Hi.
I have found what I believe to be a bug in either OpenSSL or the HP ANSI
C compiler.
To cut a long story short, I was investigating a test failure in OpenSSH
which resulted in SSHv1 host keys being written as mostly zeros. The
code that writes these keys basically just calls BN_bn2dec and writes the
result to the known_hosts file.
I'm using openssl-0.9.7k, configured with ./Configure hpux-parisc2-cc
on HP-UX 11.00. I'm using the HP ANSI C compiler version B.11.02.10.
I have found that ./Configure hpux-parisc-cc seems to work OK.
I wrote a little test program to exercise BN_bn2dec(), and lo:
#include <stdio.h>
#include <openssl/bn.h>
int main (void)
{
printf("%s\n", BN_bn2dec(BN_value_one()));
}
$ cc test.c -L/usr/local/ssl/lib -I/usr/local/ssl/include -lcrypto
$ ./a.out
0
Needless to say, this does not appear to be ideal :-).
I have no idea what the cause is but I'm happy to test things. I did
extended the BN tests to at least catch this (diff attached).
Regards,
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
