Full_Name: Paul Kronenwetter Version: 2.2.6 & 2.2.7 OS: RH-5.2 on Sparc (Linux-2.0.35-15) Submission from: drh1-19a.twcny.rr.com (24.92.255.154) I'm using mod_ssl 2.2.7 and OpenSSL/0.9.2b and have a similar problem to #130, however it's not on an Alpha, it's on a Sparc. I have a feeling that the TLS algorithms, the addition of OAEP protocol and the lack thereof in the RSARef package is causing this problem. (Unfortunate but necessary evils....) Here's some relevant failures in OpenSSL test: testing rsa conversions p -> d p -> p d -> d p -> d d -> p p -> p ./rsa_oaep_test Decryption failed! Decryption failed! Decryption failed! make[1]: *** [test_rsa] Error 1 I also received an Error in the SSLv2/v3 test area but I think that's related to the aged certificates: depth=0 /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Client test cert (512 bit) Protocol SSLv3, cipher TLSv1/SSLv3, EDH-RSA-DES-CBC3-SHA test sslv2/sslv3 make[1]: *** [test_ssl] Error 1 There were no errors building Apache 1.3.6 with EAPI nor when building mod_ssl, as usual I might add :-). The session log from (the latest attempt) ssl_engine_log: [05/Apr/1999 16:36:47] [info] Server: Apache/1.3.6, Interface: mod_ssl/2.2.7, Library: OpenSSL/0.9.2b [05/Apr/1999 16:36:47] [info] Init: 1st startup round (still not detached) [05/Apr/1999 16:36:47] [info] Init: Initializing OpenSSL library [05/Apr/1999 16:36:47] [info] Init: Loading certificate & private key of SSL-aware server n2kiq.ddns.org:443 [05/Apr/1999 16:36:47] [info] Init: Requesting pass phrase via builtin terminal dialog [05/Apr/1999 16:36:51] [info] Init: Wiped out the queried pass phrases from memory [05/Apr/1999 16:37:14] [info] Init: 2nd startup round (already detached) [05/Apr/1999 16:37:14] [info] Init: Reinitializing OpenSSL library [05/Apr/1999 16:37:15] [info] Init: Seeding PRNG with 8 bytes of entropy [05/Apr/1999 16:37:15] [info] Init: Generating temporary RSA private keys And the process table: root 6915 73.9 10.9 6372 2452 ? R 16:36 4:53 /export/home1/httpd/bin/httpd -DSSL root 6939 0.0 1.8 968 416 p0 S 16:43 0:00 grep http The same behavior was observed with 0.9.2b and 2.2.6. It's worth noting that with OpenSSl/0.9.1c and mod_ssl 2.2.5 (I think) and Apache 1.3.4 things worked nicely. -Paul ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
