36 AM
Here you go. make files and patches in attached tar ball. extract it
in an emtpy directory somewhere to be safe, it will write files to .

I don't know if you are doing this for a vendor or a personal project.
if you really are going to make this part of some ROM, you really need
to make sure to turn of TLS 1.1 and 1.2 by default in libcore and
external/chromium or you will have issues with interoperability which
will make users unhappy.

-bri
> https://groups.google.com/d/msg/android-security-discuss/-/XC5ElYGakbsJ.