[openssl-users] OpenSSL 1.0.2 Solaris 32 bit build is broken
John Foley
foleyj at cisco.com
Wed Apr 15 14:10:08 UTC 2015
How about the ./openssl sha1 command? Does that bomb too?
It might be interesting to copy crypto/sha/asm/sha1-sparcv9.pl from the
1.0.1 source into the 1.0.2 source. Then clean, configure, compile and
try again. There were changes to this file between 1.0.1 and 1.0.2.
Perhaps a bug was introduced. I'm assuming this script generates the
SHA source for your target platform.
On 04/15/2015 09:56 AM, John Unsworth wrote:
>
> core 'core' of 24243: ./openssl rand 64
>
> 000e9ce8 sha1_block_data_order (2ec298, 2ec2f4, 4, ffbfe018, ffbfe01c,
> 44) + 8
>
> 00226160 ssleay_rand_add (ffbfe114, 1, 20, ffbfdfec, 0, 14) + 530
>
> 00227048 RAND_poll (4, ffbfe100, ffbfe120, ffbfe120, 2c0650, 2c0644) + 38c
>
> 00226c00 ssleay_rand_status (c734, 0, 2b9f7c, 2c05cc, 2a0e70, 13000) + 138
>
> 00065eb4 app_RAND_load_file (ffbfe418, 2d5238, 0, 2800, 0, 1) + 88
>
> 00077cb8 rand_main (0, 0, ff242b30, 0, 0, 0) + 4b8
>
> 0001328c do_cmd (2eb4e8, 2, ffbffae0, 2b4728, 13e64, 2b3e98) + b8
>
> 00012f08 main (3, ffbffadc, 2eb4e8, 2a0000, 2b3e98, 2b4afc) + 3a4
>
> 00012a08 _start (0, 0, 0, 0, 0, 2b3e98) + 108
>
>
>
> Regards,
>
> John.
>
>
>
> *From:*openssl-users [mailto:openssl-users-bounces at openssl.org] *On
> Behalf Of *John Foley
> *Sent:* 15 April 2015 13:31
> *To:* openssl-users at openssl.org
> *Subject:* Re: [openssl-users] OpenSSL 1.0.2 Solaris 32 bit build is
> broken
>
>
>
> Do you see the same stack trace when simply using the random number
> generator:
>
> ./openssl rand 64
>
> What if you simply use SHA1:
>
> ./openssl sha1 <somefile>
>
>
> On 04/14/2015 12:17 PM, John Unsworth wrote:
>
> Is no-one interested at all about this problem? Or do I need to
> send it to another place?
>
>
>
> Regards,
>
> John.
>
>
>
> *From:*openssl-users [mailto:openssl-users-bounces at openssl.org]
> *On Behalf Of *John Unsworth
> *Sent:* 10 April 2015 14:54
> *To:* openssl-users at openssl.org <mailto:openssl-users at openssl.org>
> *Subject:* Re: [openssl-users] OpenSSL 1.0.2 Solaris 32 bit build
> is broken
>
>
>
> I have compiled 1.0.1m in the same way and that works fine using asm.
>
>
>
> John.
>
>
>
> *From:*openssl-users [mailto:openssl-users-bounces at openssl.org]
> *On Behalf Of *John Unsworth
> *Sent:* 10 April 2015 12:21
> *To:* openssl-users at openssl.org <mailto:openssl-users at openssl.org>
> *Subject:* [openssl-users] OpenSSL 1.0.2 Solaris 32 bit build is
> broken
>
>
>
> I have an application that runs quite happily using OpenSSL 1.0.1h
> on Solaris 32 bit. I want to upgrade but both 1.0.2 and 1.0.2a
> cause problems.
>
>
>
> 1 When building 1.0.2 using
>
>
>
> ./Configure solaris-sparcv9-cc no-shared -m32 -xcode=pic32
> -xldscope=hidden
>
>
>
> openssl s_client crashes on start:
>
>
>
> -bash-3.00$ ./openssl s_client -connect eos.es.cpth.ie:4250
>
> Segmentation Fault (core dumped)
>
> -bash-3.00$ pstack core
>
> core 'core' of 468: ./openssl s_client -connect
> eos.es.cpth.ie:4250
>
> 000e9ce8 sha1_block_data_order (2ed490, 2ed4ec, 4, ffbfebc0,
> ffbfebc4, 44) + 8
>
> 00226140 ssleay_rand_add (ffbfecbc, 1, 20, ffbfeb94, 0, 14) + 530
>
> 00227028 RAND_poll (4, ffbfeca8, ffbfecc8, ffbfecc8, 2c0630,
> 2c0624) + 38c
>
> 00226be0 ssleay_rand_status (c734, 0, 2b9f5c, 2c05ac, 2a0e50,
> 13000) + 138
>
> 00065eb4 app_RAND_load_file (ffbfefc0, 2d5218, 1, 2800, 0, 1) + 88
>
> 0004d784 s_client_main (0, c00, 0, c00, 2b4adc, 2f4380) + 5c94
>
> 0001328c do_cmd (2eb4c8, 3, ffbffa88, 2b4738, 13e64, 2b3e78) + b8
>
> 00012f08 main (4, ffbffa84, 2eb4c8, 2a0000, 2b3e78, 2b4adc) + 3a4
>
> 00012a08 _start (0, 0, 0, 0, 0, 2b3e78) + 108
>
>
>
> 2 So I then rebuilt adding no-asm flag. It manages to connect but
> negotiation fails with an error:
>
>
>
> 4280581268:error:140943FC:SSL routines:ssl3_read_bytes:sslv3 alert
> bad record mac:s3_pkt.c:1456:SSL alert number 20
>
> 4280581268:error:140790E5:SSL routines:ssl23_write:ssl handshake
> failure:s23_lib.c:177:
>
>
>
> This is against the server that is still running 1.0.1h and can be
> successfully connected with openssl built with 1.0.1h.
>
>
>
> Note that the 64 bit build seems to work perfectly. Unfortunately
> for historical reasons we need to use the 32 bit version.
>
>
>
> The 32 bit builds that we use on Windows and Linux also work
> perfectly. Is it something to do with byte order?
>
>
>
> Regards,
>
> John.
>
>
>
>
>
>
>
>
> _______________________________________________
>
> openssl-users mailing list
>
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
>
>
>
>
> _______________________________________________
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150415/2e5964f0/attachment-0001.html>
More information about the openssl-users
mailing list