<div dir="ltr"><div><div>Thanks for the suggestions Jay but am still not having much luck.<br><br></div>Does 1.0.1 have any minimum requirements for the libc version or kernel version? I am currently building against libc version 2.5 with the kernel at 2.6.30. <br><br></div>Mike<br><div><div><div><div><br>---------- Forwarded message ----------<br>From: Jay Foster <<a href="mailto:jayf0ster@roadrunner.com">jayf0ster@roadrunner.com</a>><br>To: <a href="mailto:openssl-users@openssl.org">openssl-users@openssl.org</a><br>Cc: <br>Date: Fri, 13 Feb 2015 08:48:12 -0800<br>Subject: Re: [openssl-users] 1.0.1 upgrade issue<br>
<div>I have successfully built OpenSSL
1.0.0..., 1.0.1..., and 1.0.2 also on an ARM926EJ linux based
system. I used the 'no-ssl2 no-ssl3 linux-armv4 shared' options
(plus some others). I found that it works with and without the
ARM assembly accelerations (no-asm option), even though the
ARM926EJ is an arm5te. It works fine with lighttpd and passes the
OpenSSL tests. I assume you are also using the appropriate
'--cross-compile-prefix=<prefix>' option. You might try
adding "-mlittle-endian -mcpu=arm926ej-s -DL_ENDIAN" to the
CFLAGS, although that should be redundant (the compiler should
already know this). Also, make sure there are no '-nostdinc' (or
similar) type compiler options creeping in. These change the
search order of header files, which can cause OpenSSL to be built
against the (old) headers in your tool chain, rather than it's
local (current) headers.<br>
<br>
I did discover that with 1.0.2, I also needed to add
'-DOPENSSL_USE_BUILD_DATE' to the CFLAGS to get the 'openssl
version -a' command to report a useful build date.<br>
<br>
Jay<br><br><br>
On 2/13/2015 7:29 AM, Mike Collins wrote:<br>
</div>
I am upgrading an embedded linux board's BSP from
1.0.0m to 1.0.1l due to a requirement for TLS v1.1. Version
1.0.1 will cross compile without errors using my 1.0.0
configuration but I have identified the following errors on the
board (so far) with the build using 1.0.1:
<div>1.) Cannot create a RSA key</div>
<div>2.) Trying to connect to the board's Lighttpd web server
via https will timeout with PKCS #11 error</div>
<div>3.) Curl https POST calls fail with RSA padding error.</div>
<div><br>
</div>
<div>Board has a ARM926EJ based processor and I am using a
Codesourcery Lite toolchain. Configure settings (besides
--prefix, etc) are shared, no-asm, linux-generic32, no-ssl2.
All the other packages on the board have been rebuilt against
the new openssl version.</div>
<div><br>
</div>
<div>I am looking at the key creation first since that may be
causing the other issues. If I try to create a key from the
board command line using "openssl genrsa -out testkey.pem
2048" I get a response of "Generating RSA private key, 2048
bit long modulus". At this point it seems to get stuck in a
loop; I am seeing the progress indicators (".") but it will
never finish creating the key. I have let it run 10-15 minutes
without completion; it just keeps displaying successive
progress indicators. I can do Ctrl-C and it will exit. </div>
<div><br>
</div>
<div>I don't think so but are there any dependency changes from
1.0.0 to 1.0.1?</div>
<div><br>
</div>
<div>I noticed 1.0.2 has been released so tried that as well but
have the same result as 1.0.1</div>
<div><br>
</div>
<div>Mike</div></div></div></div></div></div>