[openssl.org #801] Memory leak in pem_lib.c
Thanks, this will be fixed in the next snapshots. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
First (initializing) call to RAND_status() very slow on Win32
Title: First (initializing) call to RAND_status() very slow on Win32 Hello, I am sorry for the long post, there is a question at the very end :-) (I sent it to the the openssl-users group at first, maybe you the developers are interested rather than users.) We integrate OpenSSL 0.9.6l compiled with standard settings and linked statically on Win32 and used on Windows XP, 2000 and 2003. The initialization of OpenSSL used within an extension module for Microsoft Sharepoint 2003 caused very long delays (15 - 30 seconds) during the first call. The method RAND_poll() called from RAND_status() was identified to cause this. There were more tests performed to ensure the validity of results, here we are typical perfomances of RAND_poll(). Here we are a test result of an unmanaged Win32 executable, of a managed .NET executable and of an extension module for Sharepoint 2003, with the unmodified OpenSSL, only the extended performance logging added (there is number of kernel objects in parentheses and time in milliseconds next to them): --+---+-+-- Win32 EXE .NET EXE SPS DLL Source of entropy WITH HEAPS --+---+-+-- (N/A) 15 (N/A) 16 (N/A) 0 netapi32.dll (NetStatisticsGet) (N/A) 63 (N/A) 15 (N/A) 0 advapi32.dll (CryptoAPI) (256) 16 (471) 297 (1200) 17391 kernel32.dll (Heaps) (51) 0 (45) 0 (44) 15 kernel32.dll (Processes) (509) 15 (506) 16 (676) 203 kernel32.dll (Threads) (13) 0 (45) 0 (169) 47 kernel32.dll (Modules) --+---+-+-- 140 344 17672 The whole RAND_poll(). --+---+-+-- The Sharepoint extension can be unloaded if idle, and server reloads it again if needed. Then happens the reinitialization again, which is painful when it is used in a search engine. The first hit is unacceptably slow then. What happens, when we abandon the heap inspection? What improves in the performance and what we loose in entropy? Here we are a test result of an unmanaged Win32 executable, of a managed .NET executable and of an extension module for Sharepoint 2003, with a modified OpenSSL, where only the heap walking was removed and the extended performance logging added (there is number of kernel objects in parentheses and time in milliseconds next to them): --+---+-+-- Win32 EXE .NET EXE SPS DLL Source of entropy WITHOUT HEAPS --+---+-+-- (N/A) 0 (N/A) 0 (N/A) 0 netapi32.dll (NetStatisticsGet) (N/A) 15 (N/A) 15 (N/A) 31 advapi32.dll (CryptoAPI) (50) 0 (46) 0 (51) 15 kernel32.dll (Processes) (504) 16 (510) 16 (722) 203 kernel32.dll (Threads) (13) 0 (45) 0 (172) 63 kernel32.dll (Modules) --+---+-+-- 31 31 344 The whole RAND_poll(). --+---+-+-- The achieved times are acceptable also on a server, where there are many kernel objects in use. Here we are a comparison, what entropy we achive with the current RAND_poll() without the heap walking: --++--- Bytes in buffer Bytes of entropy Source of entropy INCLUDED --++--- (120 + 68) (45 + 17) netapi32 (NetStatisticsGet + NetApiBufferFree, LanmanWorkstation + LanmanServer) (64 + 64) (64 + 64) advapi32.dll ( + CryptAcquireContextA + CryptGenRandom + CryptReleaseContext, RSA_FULL + INTEL_P5_PRG) 32 1 GlobalMemoryStatus 4 1 GetCurrentProcessId (4 + 20 + 4) (1 + 2 + 1) user32.dll ( + GetForegroundWindow + GetCursorInfo + GetQueueStatus) processes.count * 296 processes.count * 9 kernel32.dll (Processes + threads.count * 28 + threads.count * 6 + Threads + modules.count * 547 + modules.count * 9 + Modules) --++--- An example of an achieved entropy in a process in a Windows XP/2003 session: 10 processes, 500 threads, 10 modules: 196 + 40 * 9 + 500 * 6 + 10 * 9 = 3376 --- These bytes of entropy are still bigger than 1024 bytes, which can be considered an adequately secure random seed. Here we are the entropy, which had added the heap walking: --+-+-- Bytes in buffer Bytes of entropy Source of entropy REMOVED --+-+-- heaps.count * (16 heaps.count * (3 kernel32.dll (Heaps, + entries.count * 36) + entries.count * 5) entries can reach max. 80) --+-+-- An example of a lost entropy in a process in a Windows
Re: First (initializing) call to RAND_status() very slow on Win32
Ferdinand Prantl wrote: Hello, I am sorry for the long post, there is a question at the very end :-) (I sent it to the the openssl-users group at first, maybe you the developers are interested rather than users.) We integrate OpenSSL 0.9.6l compiled with standard settings and linked statically on Win32 and used on Windows XP, 2000 and 2003. The initialization of OpenSSL used within an extension module for Microsoft Sharepoint 2003 caused very long delays (15 - 30 seconds) during the first call. The method RAND_poll() called from RAND_status() was identified to cause this. [...] Just one shot from the hip, can it be possible that you have directories in your PATH which are not acessible or are located on another computer which is currently down? OpenSSL on Win32 tries to load several DLLs on the first call to RAND_poll and therefore Win32 has to go through the PATH to find them. If there are invalid network directories in PATH Win32 needs some time to find out the facts... I myself have never seen such a slow RAND_poll, so I'd think the problem has to be located somwhere on your computer. Hope it helps, Ted ;) -- PGP Public Key Information Download complete Key from http://www.convey.de/ted/tedkey_convey.asc Key fingerprint = 31B0 E029 BCF9 6605 DAC1 B2E1 0CC8 70F4 7AFB 8D26 smime.p7s Description: S/MIME Cryptographic Signature
RE: First (initializing) call to RAND_status() very slow on Win32
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bernhard Froehlich Ferdinand Prantl wrote: Hello, I am sorry for the long post, there is a question at the very end :-) (I sent it to the the openssl-users group at first, maybe you the developers are interested rather than users.) We integrate OpenSSL 0.9.6l compiled with standard settings and linked statically on Win32 and used on Windows XP, 2000 and 2003. The initialization of OpenSSL used within an extension module for Microsoft Sharepoint 2003 caused very long delays (15 - 30 seconds) during the first call. The method RAND_poll() called from RAND_status() was identified to cause this. [...] Just one shot from the hip, can it be possible that you have directories in your PATH which are not acessible or are located on another computer which is currently down? OpenSSL on Win32 tries to load several DLLs on the first call to RAND_poll and therefore Win32 has to go through the PATH to find them. If there are invalid network directories in PATH Win32 needs some time to find out the facts... Thanks for the tip, Ted. I should have written more about the testing system. It is a VMware hosted installation, a cleanly installed Sharepoint 2003 server, where all paths are to the local windows directories and to our application directory. Another machine, where I run the small C++/.NET tests is normal Windows XP with only local directories in PATH. All directories on both systems exist. Sometimes I had 10-20 ms delay in LoadLibrary, when the system was under a bigger load, but... I made an extra crazy logging in a separate file from the whole method with entries for every call to be able to see which call does it. The slowness came directly from the loop where is the heap-walking, other parts were fast. Here is an example: RAND_poll: fopen(perflog_logfile): 0 RAND_poll: GetVersionEx: 0 RAND_poll: 4x LoadLibrary: 0 RAND_poll: 2x GetProcAddress: 0 RAND_poll: 2x netstatget: 16 RAND_poll: FreeLibrary: 0 RAND_poll: All Network: 16 RAND_poll: 3x GetProcAddress: 0 RAND_poll: 2x CryptGenRandom: 15 RAND_poll: LoadLibrary: 0 RAND_poll: All CryptoAPI: 15 RAND_poll: readtimer: 0 RAND_poll: GlobalMemoryStatus: 0 RAND_poll: GetCurrentProcessId: 0 RAND_poll: All Status: 0 RAND_poll: 3x GetProcAddress: 0 RAND_poll: GetForegroundWindow: 0 RAND_poll: GetCursorInfo: 0 RAND_poll: GetQueueStatus: 0 RAND_poll: FreeLibrary: 0 RAND_poll: All Windows: 0 RAND_poll: 12x GetProcAddress: 0 RAND_poll: Heap(471): 297 RAND_poll: Processes(45): 0 RAND_poll: Threads(506): 16 RAND_poll: Modules(45): 0 RAND_poll: ?x CloseHandle: 0 RAND_poll: FreeLibrary: 0 RAND_poll: All Kernel: 313 RAND_poll: All: 344 What is interesting, 471 heap entries takes much more time than 506 thread entries. OK, I can understand the slowness, if many big heaps are present; this code is run the worst count_of_heaps * 80 times: RAND_add(hentry, hentry.dwSize, 5); I myself have never seen such a slow RAND_poll, so I'd think the problem has to be located somwhere on your computer. Neither have I, until now... :-) What is interesting, this extrem slowness occurs only in our testing VMWare host (installed clean from the scratch). A standalone machine behaves cca 10 times faster, but still is the heap walking almost 20x slower as the other ways of computing entropy. Do you think, that the heap-walking gives an amount of entropy worth its performance costs? (Only the thread-walking can give more.) Hope it helps, Ted ;) Well, I solved it for me by patching the openssl in our production as our release draws nearer and nearer. I am attaching the file with the extended logging and the diff to rand_win.c which turns the heap-walking off, if anyone are interested. I can also test it further, should you like to have more information. thank you, Ferda rand_win.c.logging Description: rand_win.c.logging rand_win.c.diff Description: rand_win.c.diff
[openssl.org #1021] about Window ce 5.0
Hi, I'm Kim in Korea. First, I'm not good at speaking English.. sorry about that.. I'm wonder about that openssl library is used for windows ce 5.0 I try compile openssl, following install.wce. but, I got the message d:\wcecompat/wcedefs.mak(20) : fatal error U1050: Unexpected OSVERSION environment variable value Stop. Have you any version or any way for Windows CE 5.0? Response to me, please. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
[openssl.org #1022] BUG over make
Dear Sirs Me info: ### info: OS: LINUX FEDORA CORE-3 2.6.10-1.766 FC3 PERL: v5.8.6 built for i686-linux OPENSLL: openssl-0.9.7e.tar.gz ### Me config: ./config Operating system: i686-whatever-linux2 Configuring for linux-pentium Configuring for linux-pentium IsWindows=0 CC =gcc CFLAG =-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_NO_KRB5 -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -mcpu=pentium -Wall -DSHA1_ASM -DMD5_ASM -DRMD160_ASM EX_LIBS =-ldl BN_ASM =asm/bn86-elf.o asm/co86-elf.o DES_ENC =asm/dx86-elf.o asm/yx86-elf.o BF_ENC =asm/bx86-elf.o CAST_ENC =asm/cx86-elf.o RC4_ENC =asm/rx86-elf.o RC5_ENC =asm/r586-elf.o MD5_OBJ_ASM =asm/mx86-elf.o SHA1_OBJ_ASM =asm/sx86-elf.o RMD160_OBJ_ASM=asm/rm86-elf.o PROCESSOR = RANLIB =/usr/bin/ranlib ARFLAGS = PERL =/usr/local/bin/perl THIRTY_TWO_BIT mode DES_PTR used DES_RISC1 used DES_UNROLL used BN_LLONG mode RC4_INDEX mode RC4_CHUNK is undefined e_os2.h = include/openssl/e_os2.h [File exists] making links in crypto... make[1]: Entering directory `/openssl/crypto' crypto.h = ../include/openssl/crypto.h [File exists] tmdiff.h = ../include/openssl/tmdiff.h [File exists] opensslv.h = ../include/openssl/opensslv.h [File exists] opensslconf.h = ../include/openssl/opensslconf.h [File exists] ebcdic.h = ../include/openssl/ebcdic.h [File exists] symhacks.h = ../include/openssl/symhacks.h [File exists] ossl_typ.h = ../include/openssl/ossl_typ.h [File exists] making links in crypto/objects... make[2]: Entering directory `/openssl/crypto/objects' objects.h = ../../include/openssl/objects.h [File exists] obj_mac.h = ../../include/openssl/obj_mac.h [File exists] make[2]: Leaving directory `/openssl/crypto/objects' making links in crypto/md2... make[2]: Entering directory `/openssl/crypto/md2' md2.h = ../../include/openssl/md2.h [File exists] md2test.c = ../../test/md2test.c [File exists] make[2]: Leaving directory `/openssl/crypto/md2' making links in crypto/md4... make[2]: Entering directory `/openssl/crypto/md4' md4.h = ../../include/openssl/md4.h [File exists] md4test.c = ../../test/md4test.c [File exists] md4.c = ../../apps/md4.c [File exists] make[2]: Leaving directory `/openssl/crypto/md4' making links in crypto/md5... make[2]: Entering directory `/openssl/crypto/md5' md5.h = ../../include/openssl/md5.h [File exists] md5test.c = ../../test/md5test.c [File exists] make[2]: Leaving directory `/openssl/crypto/md5' making links in crypto/sha... make[2]: Entering directory `/openssl/crypto/sha' sha.h = ../../include/openssl/sha.h [File exists] shatest.c = ../../test/shatest.c [File exists] sha1test.c = ../../test/sha1test.c [File exists] make[2]: Leaving directory `/openssl/crypto/sha' making links in crypto/mdc2... make[2]: Entering directory `/openssl/crypto/mdc2' mdc2.h = ../../include/openssl/mdc2.h [File exists] mdc2test.c = ../../test/mdc2test.c [File exists] make[2]: Leaving directory `/openssl/crypto/mdc2' making links in crypto/hmac... make[2]: Entering directory `/openssl/crypto/hmac' hmac.h = ../../include/openssl/hmac.h [File exists] hmactest.c = ../../test/hmactest.c [File exists] make[2]: Leaving directory `/openssl/crypto/hmac' making links in crypto/ripemd... make[2]: Entering directory `/openssl/crypto/ripemd' ripemd.h = ../../include/openssl/ripemd.h [File exists] rmdtest.c = ../../test/rmdtest.c [File exists] make[2]: Leaving directory `/openssl/crypto/ripemd' making links in crypto/des... make[2]: Entering directory `/openssl/crypto/des' des.h = ../../include/openssl/des.h [File exists] des_old.h = ../../include/openssl/des_old.h [File exists] destest.c = ../../test/destest.c [File exists] make[2]: Leaving directory `/openssl/crypto/des' making links in crypto/rc2... make[2]: Entering directory `/openssl/crypto/rc2' rc2.h = ../../include/openssl/rc2.h [File exists] rc2test.c = ../../test/rc2test.c [File exists] make[2]: Leaving directory `/openssl/crypto/rc2' making links in crypto/rc4... make[2]: Entering directory `/openssl/crypto/rc4' rc4.h = ../../include/openssl/rc4.h [File exists] rc4test.c = ../../test/rc4test.c [File exists] make[2]: Leaving directory `/openssl/crypto/rc4' making links in crypto/rc5... make[2]: Entering directory `/openssl/crypto/rc5' rc5.h = ../../include/openssl/rc5.h [File exists] rc5test.c = ../../test/rc5test.c [File exists] make[2]: Leaving directory `/openssl/crypto/rc5' making links in crypto/idea... make[2]: Entering directory `/openssl/crypto/idea' idea.h = ../../include/openssl/idea.h [File exists] ideatest.c = ../../test/ideatest.c [File exists] make[2]: Leaving directory `/openssl/crypto/idea' making links in crypto/bf... make[2]: Entering directory `/openssl/crypto/bf' blowfish.h = ../../include/openssl/blowfish.h [File exists] bftest.c = ../../test/bftest.c [File exists] make[2]: Leaving directory `/openssl/crypto/bf' making links in crypto/cast... make[2]: Entering directory `/openssl/crypto/cast' cast.h =
[openssl.org #1023] openssl build fail under linux-x86_64 (RHEL 3.0)
./config -t Operating system: x86_64-whatever-linux2 Configuring for linux-x86_64 /project/asf/new_valid/pref_rhel3/bin/perl ./Configure linux-x86_64 ./config -d Operating system: x86_64-whatever-linux2 This system (debug-linux-x86_64) is not supported. See file INSTALL for details. the compilation gives this error : making all in crypto... make[1]: Entering directory `/project/sds/users/chaarim/other_build/openssl/build/openssl-0.9.7d/crypto' ( echo #ifndef MK1MF_BUILD; \ echo ' /* auto-generated by crypto/Makefile.ssl for crypto/cversion.c */'; \ echo ' #define CFLAGS gcc -fPIC -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_NO_KRB5 -DOPENSSL_NO_ASM -m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int'; \ echo ' #define PLATFORM linux-x86_64'; \ echo #define DATE \`LC_ALL=C LC_TIME=C date`\; \ echo '#endif' ) buildinf.h gcc -I. -I.. -I../include -fPIC -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_NO_KRB5 -DOPENSSL_NO_ASM -m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int -c -o cryptlib.o cryptlib.c cc1: Invalid option `64' make[1]: *** [cryptlib.o] Error 1 make[1]: Leaving directory `/project/asf/users/chaarim/other_build/openssl/build/openssl-0.9.7d/crypto' make: *** [sub_all] Error 1 -- --Mohamed CHAARI (mailto : [EMAIL PROTECTED]) __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
[openssl.org #1024] BUG: openssl fails to open random file in Solaris 10 due to O_NOFOLLOW option
I have built OpenSSL 0.9.7e on Solaris 10 (sparc). When the openssl command is run it fails with a error which states that it was unable to get sufficient entropy, even though Solaris has /dev/[u]random. So I built OpenSSL on Solaris 9 and found that the openssl command runs OK. I then ran the openssl command under truss on both Solaris 9 and 10, and found that on Solaris 10 the open() of the randomfile in rand_unix.c was failing with EINVAL. On Solaris 10, the open() call is made with an additional O_NOFOLLOW option which is not present in Solaris 9 (I don't think that Solaris 9 has this option defined). In rand_unix.c there is an #ifdef which tests to see if O_NOFOLLOW is defined and if it is then this option is added to the open() call. On Solaris 9 and 10 /dev/urandom and /dev/random actually exist legitimately as symbolic links like so: /dev/random - ../devices/pseudo/[EMAIL PROTECTED]:random /dev/urandom - ../devices/pseudo/[EMAIL PROTECTED]:urandom So on Solaris 10, the open() fails because it has been told not to follow these links. (On Solaris 9 it suceeds because there is no O_NOFOLLOW option.) I have worked around this by removing the O_NOFOLLOW option from rand_unix.c but it needs to be fixed either by allowing /dev/[u]random to be a sybolic link, or by allowing this only on Solaris platforms. __ Do you Yahoo!? Make Yahoo! your home page http://www.yahoo.com/r/hs __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Minimum compiler support on different unix flavours?
Peter Lambrechtsen wrote: Hello As part of a project I am compiling OpenSSL on multiple different Unix flavours and have had many different problems when trying to get OpenSSL to compile. Yes, we build on Solaris (6), 7, 8, 9, HP 10.20, 11.0, 11i IA64 11.23 SGI 6.5, and linux have built on AIX and Solaris 6 in the past. We use gcc 3.3.2 with the vendor's ld. Shared libs and rpath have always been a problem, since we build in AFS but copy to a local system for use, so rpath needs to be set seperatly. We have a mods to Configure to add a -rpath, then specifiy this seperatly when calling COnfigure. attached is a patch to 0.9.7e to Configure, Makefile.in and config to add the -rpath and fix some HP link options. and a script used to call Configure. So, I was wondering if anyone has done any work on minimum compiler requirements on a per flavour basis: IE: Solaris 2.6, 2.7, 8, 9: GNU - (GCC 3.2 + Binutuils 2.15 + GNU Make 3.80) or higher Sun - Forte C++ 6 Update 2 or higher AIX 4.3.3: GNU - (GCC 3.3.1 + Binutuils 2.15 + GNU Make 3.80) or higher but using the IBM ld for linking (I never got the GNU complier to build working shared libs) IBM - Visual Age C C++ 5.0.2.0 or higher HP-UX 11.00: GNU - (GCC 3.4.3 + Binutuils 2.15 + GNU Make 3.80) or higher but using the HP-UX ld for linking Etc... Has anyone done any work like this since every flavour of Unix seems to have different quirks (especially when it comes to shared libraries, which I can't get around since OpenLDAP needs OpenSSL to make shared lib's) and there doesn't seem to be a single functional repository of pre-built binaries for OpenSSL. The same applies to the random number generator (prngd or egd) on a per-flavour basis. There doesn't seem to be a place where you are told if the platform you are wanting to compile against has a random number generator or not (or when support was added via a patch etc). Yes you can check for /dev/random or /dev/urandom but if you don't know you need it then how can you look for it? Thanks Peter __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED] -- Douglas E. Engert [EMAIL PROTECTED] Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 --- ./apps/,MakefileTue Aug 10 04:09:07 2004 +++ ./apps/Makefile Tue Oct 26 12:39:38 2004 @@ -22,6 +22,7 @@ PEX_LIBS= EX_LIBS= EXE_EXT= +RPATH= SHLIB_TARGET= @@ -144,10 +145,11 @@ $(EXE): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL) $(RM) $(EXE) if [ $(SHLIB_TARGET) = hpux-shared -o $(SHLIB_TARGET) = darwin-shared ] ; then \ - $(CC) -o $(EXE) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(DLIBSSL) $(LIBKRB5) $(DLIBCRYPTO) $(EX_LIBS) ; \ + RPATH2=`echo $(RPATH) | sed -e 's/ /,/'` ; \ + $(CC) -o $(EXE) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(DLIBSSL) $(LIBKRB5) $(DLIBCRYPTO) $(EX_LIBS) -Wl,$${RPATH2} ; \ else \ LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \ - $(CC) -o $(EXE) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS) ; \ + $(CC) -o $(EXE) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS) $(RPATH) ; \ fi if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h /dev/null; then \ TOP=$(TOP) $(TOP)/fips/openssl_fips_fingerprint $(TOP)/libcrypto.a $(EXE); \ --- ./,ConfigureFri Oct 1 06:34:28 2004 +++ ./Configure Tue Oct 26 09:11:35 2004 @@ -10,7 +10,7 @@ # see INSTALL for instructions. -my $usage=Usage: Configure [no-cipher ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-engine] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [386] [[no-]fips] [debug] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n; +my $usage=Usage: Configure [no-cipher ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-engine] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [386] [[no-]fips] [debug] [--prefix=DIR] [--rpath=parms [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n; # Options: # @@ -18,6 +18,7 @@ # --prefix option is given; /usr/local/ssl otherwise) # --prefix prefix for the OpenSSL include, lib and bin directories # (Default: the OPENSSLDIR directory) +# --rpath loader parameter for rpath with the path # # --install_prefix Additional prefix for package builders (empty by # default). This needn't be set in advance, you can @@ -270,6 +271,10 @@ hpux64-parisc2-gcc,gcc:-O3 -DB_ENDIAN
Issue with SSL_CTX_new
Environment: Red Hat Enterprise Linux ES release 2.1 (Panama) using openssl-0.9.6b-35.7 rpm package Problem: Am running following code compiled under gcc: static SSL_CTX *gpsServerCTX; .. SSL_METHOD *psServerMethod; .. SSL_load_error_strings (); SSLeay_add_ssl_algorithms (); psServerMethod = SSLv23_server_method (); gpsServerCTX = SSL_CTX_new (psServerMethod); if (gpsServerCTX == NULL) printf("vmIPInit: *** No Server SSL_CTX object created (%d) ***\n"); I am getting gpsServerCTX as NULL all the time. This is code that worked on prior versions of openssl (openssl-0.9.6b-24 running in Red Hat Linux release 7.2 (Enigma) ) Any suggestions on what may be the problem are welcome. Thank you Tom Freund
RE: [openssl.org #1021] about Window ce 5.0
Hi Kim, No, I haven't seen Windows CE 5.0 yet so haven't tried to get OpenSSL to build for it. You may find that it's just a matter of adding a few lines to wcedefs.mak around line#20. Regards, Steven -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of jbkim via RT Sent: Saturday, 12 March 2005 2:53 AM Cc: openssl-dev@openssl.org Subject: [openssl.org #1021] about Window ce 5.0 Hi, I'm Kim in Korea. First, I'm not good at speaking English.. sorry about that.. I'm wonder about that openssl library is used for windows ce 5.0 I try compile openssl, following install.wce. but, I got the message d:\wcecompat/wcedefs.mak(20) : fatal error U1050: Unexpected OSVERSION environment variable value Stop. Have you any version or any way for Windows CE 5.0? Response to me, please. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]