headers
Tim Rice | 1 Jun 2005 06:34
Favicon

Re: Undefined symbol OPENSSL_ia32cap_P

On Tue, 31 May 2005, Tim Rice wrote:

[snip]
> Now to track down the test failure (test SSL protocol).

That was me forgeting about UnixWare 7.1.1 having an optimizer bug
when you use the -Kpentium_pro flag.

Tests fine without it.

> .....
> test sslv3 with client authentication
> Available compression methods:
>  NONE
> client authentication
> depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
> depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
> ERROR in SERVER
> 16395:error:1408E098:SSL routines:SSL3_GET_MESSAGE:excessive message 
> size:s3_both.c:449:
> SSLv3, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 512 bit RSA
> 1 handshakes of 256 bytes done
> *** Error code 1 (bu21)
> .....
>
>

--

-- 
Tim Rice				Multitalents	(707) 887-1469
tim <at> multitalents.net
(Continue reading)

Permalink | Reply | 0 comments |
headers
(Damien Miller) via RT | 1 Jun 2005 10:10
Picon
Favicon

[openssl.org #1089] test report for OpenBSD -current


Hi,

Here is a testlog for OpenBSD -current. We probably won't get around to
integrating 0.9.8 until after OpenBSD-3.8 is released.

I hacked the 'test skipped' stuff our of util/selftest.pl - I think skipping
tests because of no-mdc2 and no-rc5 is somewhat self-defeating

-d

OpenSSL self-test report:

OpenSSL version:  0.9.8-beta3
Last change:      Correct naming of the 'chil' and '4758cca' ENGINEs. Thi...
Options:          386 no-gmp no-krb5 no-mdc2 no-rc5 no-shared no-sse2 no-zlib no-zlib-dynamic
OS (uname):       OpenBSD baragon.mindrot.org 3.7 BARAGON#26 i386
OS (config):      i386-whatever-openbsd
Target (default): BSD-x86-elf
Target:           BSD-x86-elf
Compiler:         Configured with: 
Thread model: single
gcc version 3.3.5 (propolice)

Test passed.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev <at> openssl.org
Automated List Manager                           majordomo <at> openssl.org
(Continue reading)

Permalink | Reply | 0 comments |
headers
Nils Larsch via RT | 1 Jun 2005 10:41
Picon
Favicon

[openssl.org #1088] bug: SSL_load_client_CA_file always leaves errors in the error queue


ok, I've committed a fix with which SSL_load_client_CA_file
should clear the error queue on success. Please test a recent
snapshot.

Thanks,
Nils
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev <at> openssl.org
Automated List Manager                           majordomo <at> openssl.org
Permalink | Reply | 0 comments |
headers
Jostein Tveit | 1 Jun 2005 15:10
Picon
Picon
Favicon

openssl-0.9.8-beta3, Sun Forte compiler, 64-bit Solaris 8, core dump and RNG error.

Hi, OpenSSL developers.

I try to compile openssl-0.9.8-beta3 on Solaris 8, using 64-bit
Sun Forte compiler (cc: Sun C 5.7 2005/01/07)

When doing 'make test' I get a core dump. But after applying a
simple patch, I am unable to track down the bug any further.

The Solaris PRNG patch 112438 (as mentioned in the FAQ) is
installed.

$ ./Configure solaris64-sparcv9-cc shared
$ make
$ make test

[...]

-----
Country Name (2 letter code) [AU]:AU
Organization Name (eg, company) []:Dodgy Brothers
Common Name (eg, YOUR name) []:Dodgy CA

convert the certificate request into a self signed certificate
using 'x509'
unable to load 'random state'
This means that the random number generator has not been seeded
with much random data.
Consider setting the RANDFILE environment variable to point at a
file that
'random' data can be kept in (the file will be overwritten).
(Continue reading)

Permalink | Reply | 0 comments |
headers
Karim Sharif via RT | 1 Jun 2005 16:51
Picon
Favicon

RE: [openssl.org #1087] Memory leak - OpenSSL 0.9.7g


Thank you so much for your help.  
"X509_free(peer);" was the solution. 

Please consider this case closed.

-----Original Message-----
From: nobody2 <at> Jessen.SBone.TU-Cottbus.De
[mailto:nobody2 <at> Jessen.SBone.TU-Cottbus.De] On Behalf Of Nils Larsch via
RT
Sent: Tuesday, May 31, 2005 4:17 PM
To: Karim Sharif
Cc: openssl-dev <at> openssl.org
Subject: Re: [openssl.org #1087] Memory leak - OpenSSL 0.9.7g

Karim Sharif via RT wrote:
> Hello,
>  
> I would like to report a memory leak in SSL_connect(). Following code 
> sample was check for memory leaks using "Purify" and show a 13K leak 
> in SSL_connect().

did you read the "* I think I've detected a memory leak, is this a bug?"
item in the FAQ ?

Didn't purify give you a somewhat more precise description where the mem
leak is ?

...
>     peer = SSL_get_peer_certificate(servercon);
(Continue reading)

Permalink | Reply | 0 comments |
headers
Nils Larsch via RT | 1 Jun 2005 16:58
Picon
Favicon

[openssl.org #1087] Memory leak - OpenSSL 0.9.7g


ok, ticket resolved.

Cheers,
Nils
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev <at> openssl.org
Automated List Manager                           majordomo <at> openssl.org
Permalink | Reply | 0 comments |
headers
Dmitry Belyavsky via RT | 1 Jun 2005 17:20
Picon
Favicon

[openssl.org #1090] [BUG] Segfault in dgst signing with rsa private key


Hello!

I use 0.9.8-stable-SNAP-20050601 snapshot. Problem occurs on digest
signing.

make report:
========
OpenSSL self-test report:

OpenSSL version:  0.9.8-beta4-dev
Last change:      Correct naming of the 'chil' and '4758cca' ENGINEs. Thi...
Options:          -g enable-shared enable-zlib no-gmp no-krb5 no-mdc2 no-rc5 no-zlib-dynamic
OS (uname):       Linux manul 2.4.26-1-386 #1 Tue Aug 24 13:31:19 JST 2004 i686 GNU/Linux
OS (config):      i686-whatever-linux2
Target (default): linux-elf
Target:           linux-elf
Compiler:         Configured with: ../src/configure -v
--enable-languages=c,c++,java,f77,pascal,objc,ada,treelang --prefix=/usr
--mandir=/usr/share/man --infodir=/usr/share/info
--with-gxx-include-dir=/usr/include/c++/3.3 --enable-shared --enable-__cxa_atexit
--with-system-zlib --enable-nls --without-included-gettext --enable-clocale=gnu
--enable-debug --enable-java-gc=boehm --enable-java-awt=xlib --enable-objc-gc i486-linux
Thread model: posix
gcc version 3.3.5 (Debian 1:3.3.5-12)

Test skipped.
=======
Native tests are passed. So I do:
(Continue reading)

Permalink | Reply | 3 comments |
headers
Bernhard Simon via RT | 1 Jun 2005 17:20
Picon
Favicon

[openssl.org #1091] openssl-0.9.8-beta3 on ULTRIX 4.5 (gcc)


Environment: openssl-0.9.8-beta3, ULTRIX 4.5, ultrix-gcc (gcc 2.95.3)

On this platform, gcc 2.95.3 supports 64-bit integer. To enable SHA512
(and avoid the "undefined BN_ULLONG" problem in pqueue.c) only the
following change was necessary:

 - Configure (line 497, insert BN_LLONG)
   "ultrix-gcc","gcc:-O3 -DL_ENDIAN::(unknown):::BN_LLONG::::",

With this change openssl-0.9.8-beta3 compiled fine (4.5 hours) and
passed all tests (2.6 hours).

Bernhard Simon, TU Wien, ZID/StS

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev <at> openssl.org
Automated List Manager                           majordomo <at> openssl.org
Permalink | Reply | 0 comments |
headers
Bernhard Simon via RT | 1 Jun 2005 17:21
Picon
Favicon

[openssl.org #1092] openssl-0.9.8-beta3 on ULTRIX 4.5 (/bin/sh)


Environment: openssl-0.9.8-beta3, ULTRIX 4.5, default shell

ULTRIX's default shell (/bin/sh) is "a bit special", so I don't expect
to get this fixed. But for reference (and because these problems only
exist since openssl-0.9.7f) I'll report them:

(1) "test -x" unsupported (util/opensslwrap.sh)
   # echo "test -x /bin/sh" | /bin/sh
   test: argument expected
   # echo "test -f /bin/sh" | /bin/sh
   # echo "test -x /bin/sh" | /bin/ksh

   /bin/sh has no builtin "test" and /bin/test does not understand "-x".

(2) ":" in parameter substitution (Makefile.org, Makefile.shared)
   # echo "echo \${X:-x}" | /bin/sh
   /bin/sh: bad substitution
   # echo "echo \${X-x}" | /bin/sh
   x
   # echo "echo \${X:-x}" | /bin/ksh
   x

   Similar problem with "${X:=x}".

Workaround:
(1)  In util/opensslwrap.sh replace all (three) "-x" with "-f".
(2a) In Makefile.org, Makefile.shared replace :-/:= with -/= or
(2b) keep Makefile.org, Makefile.shared unchanged and force "make" to use
     a different shell with PROG_ENV=POSIX MAKESHELL=<better_shell>, e.g.
(Continue reading)

Permalink | Reply | 0 comments |
headers
Jostein Tveit | 1 Jun 2005 17:36
Picon
Picon
Favicon

Re: [openssl.org #1090] [BUG] Segfault in dgst signing with rsa private key

"Dmitry Belyavsky via RT" <rt <at> openssl.org> writes:

> I use 0.9.8-stable-SNAP-20050601 snapshot. Problem occurs on digest
> signing.

This seems to be the same bug as I reported just a couple of
hours ago on openssl-dev.
(Se post with subject "openssl-0.9.8-beta3, Sun Forte compiler,
64-bit Solaris 8, core dump and RNG error.")

Try to see if you get the same error as me if you apply the error
checking patch:

diff -ur openssl-0.9.8-beta3-orig/crypto/rsa/rsa_lib.c openssl-0.9.8-beta3-work/crypto/rsa/rsa_lib.c
--- openssl-0.9.8-beta3-orig/crypto/rsa/rsa_lib.c 2005-05-11 03:45:33.000000000 +0000
+++ openssl-0.9.8-beta3-work/crypto/rsa/rsa_lib.c 2005-06-01 12:31:33.490002000 +0000
 <at>  <at>  -402,6 +402,11  <at>  <at> 

        ret = BN_BLINDING_create_param(NULL, e, rsa->n, ctx,
                        rsa->meth->bn_mod_exp, rsa->_method_mod_n);
+       if (!ret)
+               {
+               RSAerr(RSA_F_RSA_SETUP_BLINDING, ERR_R_MALLOC_FAILURE);
+               goto err;
+               }
        BN_BLINDING_set_thread_id(ret, CRYPTO_thread_id());
 err:
        BN_CTX_end(ctx);

--

--
(Continue reading)

Permalink | Reply | 2 comments |

Gmane