Weblog

RSS

PolarSSL 1.3.3 has been released

31 December 2013, 17:41

Version 1.3.3 of the PolarSSL library has been released. Hiawatha comes with a script for easy upgrading of PolarSSL. After unpacking the Hiawatha source tarball, use

./polarssl/upgrade 1.3.3

to upgrade PolarSSL to the 1.3.3 version. Of course, don't forget to recompile Hiawatha. :)

Tags: TLS/SSL
by Hugo Leisink
Heiko
31 December 2013, 18:45
Hi Hugo,
cmake broke :/

*** [polarssl/library/CMakeFiles/polarssl.dir/aesni.c.o] Error code 1
Stop in /root/hiawatha-9.3.1/build.
*** [polarssl/library/CMakeFiles/polarssl.dir/all] Error code 1
Stop in /root/hiawatha-9.3.1/build.
*** [all] Error code 1

(freebsd 9.2)
Chris Wadge
1 January 2014, 08:47
Hey all,

My Hiawatha unofficial Debian build 9.3.1-1 includes upstream PolarSSL 1.3.3: http://files.tuxhelp.org/hiawatha/BETA/

Happy new year,
-Chris

Hugo Leisink
1 January 2014, 12:14
@Heiko: change the wget line inside the script to:
wget --no-check-certificate -qO polarssl.tgz "https://polarssl.org/download/polarssl-${1}-gpl.tgz?do=yes"


And yes, you need to install wget first
Heiko
1 January 2014, 13:13
Hi Hugo,

now is wget working fine. But I get the same result like using fetch.

"cmake .. " is ok.

But make bringe this:

[ 5%] Building C object polarssl/library/CMakeFiles/polarssl.dir/aesni.c.o
/tmp//ccFag2SZ.s: Assembler messages:
/tmp//ccFag2SZ.s:68: Error: no such instruction: `aesenc %xmm1,%xmm0'
/tmp//ccFag2SZ.s:73: Error: no such instruction: `aesenclast %xmm1,%xmm0'
/tmp//ccFag2SZ.s:77: Error: no such instruction: `aesdec %xmm1,%xmm0'
/tmp//ccFag2SZ.s:82: Error: no such instruction: `aesdeclast %xmm1,%xmm0'
/tmp//ccFag2SZ.s:126: Error: no such instruction: `pclmulqdq $0x00,%xmm0,%xmm1'
/tmp//ccFag2SZ.s:127: Error: no such instruction: `pclmulqdq $0x11,%xmm0,%xmm2'
/tmp//ccFag2SZ.s:128: Error: no such instruction: `pclmulqdq $0x10,%xmm0,%xmm3'
/tmp//ccFag2SZ.s:129: Error: no such instruction: `pclmulqdq $0x01,%xmm0,%xmm4'
/tmp//ccFag2SZ.s:240: Error: no such instruction: `aeskeygenassist $0x01,%xmm0,%xmm1'
/tmp//ccFag2SZ.s:242: Error: no such instruction: `aeskeygenassist $0x02,%xmm0,%xmm1'
/tmp//ccFag2SZ.s:244: Error: no such instruction: `aeskeygenassist $0x04,%xmm0,%xmm1'
/tmp//ccFag2SZ.s:246: Error: no such instruction: `aeskeygenassist $0x08,%xmm0,%xmm1'
/tmp//ccFag2SZ.s:248: Error: no such instruction: `aeskeygenassist $0x10,%xmm0,%xmm1'
/tmp//ccFag2SZ.s:250: Error: no such instruction: `aeskeygenassist $0x20,%xmm0,%xmm1'
/tmp//ccFag2SZ.s:252: Error: no such instruction: `aeskeygenassist $0x40,%xmm0,%xmm1'
/tmp//ccFag2SZ.s:254: Error: no such instruction: `aeskeygenassist $0x80,%xmm0,%xmm1'
/tmp//ccFag2SZ.s:256: Error: no such instruction: `aeskeygenassist $0x1B,%xmm0,%xmm1'
/tmp//ccFag2SZ.s:258: Error: no such instruction: `aeskeygenassist $0x36,%xmm0,%xmm1'
/tmp//ccFag2SZ.s:290: Error: no such instruction: `aeskeygenassist $0,%xmm0,%xmm2'
/tmp//ccFag2SZ.s:303: Error: no such instruction: `aeskeygenassist $0x01,%xmm1,%xmm2'
/tmp//ccFag2SZ.s:305: Error: no such instruction: `aeskeygenassist $0x02,%xmm1,%xmm2'
/tmp//ccFag2SZ.s:307: Error: no such instruction: `aeskeygenassist $0x04,%xmm1,%xmm2'
/tmp//ccFag2SZ.s:309: Error: no such instruction: `aeskeygenassist $0x08,%xmm1,%xmm2'
/tmp//ccFag2SZ.s:311: Error: no such instruction: `aeskeygenassist $0x10,%xmm1,%xmm2'
/tmp//ccFag2SZ.s:313: Error: no such instruction: `aeskeygenassist $0x20,%xmm1,%xmm2'
/tmp//ccFag2SZ.s:315: Error: no such instruction: `aeskeygenassist $0x40,%xmm1,%xmm2'
/tmp//ccFag2SZ.s:356: Error: no such instruction: `aeskeygenassist $0x01,%xmm1,%xmm2'
/tmp//ccFag2SZ.s:358: Error: no such instruction: `aeskeygenassist $0x02,%xmm1,%xmm2'
/tmp//ccFag2SZ.s:360: Error: no such instruction: `aeskeygenassist $0x04,%xmm1,%xmm2'
/tmp//ccFag2SZ.s:362: Error: no such instruction: `aeskeygenassist $0x08,%xmm1,%xmm2'
/tmp//ccFag2SZ.s:364: Error: no such instruction: `aeskeygenassist $0x10,%xmm1,%xmm2'
/tmp//ccFag2SZ.s:366: Error: no such instruction: `aeskeygenassist $0x20,%xmm1,%xmm2'
/tmp//ccFag2SZ.s:368: Error: no such instruction: `aeskeygenassist $0x40,%xmm1,%xmm2'
/tmp//ccFag2SZ.s:370: Error: no such instruction: `aeskeygenassist $0x80,%xmm1,%xmm2'
/tmp//ccFag2SZ.s:415: Error: no such instruction: `aesimc %xmm0,%xmm0'
*** [polarssl/library/CMakeFiles/polarssl.dir/aesni.c.o] Error code 1
Stop in /root/hiawatha-9.3.1/build.
*** [polarssl/library/CMakeFiles/polarssl.dir/all] Error code 1
Stop in /root/hiawatha-9.3.1/build.
*** [all] Error code 1

What further infos do you need?
Happy new year.
Heiko
Heiko
3 January 2014, 04:55
It looks to be an aesni assembler problem on the this amd64.
I excluded aesni in config.h from polarssl and make was ok.
This is a workaround for the problem. I repored it to PolarSSL.
Many greetings,
Heiko
Chris Wadge
23 February 2014, 21:42
PolarSSL 1.3.4 is live. I've updated the unofficial Debian beta build with the latest libraries: http://files.tuxhelp.org/hiawatha/BETA/

Enjoy,
-Chris
Chris Wadge
27 February 2014, 00:02
One more unofficial build of Hiawatha for Debian. This time, I've built PolarSSL 1.3.4 without support for ARC4 ciphersuites, since they're considered quite broken at present. In my opinion, the client-side patches for BEAST have been out there long enough that if my own TLS clients are still vulnerable, I'd consider it to be strictly their own fault.

If you want the RC4-free builds, you can get them here: http://files.tuxhelp.org/hiawatha/BETA/No_RC4/

All the best,
-Chris
Mustafa Ramadhan
24 March 2014, 20:21
I found this issue for centos 5 64bit. No problem with Centos 5 32bit, Centos 6 32bit and Centos 6 64bit.

All articles

All tags: Years:
Copyright © by Hugo Leisink. All rights reserved.
Built upon the Banshee PHP framework.