It would appear the ASN1 default mask was changed from "anything" to UTF8 only in 1.0.1h; explicitly calling ASN1_STRING_set_default_mask(0xFFFFFFFFL) stops the racoon test from failing.
I have no idea what the implications of the OpenSSL change are, and what they would mean for racoon. Thanks, Christian OpenSSL upstream commit: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=3009244da47b989c4cc59ba02cf81a4e9d8f8431 commit 3009244da47b989c4cc59ba02cf81a4e9d8f8431 Author: Dr. Stephen Henson <[email protected]> Date: Sun Jun 1 15:03:00 2014 +0100 Set default global mask to UTF8 only. diff --git a/crypto/asn1/a_strnid.c b/crypto/asn1/a_strnid.c index dedc488..8993264 100644 --- a/crypto/asn1/a_strnid.c +++ b/crypto/asn1/a_strnid.c @@ -74,7 +74,7 @@ static int sk_table_cmp(const ASN1_STRING_TABLE * const *a, * certain software (e.g. Netscape) has problems with them. */ -static unsigned long global_mask = 0xFFFFFFFFL; +static unsigned long global_mask = B_ASN1_UTF8STRING; void ASN1_STRING_set_default_mask(unsigned long mask) { -- ,''`. Christian Hofstaedtler <[email protected]> : :' : Debian Developer `. `' 7D1A CFFA D9E0 806C 9C4C D392 5C13 D6DB 9305 2E03 `-
pgpAQGpAp_XBB.pgp
Description: PGP signature
