> Failing step from "make test_gen" test/gentest script:
> mfg(259) ../apps/openssl req -config test.cnf -verify -in testreq.pem -noout
> verify failure
> 6901:error:04077064:rsa routines:RSA_verify:algorithm mismatch:rsa_sign.c:211:
> 6901:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP
> lib:a_verify.c:168:
>
> The culprit turns out to be "memcmp". In SunOS 4.x, "memcmp" implements
> a signed byte comparision implied by the native data type "char".
Good catch!
> --- openssl-0.9.8-stable-SNAP-20050906-orig/e_os.h 2005-08-02
> 16:03:17.000000000 -0700
> +++ openssl-0.9.8-stable-SNAP-20050906-work/e_os.h 2005-09-06
> 10:28:21.000000000 -0700
> @@ -565,6 +565,13 @@
> extern char *sys_errlist[]; extern int sys_nerr;
> # define strerror(errnum) \
> (((errnum)<0 || (errnum)>=sys_nerr) ? NULL : sys_errlist[errnum])
> + /* SunOS 4.x signed memcmp breaks table lookup of ASN1_OBJECT *obj_objs.
> + This replacement assumes gcc statement as expression extension. */
> +#define memcmp(s1,s2,n) ({int _ii,_uclim,_ucdiff=0; \
> + unsigned char *_ucp1=(unsigned char *)(s1), *_ucp2=(unsigned char *)(s2);
> \
> + for (_ii=0,_uclim=(n); _ii<_uclim; _ii++) \
> + if (_ucdiff=_ucp1[_ii] - _ucp2[_ii]) break; \
> + _ucdiff; })
> #endif
I've chosen to #define memcmp OPENSLL_memcmp and implement
OPENSSL_memcmp as real function. There is no guarantee that we don't run
into this on some other platform and then it would be nice not to be
dependent on GCC extention. Double-check tomorrow snapshots. Case is
being dismissed. A.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
