Wow!
I was unattentive :(
The leading minus before enable-weak-ssl-ciphers was the problem. Many
thanks Satyam!
On Mon, Oct 26, 2020 at 8:41 PM Satyam Mehrotra wrote:
> I think i have resolved it . if you use the following option and then do a
> make , the openssl binary don't crash
>
>
Hello,
I noticed that although the docs generally refer to the capi engine as
"builtin", it doesn't appear to be linked statically with openssl, and is
actually being loaded by the dynamic engine mechanism. I believe this is
because the OPENSSL_NO_STATIC_ENGINE flag is being set by Configure. The
Dear Satyam,
It looks like a compiler bug for me.
When configured via ./config -ggdb -O0 -enable-weak-ssl-ciphers, I get the
code working. The same happens when -O1 is in use.
When I either omit optimization (which implies -O3) or specify -O2, I get a
segfault.
On Mon, Oct 26, 2020 at 8:09 PM
Dear Dmitry,
The below is the process i have followed
- Downloaded the openssl-1.1.1h from the official OpenSSL site
- ./config -ggdb -enable-weak-ssl-ciphers
- make
- make install
- Execute openSSL command ( Looks like any openSSL command the binary
is
Dear Satyam,
Do I correctly understand that
- you built openssl-1.1.1h from scratch with -enable-weak-ssl-ciphers
- installed it
-run some command? Which one(s)? Initially, you were speaking about
'ciphers', but the stack trace is from the 'ca'.
On Mon, Oct 26, 2020 at 7:26 PM Satyam Mehrotra
Segmentation fault is not seen if i don't compile* ./config with*
*-enable-weak-ssl-ciphers.*
Is it something I am missing or some more options needs to be provided to
./config ?
Thanks
Satyam
On Mon, 26 Oct 2020 at 20:21, Dmitry Belyavsky wrote:
> It has nothing to do with the ciphers
On Mon, Oct 26, 2020 at 9:35 AM Jakob Bohm wrote:
> On 2020-10-24 16:09, Brett Stahlman wrote:
> > Jakob,
> > I don't really understand why the engine *needs* to do PSS. Neither of
> > the badssl certificates seem to use it for signatures. (I'm assuming the
> > fact that a cert was signed with
It has nothing to do with the ciphers command...
On Mon, Oct 26, 2020 at 5:18 PM Satyam Mehrotra wrote:
> Dear Dmitry,
>
> >>Are the /usr/local/lib64/libssl.so.1.1 and
> /usr/local/lib64/libcrypto.so.1.1 the same libraries that were built by you?
> Yes, they are same
>
> gdb openssl core.50178
Dear Dmitry,
>>Are the /usr/local/lib64/libssl.so.1.1 and
/usr/local/lib64/libcrypto.so.1.1 the same libraries that were built by you?
Yes, they are same
gdb openssl core.50178
GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-119.el7
Copyright (C) 2013 Free Software Foundation, Inc.
License
Are the /usr/local/lib64/libssl.so.1.1 and
/usr/local/lib64/libcrypto.so.1.1 the same libraries that were built by you?
If yes, you should try running via gdb to get a backtrace.
On Mon, Oct 26, 2020 at 4:54 PM Satyam Mehrotra wrote:
> Dear Dmitry,
>
> As suggested i have build the openssl with
Dear Dmitry,
As suggested i have build the openssl with -ggdb ( ./config -ggdb
-enable-weak-ssl-ciphers ) and after building i did make install as well.
The strace output is as below
==
*strace ./openssl*
execve("./openssl", ["./openssl"], 0x7ffc8151b3d0 /* 27
On 2020-10-24 16:09, Brett Stahlman wrote:
Jakob,
I don't really understand why the engine *needs* to do PSS. Neither of
the badssl certificates seem to use it for signatures. (I'm assuming the
fact that a cert was signed with RSA-PSS would show up in the Windows
certificate viewer...) If you
Dear Satyam,
First of all, I'll suggest checking whether the libcrypto/libssl are those
you've built. It can be done, e.g., via running strace.
I also suggest building openssl with -ggdb (./config -ggdb should do the
trick).
On Mon, Oct 26, 2020 at 11:34 AM Satyam Mehrotra
wrote:
> Hi Dmitry,
Hi Dmitry,
>>If you have just built the openssl, try to set the LD_LIBRARY_PATH
environment variable pointing to freshly built libcrypto/libssl
I try setting the LD_LIBRARY_PATH but it is still crashing
*which openssl*
* /usr/local/bin/openssl*
*export
If you have just built the openssl, try to set the LD_LIBRARY_PATH
environment variable pointing to freshly built libcrypto/libssl
On Mon, Oct 26, 2020 at 9:33 AM Satyam Mehrotra wrote:
> Hello,
>
> Any Suggestions on how this can be done ?
> why openssl binary is crashing if i am compiling it
Hello,
Any Suggestions on how this can be done ?
why openssl binary is crashing if i am compiling it with
*-enable-weak-ssl-ciphers
,* also what is the location of the crash file.
Thanks
Satyam
On Sun, 25 Oct 2020 at 12:57, Satyam Mehrotra wrote:
> Hello Everyone,
>
> I have just joined the
16 matches
Mail list logo