When I upgraded from OpenSSL 0.9.6b to 0.9.6c on my (very) old NeXT cube, running NEXTSTEP 3.1, an existing application started failing.
I tracked the failure first to the X509_NAME_oneline() function, which was no longer returning object names (e.g., "C") but was instead returning OIDs (e.g., 2.5.4.6). Deeper debugging showed that OBJ_obj2nid() wasn't returning names. The eventual problem turned out to be that the NEXTSTEP 3.1 memcmp() C library function returns an erroneous value to obj_cmp(). Since I have no way to change the C library I hacked a change into crypto/objects that substitutes a working memcmp(). That hack confirmed the memcmp() bug failure. However, the hack is just a hack. My question is how to do a proper substitute of the correct memcmp() function for the incorrect one in the C library. What config options might be appropriate? (I used -Dmemcmp=my_memcmp for the hack and put a my_memcmp() function in crypto/objects/obj_lib.c.). Where should the correct memcmp() function be located? How should the remainder of the OpenSSL source code be told to use the correct function? I would really appreciate some advice from the OpenSSL developers on the best way to work around the failing C library's memcmp() function. Vic Abell <[EMAIL PROTECTED]> ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
