[openssl-users] openssl 1.1.1 and FreeBSD 11.2
Viktor Dukhovni
openssl-users at dukhovni.org
Tue Sep 11 16:23:08 UTC 2018
> On Sep 11, 2018, at 11:33 AM, The Doctor <doctor at doctor.nl2k.ab.ca> wrote:
>
> Looks likes I found a first bug
>
> ../test/recipes/70-test_comp.t .....................
> Proxy started on port [::1]:10789
> Server command: ../../util/shlib_wrap.sh ../../apps/openssl s_server -max_protocol TLSv1.3 -no_comp -rev -engine ossltest -ext_cache -accept [::1]:0 -cert ../../apps/server.pem -cert2 ../../apps/server.pem -naccept 1 -cipher AES128-SHA -ciphersuites TLS_AES_128_GCM_SHA256
> engine "ossltest" set.
> Using default temp DH parameters
> ACCEPT [::1]:39577
> Server responds on [::1]:39577
> panic: XSUB Socket6::getaddrinfo (Socket6.c) failed to extend arg stack: base=805d16098, sp=805d160e8, hwm=805d160d0
This did not happen on my machine, the build succeeded, and all tests
passed:
$ uname -srp
FreeBSD 11.1-RELEASE-p10 amd64
##
## Makefile for OpenSSL
##
## WARNING: do not edit!
## Generated by Configure from ../Configurations/unix-Makefile.tmpl, ../Configurations/common.tmpl
PLATFORM=BSD-x86_64
OPTIONS=enable-shared no-asan no-crypto-mdebug no-crypto-mdebug-backtrace no-ec_nistp_64_gcc_128 no-egd no-fuzz-afl no-fuzz-libfuzzer no-heartbeats no-md2 no-msan no-rc5 no-sctp no-ssl-trace no-ssl3 no-ssl3-method no-ubsan no-unit-test no-weak-ssl-ciphers no-zlib no-zlib-dynamic
CONFIGURE_ARGS=("BSD-x86_64", "shared")
Ditto with a configuration similar to yours, but built with "CC=clang50":
##
## Makefile for OpenSSL
##
## WARNING: do not edit!
## Generated by Configure from ../Configurations/unix-Makefile.tmpl, ../Configurations/common.tmpl
PLATFORM=BSD-x86_64
OPTIONS=--prefix=/usr/local enable-crypto-mdebug enable-crypto-mdebug-backtrace enable-rfc3779 enable-shared enable-zlib-dynamic enable-sctp enable-rc4 enable-ssl-trace enable-unit-test no-asan no-ec_nistp_64_gcc_128 no-egd no-fuzz-afl no-fuzz-libfuzzer no-heartbeats no-idea no-md2 no-msan no-rc5 no-ssl3 no-ssl3-method no-ubsan no-weak-ssl-ciphers
CONFIGURE_ARGS=("--prefix=/usr/local", "BSD-x86_64", "enable-crypto-mdebug", "enable-crypto-mdebug-backtrace", "enable-rfc3779", "enable-shared", "zlib-dynamic", "enable-sctp", "enable-rc4", "disable-weak-ssl-ciphers", "no-idea", "enable-ssl-trace", "enable-unit-test")
> My configuration is
>
> #!/usr/local/bin/bash
> CC=/usr/local/bin/clang60 ./Configure --prefix=/usr/local BSD-x86_64 enable-crypto-mdebug enable-crypto-mdebug-backtrace enable-rfc3779 enable-shared zlib-dynamic enable-sctp enable-rc4 disable-weak-ssl-ciphers no-idea enable-ssl-trace enable-unit-test; make depend
You don't need to, and should not run "make depend" for OpenSSL 1.1.x.
I'd recommend building an empty sub-directory or "out of tree":
mkdir build; cd build; $path_to_source/Configure ...; make; make test
Why are you building with "enable-crypto-mdebug" and "enable-crypto-mdebug-backtrace"?
These are developer-team options, not expected to used by others, or necessarily work
reliably on all systems... They also incur a substantial performance penalty.
--
Viktor.
More information about the openssl-users
mailing list