It appears I answered too quickly...
On 10/23/07, Simon Vallet <[EMAIL PROTECTED]> wrote:
> Hi again,
>
> On 10/22/07, Simon Vallet <[EMAIL PROTECTED]> wrote:
> >
> > As mentioned, I don't have access to the box or the build log right
> > now, but I think -Wa,--noexecstack was indeed specified in
Hi again,
On 10/22/07, Simon Vallet <[EMAIL PROTECTED]> wrote:
>
> As mentioned, I don't have access to the box or the build log right
> now, but I think -Wa,--noexecstack was indeed specified in configure,
> and I think the generated .so do in fact contain text relocs. I will
> check this manuall
Hello OpenSSL developers,
Any reason why not merge the patch into snapshots?
http://rt.openssl.org/Ticket/Display.html?id=1451
It is important for people who wish to compile to Microsoft platform
without using any Microsoft resources.
Best Regards,
Alon Bar-Lev
___
Looking at the build system, it seems the culprits are the following
files:
crypto/x86cpuid-elf.s
crypto/des/dx86-elf.s
crypto/aes/ax86-elf.s
crypto/bf/bx86-elf.s
Well, these .o files can contain relocations, but they get resolved and
*disappear* when libcrypto.so is linked. If you want confirm
On Mon, Oct 22, 2007 at 12:07:30PM +0200, Simon Vallet via RT wrote:
> Hi,
>
> On 10/22/07, Andy Polyakov via RT <[EMAIL PROTECTED]> wrote:
>
> > > avc: denied { execmod } for pid=1875 comm="ntpdate" \
> > > path="/usr/lib/i686/cmov/libcrypto.so.0.9.8" dev=sda8 ino=325290 \
> > > scont
since openssl release 0.9.8f the test suite of ipsec-tools test suite
fails in the Diffi-Hellman test which uses the openssl DH API.
The calculated shared secret does not match.
The problem appears only with some primes from the modular
exponential (modp) exponentional groups as specified in RF
Hi,
On 10/22/07, Andy Polyakov via RT <[EMAIL PROTECTED]> wrote:
> > avc: denied { execmod } for pid=1875 comm="ntpdate" \
> > path="/usr/lib/i686/cmov/libcrypto.so.0.9.8" dev=sda8 ino=325290 \
> > scontext=system_u:system_r:initrc_t:s0 \
> > tcontext=system_u:object_r:lib_t:s0 tcl
Hi,
since openssl release 0.9.8f the test suite of ipsec-tools test suite
fails in the Diffi-Hellman test which uses the openssl DH API.
The calculated shared secret does not match.
The problem appears only with some primes from the modular
exponential (modp) exponentional groups as specified in
> it appears the optimized versions of libcrypto.so.0.9.8 still contain
> text relocations -- this makes selinux complain about 'execmod'
> permissions:
>
> avc: denied { execmod } for pid=1875 comm="ntpdate" \
> path="/usr/lib/i686/cmov/libcrypto.so.0.9.8" dev=sda8 ino=325290 \
> scon
You're correct, it seems to be a compiler optimization issue. Forcing the
openssl build to use -O1 instead of -O3 (-O2 also fails) resolves the issue.
This does not appear to be a problem with the same version of the compiler
on another 64-bit platform, Linux x86_64, so at first blush it appears t
Hi,
it appears the optimized versions of libcrypto.so.0.9.8 still contain
text relocations -- this makes selinux complain about 'execmod'
permissions:
avc: denied { execmod } for pid=1875 comm="ntpdate" \
path="/usr/lib/i686/cmov/libcrypto.so.0.9.8" dev=sda8 ino=325290 \
scontext=syst
11 matches
Mail list logo
