Hey guys, My hubby works in the Firmware R&D for the HP Business critical systems group. I figured this was right up his alley, so I hope that people do not mind seeking out some further advice here.
Here's the advice I've gotten so far: --------------------------------------------------- Wow, 11.23? That version came out way back in like 2005 I think. There is a tool called SW Assistant that shows if an OS is missing any critical patches: https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA Here’s where I used to go to get open source for HPUX: http://hpux.connect.org.uk/ This line also makes me curious: > LINT B.11.11.22 CXREF B.11.11.22 > HP92453-01 B.11.11.22 HP C Compiler Are they using a C compiler & version of Lint for HPUX 11.11? Does this introduce compatibility conflicts with HPUX 11.23? ---------------------------------------------------- BTW: Feel free to email/gchat me personally. On Mon, Sep 22, 2014 at 5:19 AM, Mrunal Nerpawar <p.mru...@gmail.com> wrote: > > > On Mon, Sep 22, 2014 at 3:45 PM, Mrunal Nerpawar <p.mru...@gmail.com> > wrote: > >> >> >> On Sat, Sep 20, 2014 at 7:28 AM, Tom Francis <fr...@tcsaf.com> wrote: >> >>> >>> On Sep 19, 2014, at 7:55 AM, Mrunal Nerpawar <p.mru...@gmail.com> wrote: >>> >>> > >>> > >>> > On Fri, Sep 19, 2014 at 3:05 PM, Andy Polyakov <ap...@openssl.org> >>> wrote: >>> > > I could not get this working even on a 11.23 machine having latest >>> (last >>> > > one released in December 2007). >>> > >>> > ... latest what? I mean it appears that you missed something. But more >>> > relevant question is what does ld -V return, what patches are >>> installed. >>> > But please don't show the list and ask which patches should be >>> > installed. Or at least don't expect answer from me, as I don't know. As >>> > already mentioned, the references to specific ld versions is simply >>> > something that was observed to not work and then work in specific >>> > situation, it's just two dots on the mesh, that's all. >>> > >>> > I meant latest patch.. I ate that word >>> >>> There are definitely more recent patches than 2007. HP fixed a number >>> of bugs (one that I submitted) for Itanium and 11.23 in 2011; took a few >>> tries to get it right, unfortunately. Bugs in compiler, link editor, and >>> dynamic linker. As Andy mentions, the output of ld -V can at least give us >>> an idea of what you’ve got. I’ve no longer got access to the HP boxes I >>> was using, so I can only go by memory here. :( Oh, and I still get patch >>> notifications from HP, so I know they’re still making new patches for 11.23 >>> on a regular basis. :) >>> >> >> Okay. I will check for the patches. It is admin guy who has the creds to >> download the patches install them on servers. >> output of ld cmd: >> bash-2.05# ld -V >> ld: 92453-07 linker ld HP Itanium(R) B.12.42 IPF/IPF >> ld: No input files >> Fatal error. >> >> bash-2.05# cc -V > cc: HP C/aC++ B3910B A.06.25 [Nov 30 2009] > >> >> >>> > > Can anyone tell me the impact of not using +sectionmerge since it is >>> not >>> > > working on 11.23. >>> > >>> > It was mentioned it the beginning of thread: "it didn't do the >>> > sectionmerge (*which was resulting in crash upon startup*)". It should >>> > be noted that crash is one possibility, another possibility is that >>> > initialization test is rendered *non-compliant* with validation >>> > requirements. >>> > Right. I shouldn't have asked this question again. Apologies. >>> > >>> > > I am also evaluating the possibility of using 11.31 and tried >>> building >>> > > openssl on it, however, getting different error while bulding fips >>> code >>> > > this time: >>> > > >>> > > + cc -I. -I.. -I../include -DOPENSSL_FIPSCANISTER +Z -DOPENSSL_PIC >>> > > -DOPENSSL_THREADS -DDSO_DLFCN -DHAVE_DLFCN_H -D_REENTRANT -Ae +DD64 >>> +O3 >>> > > (Bundled) cc: warning 922: >>> > ^^^^^^^^^ Real, i.e. unbundled, compiler is absolute requirement for >>> > OpenSSL on HP-UX in any situation. >>> > Okay. Let me try getting unbundled compiler and try compiling >>> > >>> > > Another build issue on HP-PA: >>> > > I am getting following error on HP-PA while building fips capable >>> openssl: >>> > > >>> > > make[2]: Entering directory `/openssl/hp-pa/openssl-1.0.1h' >>> > > [ -z "libcrypto" ] || cc +Z -DOPENSSL_PIC -DOPENSSL_THREADS -DDSO_DL >>> > > -D_REENTRANT +DA2.0 +DS2.0 +O3 +Optrs_strongly_typed -Ae +ESlit >>> > > -DB_ENDIAN -DMD32_XARRAY -D_REENTRANT -I/openssl/hp-pa/fips/include >>> > > -Iinclude \ >>> > > -DFINGERPRINT_PREMAIN_DSO_LOAD -o fips_premain_dso \ >>> > > /openssl/hp-pa/fips/lib/fips_premain.c >>> > > /openssl/hp-pa/fips/lib/fipscanister.o \ >>> > > libcrypto.a -Wl,+s -ldld >>> > > /usr/ccs/bin/ld: Duplicate symbol "$global$" in files >>> > > /opt/langtools/lib/crt0.o and /openssl/hp-pa/fips/lib/fipscanister.o >>> > >>> > I don't have comment on this, because I don't have access to HP-PA >>> > system with vendor compiler. I can only say that goal is that >>> > fipscanister.o looks exactly like any other .o file generated by >>> > compiler, and just like any other such file it shouldn't have symbols >>> > otherwise found in crt0.o. The fact that crt0.o symbols made their way >>> > to fipscanister.o indicates that something went wrong at fipscanister.o >>> > link stage and -r flag was not respected. Is it possible that it also >>> > was linked with bundled compiler? >>> > It is not. Here is the output: >>> > bash-2.05$ which cc >>> > /bin/cc >>> > bash-2.05$ what /bin/cc >>> > /bin/cc: >>> > $Revision: 92453-07 linker linker crt0.o B.11.64 080728 $ >>> > LINT B.11.11.22 CXREF B.11.11.22 >>> > HP92453-01 B.11.11.22 HP C Compiler >>> > $ PATCH/11.00:PHCO_27774 Oct 3 2002 09:45:59 $ >>> >>> what is just showing the version info of libc and crt0, which while >>> helpful aren’t relevant. cc -V will give the version number. But that’s >>> OK, because I remember this problem, and it’s most annoying, every so >>> often, an object file is generated with symbols from crt0.o included — made >>> a real mess of compiling any application; you’d get random failures at link >>> time with different object files reporting the multiple symbols. The fix >>> here is a bit different, though, you need to go download the new HP C/C++ >>> compiler package and install it — you won’t be offered patches that will >>> fix the problem (the latest patch for that compiler version is the one that >>> introduced the problem). Be aware, that in order to install the newer >>> compiler, you’ll need to install a lot of other patches — if you’re in the >>> developer program, it should offer to let you download all the relevant >>> patches at once (at least, it did back in 2011, which was the last time I >>> had to run a similar upgrade; HP stopped offering new versions as patches >>> around 2009, IIRC). >>> >>> One other thing: How are you checking if you’ve got the latest patches >>> installed? >>> >>> TOM >>> >>> cc -V isn't showing anything. >> As mentioned above, its the admin guy who installed and informed that it >> is at latest now. >> I could not verify as swlist command is also throwing error, >> swlist -l patches >> ERROR: An invalid level was given for the successful execution of >> "swlist". The valid levels are: "root", "depot", "bundle", >> "product", "subproduct", "fileset", "file", "shroot", >> "prroot", "category", "patch", "control_file". >> ERROR: Command line parsing failed. >> >> Btw, are these error while building openssl seen from certain version of >> openssl or so? >> The last version built on these machines was 0.9.8r around 3 yrs back and >> no such issues were seen then. >> >> Mrunal >> >> > >>> > ______________________________________________________________________ >>> > OpenSSL Project http://www.openssl.org >>> > Development Mailing List openssl-dev@openssl.org >>> > Automated List Manager majord...@openssl.org >>> > >>> ______________________________________________________________________ >>> OpenSSL Project http://www.openssl.org >>> Development Mailing List openssl-dev@openssl.org >>> Automated List Manager majord...@openssl.org >>> >> >> > -- Stacy Devino StacyDevino.com KF5NQI Mobile, Web, Audio, Hardware
