[openssl-users] Illegal Instruction on AMD with avx without XOP

Hello, I am running on openssl 1.0.2 and I am getting an "Illegal Instruction" when attempting to download a certain file with wget. It also occurs with curl. I have disassembled the code around the bug, and it appears that I am reaching this line: https://github.com/openssl/openssl/blob/master/cry

Re: [openssl-users] 1.0.1 upgrade issue

I'm using gcc 4.3.3 for what it's worth. Jay On 2/18/2015 12:53 PM, Mike Collins wrote: Thanks Jay. My build script is doing the same. Not sure where to go next except to update libc to a newer version. Due to the toolchain (not created by me) it may be a major undertaking. Mike From: Jay F

Re: [openssl-users] 1.0.1 upgrade issue

Is there a chance you can interrupt and get a backtrace to see where it’s hanging? -- Principal Security Engineer, Akamai Technologies IM: rs...@jabber.me Twitter: RichSalz From: Mike Collins [mailto:mikec1...@gmail.com] Sent: Wednesday, February 18, 2015 3:54 PM To: open

Re: [openssl-users] 1.0.1 upgrade issue

Thanks Jay. My build script is doing the same. Not sure where to go next except to update libc to a newer version. Due to the toolchain (not created by me) it may be a major undertaking. Mike From: Jay Foster To: openssl-users@openssl.org Cc: Date: Wed, 18 Feb 2015 10:30:40 -0800 Subject: Re:

[openssl-users] genpkey usage for openssl-1.0.1k on openSUSE-13.2

I noticed that openssl(1) says that various things have been superseded by genpkey, so I tried changing my scripts to use it. It works fine for RSA, but the man page is not very helpful on EC. I tried openssl genpkey -out key.new -algorithm EC -pkeyopt ec_paramgen_curve:secp384r1 and got

Re: [openssl-users] 1.0.1 upgrade issue

I'm building against libc6 (glibc 2.9) and kernel 3.2.6. Are you skipping the 'make depend' step? My build script does, './Configure ', 'make depend', 'make'. Jay On 2/18/2015 8:03 AM, Mike Collins wrote: Thanks for the suggestions Jay but am still not having much luck. Does 1.0.1 have any

Re: [openssl-users] 1.0.1 upgrade issue

Thanks for the suggestions Jay but am still not having much luck. Does 1.0.1 have any minimum requirements for the libc version or kernel version? I am currently building against libc version 2.5 with the kernel at 2.6.30. Mike -- Forwarded message -- From: Jay Foster To: openss

[openssl-users] Meaning of OCSP_NOEXPLICIT for OCSP_basic_verify()

Hi, I have a question about the behavior of OCSP_basic_verify() and the meaning of the OCSP_NOEXPLICIT flag. The OCSP_basic_verify() function is the only place where this flag has an effect in the whole OpenSSL source, and in the "openssl ocsp" application it can be set with the "-no_explicit

Re: [openssl-users] How to retrieve the commonName / Alt-Name (DNS-Name) from a .crt file

On Tue Feb 17 2015 at 9:23:36 PM Jeffrey Walton wrote: > > X509* crt = /* how to get my X509 out of the SSL_CTX */ > > X509* cert = SSL_get_peer_certificate(ssl); > if(cert) { X509_free(cert); } > > Its reference counted, so be sure to free it. > Thanks for the notice. Cheers, Christia