In diagnosing some OpenSSH crashes on Redhat 6.2 systems, I have
tracked a problem to a binary incompatability between Redhat's OpenSSL
packages and OpenSSL packages built by myself.
My RPM packages are pretty basic, they just do a
./Configure --prefix=/usr --openssldir=%{openssldir} linux-elf
This results in compiler options of:
"-fPIC -DTHREADS -D_REENTRANT -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer
-m486 -Wall -DSHA1_ASM -DMD5_ASM -DRMD160_ASM"
Redhat's are not that much more complicated, but they do modify the
default compiler options and turn off non-free ciphers (RC5, IDEA, etc).
The compiler options this results in are:
"-DTHREADS -D_REENTRANT -fPIC -ggdb -O2 -m486 -fno-strength-reduce -DNO_IDEA
-DNO_MDC2 -DNO_RC5 -DNO_MD2 -DL_ENDIAN -DTERMIO -O2 -m486
-fno-strength-reduce -Wall -DSHA1_ASM -DMD5_ASM -DRMD160_ASM"
I am wondering if this is enough to break structure alignment. If
so, is there any way of making OpenSSL more robust in the face of
different compiler options?
-d
--
| Damien Miller <[EMAIL PROTECTED]> \ ``E-mail attachments are the poor man's
| http://www.mindrot.org / distributed filesystem'' - Dan Geer
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
