On Tue, Jul 3, 2012 at 4:54 PM, Pascal Terjan <[email protected]> wrote: > On Mon, Jun 11, 2012 at 3:15 PM, Shlomi Fish <[email protected]> wrote: >> Hi all, >> >> here is a small HOWTO about using OpenSSL with Mageia Cauldron applications >> that broke with the new version of the "openssl" package (1.0.1), such as svn >> with https:// URLs: >> >> 1. Download openssl-1.0.0j.tar.gz from: >> >> http://www.openssl.org/source/ >> >> 2. Unpack it. >> >> 3. Use the following shell script to configure it (you can customise the >> ossl_pref prefix to your liking: >> >> [QUOTE] >> #!/bin/bash >> ossl_pref="$HOME/apps/openssl" >> ./config --prefix="$ossl_pref" --openssldir="$ossl_pref/openssl" shared >> [/QUOTE] >> >> There is more coverage of this here: >> >> http://www.devside.net/guides/linux/openssl >> >> 4. Add the following lines to your .bashrc: >> >> [QUOTE] >> oldssl() >> { >> export LD_LIBRARY_PATH="$HOME/apps/openssl/lib/:$LD_LIBRARY_PATH" >> } >> [/QUOTE] >> >> 5. Now when you want to use svn with https:// or whatever just type "oldssl" >> first. >> >> ------------- >> >> I've tried to fix svn in Cauldron, but rebuilding it didn't help, and trying >> to >> rebuild libneon0.27 caused "%check" to fail. This was reported here: >> >> http://lists.manyfish.co.uk/pipermail/neon/2012-June/001473.html >> > > I am not on the ML so can't reply to the thread but debug.log seems to > be the interesting one: > > ******* Running test 18: client_cert_pkcs12 ******** > HTTP session to https://localhost:7777 begins. > ssl: SNI enabled by default. > ssl: Match common name 'ignored.example.com' against '' > Identity match for '': bad > ssl: Match common name 'nowhere.example.com' against '' > Identity match for '': bad > Running pre_send hooks > Sending request headers: > GET /foo HTTP/1.1^M > Keep-Alive: ^M > Connection: TE, Keep-Alive^M > TE: trailers^M > Host: localhost:7777^M > ^M > Sending request-line and headers: > Doing DNS lookup on localhost... > req: Connecting to 127.0.0.1:7777 > Doing SSL negotiation. > Supplying client certificate. > sess: Closing connection. > sess: Connection closed. > Request ends, status 0 class 0xx, error line: > SSL handshake failed: SSL error: digest too big for rsa key > Running destroy hooks. > Request ends.
Also, https://github.com/joyent/node/pull/2991
