[openssl-dev] Fwd: Solaris 8, OpenSSL 1.0.1e, not connecting fro our client, but can connect via openssl in client mode
Tom Kacvinsky
tom.kacvinsky at vectorcast.com
Fri Nov 13 21:12:08 UTC 2015
Hi Valerie,
On Fri, Nov 13, 2015 at 4:06 PM, Valerie Fenwick <valerie.fenwick at oracle.com
> wrote:
> Why are you running on such an old OS? How old are your Windows and Linux
> systems? Certainly not of the same generation.
>
>
We still support S8 because some of our very important customers are still
using it.
Linux is faisly new Ubuntu 12.04, Windows is at 7.
Solaris 8 & 9 are no longer supported, so you can't get security patches
> or anything.
>
>
Yeah, I know. Could use some patches related to the linker being slow, but
that is beyond the scope of this email.
> I highly recommend you try at least S10, or better, yet - S11.
>
>
I built on S8 (we might use S10 in the future). But I also ran on S10 and
had the same issue.
I really think the problem is in the Qt code, as that really is the OpenSSL
client code (we just call their API).
What I am after is what in their code would cause a problem that the
openssl executable does not have. Once I have that information, I can
contact the Qt maintainers with a bug report.
the /dev/[u]random on S8 is a far cry from what is in our modern OSes.
>
> Valerie
>
> On 11/13/2015 12:38 PM, Tom Kacvinsky wrote:
>
>>
>> ---------- Forwarded message ----------
>> From: *Tom Kacvinsky* <tom.kacvinsky at vectorcast.com
>> <mailto:tom.kacvinsky at vectorcast.com>>
>> Date: Tue, Nov 10, 2015 at 5:51 PM
>> Subject: Solaris 8, OpenSSL 1.0.1e, not connecting fro our client, but can
>> connect via openssl in client mode
>> To: openssl-users at openssl.org <mailto:openssl-users at openssl.org>
>>
>>
>> I have an interesting case where I am using Solaris 8 (the patchset for
>> which
>> which has /dev/urandom and /dev/random) with OpenSSL 1.0.1e. I can see
>> from my
>> truss logs that we are attempting to connect to a secure web server, but
>> we see
>> nothing in the Apache log files indicating we connect.
>>
>> If I run
>>
>> ./openssl s_client -ssl3 -host XXX.vectorcast.com <http://XXX.YYY.com>
>> -port 443
>>
>> we do indeed connect. So I suspect it is something in the client code we
>> are
>> using. We are using the Qt 4.8.5 SSL client. What should I be on the
>> look out
>> for, so I can file a reasonable support request with Digia? This code
>> works
>> fine on Linux and Windows, so I don't really know at this point if the
>> problem
>> is with Solaris support in Qt, or something lower level in OpenSSL
>> (thought I
>> doubt the latter as openssl in client mode is able to connect).
>>
>> Thanks,
>>
>> Tom
>>
>>
>>
>> _______________________________________________
>> openssl-dev mailing list
>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
>>
>>
> --
> Valerie Fenwick, http://bubbva.blogspot.com/ @bubbva
> Solaris Cryptographic & Key Management Technologies, Manager
> Oracle Corporation: 4180 Network Circle, Santa Clara, CA, 95054.
> _______________________________________________
> openssl-dev mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20151113/a3e46cad/attachment-0001.html>
More information about the openssl-dev
mailing list