Re: Linking kdelibs against openssl 1.0
- Original Message - > I am trying to build kdelibs. I built openssl with > > ./config --prefix=/home/ddoria/bin shared > make > make install > > Everything seemed to go well. > > Then when I run cmake on kdelibs, it seems to find my system version > of openssl (/usr/...) even though I have /home/ddoria/bin first on > PATH and /home/ddoria/bin/lib first on LD_LIBRARY_PATH. Why would it You should not need to set LD_LIBRARY_PATH, ever. > not find my local build of openssl? I tried to set it manually by > setting: > > OPENSSL_INCLUDE_DIR /home/ddoria/bin/include/openssl > OPENSSL_LIBRARIES/home/ddoria/bin/lib64/libssl.so > > but when I try to build kdelibs I get: > > Linking CXX shared module ../../lib/kio_http.so > /usr/krb5/lib/libkrb5.a(pkinit_crypto_openssl.o): In function > `pkinit_decode_data': > pkinit_crypto_openssl.c:(.text+0x75ea): undefined reference to > `EVP_PKEY_decrypt_old' > > I take this to mean that it is still not using the correct openssl? Not necessarily, though it's hard to say without seeing the actual call to the linker. > Any clues on how to make it use the right one? > > Thanks, > > David i -- Igor Galić Tel: +43 (0) 664 886 22 883 Mail: i.ga...@brainsware.org URL: http://brainsware.org/ __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Compiling OpenSSL on linux-ia64-icc - Problem with SHA1 Asm
> Is there a target for x86_64 with icc? I could not find one in the > Configure script, therefore I assume icc is not supported, or is it? Try creating your own, base it off the linux-ia64-icc and the linux-x86_64 If it works out fine and passes make test submit a patch, please. i -- Igor Galić Tel: +43 (0) 664 886 22 883 Mail: i.ga...@brainsware.org URL: http://brainsware.org/ __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: generic configuration for 64 bit
- Original Message - > hi all, > > The Configure file has generic 32 bit configurations: > > # Basic configs that should work on any (32 and less bit) box > "gcc","gcc:-O3::(unknown):::BN_LLONG:::", > "cc", "cc:-O::(unknown)::", > > What would be an equivalent generic configuration for 64 bit? If you are on Linux system, that would be: ./Configure linux-x86_64 > Best, > Misha i -- Igor Galić Tel: +43 (0) 664 886 22 883 Mail: i.ga...@brainsware.org URL: http://brainsware.org/ __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: s_client
- Original Message - > Trying to use the "openssl s_client" utility to test an https page. > I > am able to connect, and to perform a GET and see pages, but I can't > make > a POST work. I try to do something like: Having established that GET works via SSL, why not use something like curl for the POST? i -- Igor Galić Tel: +43 (0) 664 886 22 883 Mail: i.ga...@brainsware.org URL: http://brainsware.org/ __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Tutorial to start with openssl.
> All, > > > I am a newbie, any tutorial to start with openssl? That highly depends on what you want to achieve. There *is* documentation. http://openssl.org/docs/ You probably want to start with the http://openssl.org/docs/HOWTO/ which explains some of the essential concepts you'll need to know. > Benix. i -- Igor Galić Tel: +43 (0) 664 886 22 883 Mail: i.ga...@brainsware.org URL: http://brainsware.org/ __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: default certs path
- "Kārlis Repsons" wrote: > Hello all, > > perhaps there is someone out there, who knows why openssl doesn't > seem > to look for certs in /etc/ssl/certs as indicated in openssl.cnf: > > [ ca ] > default_ca = CA_default# The default ca section > > [ CA_default ] > dir = /etc/ssl # Where everything is kept > certs = $dir/certs# Where the issued certs are > > > For example with s_client: if it's given -CApath /etc/ssl/certs, the > process is successful, otherwise it can't find the local > certificates... > > openssl s_client -CApath /etc/ssl/certs -connect paypal.com:443 > vs > openssl s_client -connect paypal.com:443 Actually, you will find that openssl s_client -CApath /zomg/wtf -connect paypal.com:443 Will give you the same result as a valid path. > There are also problems with various other programs, which can't do > verification... > > Any cure known? Something more to specify here? None of which I would know, or RT: http://rt.openssl.org/Ticket/Display.html?id=977&user=guest&pass=guest i -- Igor Galić Tel: +43 (0) 664 886 22 883 Mail: i.ga...@brainsware.org URL: http://brainsware.org/ __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: [FWD] Apache 2.2.17 and OpenSSL 1.0.0c - Crash with SSLVirtualHost ServerName set.
- "Lutz Jaenicke" wrote: > Forwarded to openssl-users for discussion. > > Best regards, > Lutz > > - Forwarded message from Ryan Wehrle - > > DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; > d=gmail.com; s=gamma; > h=domainkey-signature:mime-version:date:message-id:subject:from:to > :content-type:content-transfer-encoding; > bh=3SVqXgi7XU2AyKoIAg/VcZOohkhWLoGcOoKp1DiDvDk=; > b=ZUJ6eCdhqG0h+ngPIKyLyMlCq01n0oosXtQsTZcHpCtbUAQf56BS9QqlL4FExWbv37 > B6JGAP655zKncgyS3jNI5Vc2SPcPb/VOWyRuEX41X9D5ZY5t8JK2w32kC4UvQnp1IfS+ > zRM7B8vBpRxg59oMVSN6RTm614C6EpCHmykWk= > DomainKey-Signature: a=rsa-sha1; c=nofws; > d=gmail.com; s=gamma; > h=mime-version:date:message-id:subject:from:to:content-type > :content-transfer-encoding; > b=YOwcRm54U5D8GeoTmcDzmBYbFXUFV0B1cFp2JVd95Us2SNfo4mnypM8kAwrTXLAcU8 > vrWYlHFFdnrEw2IHqoZxNanZP3Cp8ZNGD5y+oUgw/s4PZlFVtjRRY4IHvHi/NOgVjjGR > B2pIaT7YHgSOyqbilSsPzmMHsMYHaGXYpXUzE= > Date: Mon, 31 Jan 2011 03:40:12 -0600 > Subject: Apache 2.2.17 and OpenSSL 1.0.0c - Crash with SSLVirtualHost > ServerName set. > From: Ryan Wehrle > To: openssl-b...@openssl.org > > Essentially here are my results: > In other browsers (IE/FF/Chrome): > If I set the ServerName property to RFiles.org ServerNames are domain names are case insensitive. > (httpd.exe crashes because of ssleay32.dll from OpenSSL 1.0.0c) Can you provide a trace of the crash? What do your certificates look like? i -- Igor Galić Tel: +43 (0) 664 886 22 883 Mail: i.ga...@brainsware.org URL: http://brainsware.org/ __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org