[openssl-users] missing default /usr/local/ssl/openssl.cnf causes failure on AIX, warning on all others

Richard Moore richmoore44 at gmail.com
Fri Jan 23 16:06:47 UTC 2015

On 23 January 2015 at 15:04, Michael Wojcik <Michael.Wojcik at microfocus.com>

> > From: openssl-users [mailto:openssl-users-bounces at openssl.org] On Behalf
> > Of Koehne Kai
> > Sent: Friday, January 23, 2015 04:03
> > To: openssl-users at openssl.org
> > Subject: Re: [openssl-users] missing default /usr/local/ssl/openssl.cnf
> causes
> > failure on AIX, warning on all others
> >
> > This reminds me of
> > http://rt.openssl.org/Ticket/Display.html?id=2644&user=guest&pass=guest
> ,
> > though it's in another code path ... Over time I met at least 4 other
> people
> > who ran into exactly this issue on Windows, so if I'd have any votes to
> give to
> > a bug report, it would be this one :)
> This is an interesting one because the problem is clear - the openssl
> utility exits if it gets any error other than "file doesn't exist" trying
> to open its configuration file - but the solution is not.
The real problem isn't with openssl the utility. The problem (and it's a
major one) is that this behaviour occurs when using openssl as a library
and causes the application using openssl to terminate. This is appallingly
bad practice for a library.

> [snip

> Probably someone who's particularly bothered by this should submit a patch.

There's been a patch that's been ignored in the bug tracker for ages to at
least minimise this problem on Windows by treating EACCESS the same as
EPERM to handle the case of removable disks.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150123/0e9fab89/attachment-0001.html>

More information about the openssl-users mailing list