Re: Apache client certificate authentication
You are right. Looks ubuntu packages didn't get that update up to now. Thanks, Nuno 2010/3/20 Peter Sylvester : > > Wasn't there a pb with a great number of CA names? There are 16K already? > The pb was in apache ad some of my three neurons seem to agree. > > https://issues.apache.org/bugzilla/show_bug.cgi?id=46952 > > /PS > __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Apache client certificate authentication
Wasn't there a pb with a great number of CA names? There are 16K already? The pb was in apache ad some of my three neurons seem to agree. https://issues.apache.org/bugzilla/show_bug.cgi?id=46952 /PS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Apache client certificate authentication
Very sory. I was getting the following error: The following message to was undeliverable. The reason for the problem: 5.1.0 - Unknown address error 550-'5.7.1 Message rejected due to content restrictions' Final-Recipient: rfc822;frank.heis...@messagingstrategy.com Action: failed Status: 5.0.0 (permanent failure) Remote-MTA: dns; [10.11.25.21] Diagnostic-Code: smtp; 5.1.0 - Unknown address error 550-'5.7.1 Message rejected due to content restrictions' (delivery attempts: 0) -- While I now see that It was not a list error, and probably only a subscriber e-mail server replying to me, I believed that it was indeed from the list. Probably this person server is sending error messages to the "from" and not "reply-to", and I tough that the strange e-mail would be from some web filter proxy. This is why in the later message I removed the http:// links. To see if the list had that blocked due to spam. I apologize for any inconvenience. Regards, Nuno On Sat, Mar 20, 2010 at 18:13, Michael S. Zick wrote: > On Sat March 20 2010, Nuno Gonçalves wrote: >> I'm trying to set client certificate authentication. >> It looks that I cant set even the simple demo... >> > > Look like your e-mail client isn't correct either, it > seems to be sending the same message every two hours. > > Mike >> With apache2.2 installed: >> sudo a2enmod ssl >> sudo a2ensite default-ssl >> sudo /etc/init.d/apache2 restart >> >> Browse with firefox to (https)localhost - page retrieved after >> security warning, ssl working. >> >> Then I edit default-ssl and add: >> SSLCACertificatePath /etc/ssl/certs/ >> SSLVerifyClient require >> >> I now browse again to the address. >> As I don't have any certificate for the roots I have >> installed(defaults) I would expect the browser to display a error >> message. Actually it just hangs. >> Also a .net client application that I created can't display the >> "acceptable issuers" list. Empty. >> >> n...@ground2:/etc/ssl/certs$ openssl s_client -host localhost -port 443 >> -debug >> CONNECTED(0003) >> write to 0x1acf790 [0x1ad0e60] (118 bytes => 118 (0x76)) >> - 80 74 01 03 01 00 4b 00-00 00 20 00 00 39 00 00 .tK... ..9.. >> 0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0 8..5 >> 0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 05 00 ..3..2../... >> 0030 - 00 04 01 00 80 00 00 15-00 00 12 00 00 09 06 00 >> 0040 - 40 00 00 14 00 00 11 00-00 08 00 00 06 04 00 80 @... >> 0050 - 00 00 03 02 00 80 e8 cd-46 6c ac 68 35 93 d6 74 Fl.h5..t >> 0060 - fb e8 80 20 3f 35 bd 84-13 a1 7c da 22 f4 3d 39 ... ?5|.".=9 >> 0070 - b9 69 1e 2b 77 9c .i.+w. >> read from 0x1acf790 [0x1ad63c0] (7 bytes => 7 (0x7)) >> - 16 03 01 00 4a 02 J. >> 0007 - >> read from 0x1acf790 [0x1ad63c7] (72 bytes => 72 (0x48)) >> - 00 46 03 01 4b a4 1a 68-ea 82 78 13 40 b9 bd 53 .f..k..h@..s >> 0010 - f4 5c 3f c8 e2 aa 88 60-57 d7 7e 38 ce 82 c5 51 .\?`W.~8...Q >> 0020 - a1 70 90 d0 20 79 67 a2-48 a9 9c 09 e5 47 85 e7 .p.. yg.HG.. >> 0030 - f6 b3 8d 88 7a 5a 62 39-83 f9 14 40 20 a1 66 ac zZb9...@ .f. >> 0040 - a1 a5 2d 5a f8 00 39 ..-Z..9 >> 0048 - >> read from 0x1acf790 [0x1ad63c0] (5 bytes => 5 (0x5)) >> - 16 03 01 01 a9 . >> read from 0x1acf790 [0x1ad63c5] (425 bytes => 425 (0x1A9)) >> - 0b 00 01 a5 00 01 a2 00-01 9f 30 82 01 9b 30 82 ..0...0. >> 0010 - 01 04 02 09 00 c3 8d a4-df 92 38 53 ba 30 0d 06 ..8S.0.. >> 0020 - 09 2a 86 48 86 f7 0d 01-01 05 05 00 30 12 31 10 .*.H0.1. >> 0030 - 30 0e 06 03 55 04 03 13-07 67 72 6f 75 6e 64 32 0...Uground2 >> 0040 - 30 1e 17 0d 31 30 30 33-32 30 30 30 31 39 35 30 0...100320001950 >> 0050 - 5a 17 0d 32 30 30 33 31-37 30 30 31 39 35 30 5a Z..200317001950Z >> 0060 - 30 12 31 10 30 0e 06 03-55 04 03 13 07 67 72 6f 0.1.0...Ugro >> 0070 - 75 6e 64 32 30 81 9f 30-0d 06 09 2a 86 48 86 f7 und20..0...*.H.. >> 0080 - 0d 01 01 01 05 00 03 81-8d 00 30 81 89 02 81 81 ..0. >> 0090 - 00 e3 62 43 c7 97 30 f7-15 81 90 50 ea 21 66 21 ..bC..0P.!f! >> 00a0 - 04 4d 2c 29 aa b7 da 7c-fd 4b 35 ca 7f f7 16 ca .M,)...|.K5. >> 00b0 - 98 d7 66 20 ff c4 66 43-88 9f ab 1d 2f a5 c7 b9 ..f ..fC/... >> 00c0 - c6 cb ee 06 ab 92 50 d9-ef 5c e0 ee 77 f1 12 a3 ..P..\..w... >> 00d0 - 41 d0 33 c6 e6 7a 06 12-01 7c cb 50 89 51 0d 01 A.3..z...|.P.Q.. >> 00e0 - 21 0c 3e 02 c3 74 d0 30-46 bd 2d 67 f2 8d 41 34 !.>..t.0F.-g..A4 >> 00f0 - 9c b2 15 99 6d d0 e0 ef-2c e9 5e 2f eb 91 8d 66 m...,.^/...f >> 0100 - be c6 76 7f 09 f5 fc e3-78 2b 9f 8d 1a 00 ff 10 ..v.x+.. >> 0110 - 49 02 03 01 00 01 30 0d-06 09 2a 86 48 86 f7 0d I.0...*.H... >> 0120 - 01 01 05 05 00 03 81 81-00 70 c5 4a 78 49 af 68 .p.JxI.h >> 0130 - 6e 6f c4 a6 bc 6b 07 62-a6 ad 82
Re: Apache client certificate authentication
On Sat, Mar 20, 2010, Graham Leggett wrote: > On 2010/03/20 6:55 PM, Nuno Gonçalves wrote: > >> Questions: >> Is normal that firefox hangs when it doesn't have a valid certificate >> to provide? >> Openssl output looks OK?(or the error in the end is a exception?) > > I am not 100% sure of the details, but I do recall a hang being a symptom > of using a client or a server that did not have the TLS renegotiation bug > fixed along with a server or client that did. > The only known case is an OpenSSL client without secure renegotiation support (i.e. earlier than 0.9.8m) attempting to renegotiate with a server which does support renegotiation. If the server initiates renegotiation you don't get a a hang. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Apache client certificate authentication
On Sat March 20 2010, Nuno Gonçalves wrote:
> I'm trying to set client certificate authentication.
> It looks that I cant set even the simple demo...
>
Look like your e-mail client isn't correct either, it
seems to be sending the same message every two hours.
Mike
> With apache2.2 installed:
> sudo a2enmod ssl
> sudo a2ensite default-ssl
> sudo /etc/init.d/apache2 restart
>
> Browse with firefox to (https)localhost - page retrieved after
> security warning, ssl working.
>
> Then I edit default-ssl and add:
> SSLCACertificatePath /etc/ssl/certs/
> SSLVerifyClient require
>
> I now browse again to the address.
> As I don't have any certificate for the roots I have
> installed(defaults) I would expect the browser to display a error
> message. Actually it just hangs.
> Also a .net client application that I created can't display the
> "acceptable issuers" list. Empty.
>
> n...@ground2:/etc/ssl/certs$ openssl s_client -host localhost -port 443 -debug
> CONNECTED(0003)
> write to 0x1acf790 [0x1ad0e60] (118 bytes => 118 (0x76))
> - 80 74 01 03 01 00 4b 00-00 00 20 00 00 39 00 00 .tK... ..9..
> 0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0 8..5
> 0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 05 00 ..3..2../...
> 0030 - 00 04 01 00 80 00 00 15-00 00 12 00 00 09 06 00
> 0040 - 40 00 00 14 00 00 11 00-00 08 00 00 06 04 00 80 @...
> 0050 - 00 00 03 02 00 80 e8 cd-46 6c ac 68 35 93 d6 74 Fl.h5..t
> 0060 - fb e8 80 20 3f 35 bd 84-13 a1 7c da 22 f4 3d 39 ... ?5|.".=9
> 0070 - b9 69 1e 2b 77 9c .i.+w.
> read from 0x1acf790 [0x1ad63c0] (7 bytes => 7 (0x7))
> - 16 03 01 00 4a 02 J.
> 0007 -
> read from 0x1acf790 [0x1ad63c7] (72 bytes => 72 (0x48))
> - 00 46 03 01 4b a4 1a 68-ea 82 78 13 40 b9 bd 53 .f..k..h@..s
> 0010 - f4 5c 3f c8 e2 aa 88 60-57 d7 7e 38 ce 82 c5 51 .\?`W.~8...Q
> 0020 - a1 70 90 d0 20 79 67 a2-48 a9 9c 09 e5 47 85 e7 .p.. yg.HG..
> 0030 - f6 b3 8d 88 7a 5a 62 39-83 f9 14 40 20 a1 66 ac zZb9...@ .f.
> 0040 - a1 a5 2d 5a f8 00 39 ..-Z..9
> 0048 -
> read from 0x1acf790 [0x1ad63c0] (5 bytes => 5 (0x5))
> - 16 03 01 01 a9 .
> read from 0x1acf790 [0x1ad63c5] (425 bytes => 425 (0x1A9))
> - 0b 00 01 a5 00 01 a2 00-01 9f 30 82 01 9b 30 82 ..0...0.
> 0010 - 01 04 02 09 00 c3 8d a4-df 92 38 53 ba 30 0d 06 ..8S.0..
> 0020 - 09 2a 86 48 86 f7 0d 01-01 05 05 00 30 12 31 10 .*.H0.1.
> 0030 - 30 0e 06 03 55 04 03 13-07 67 72 6f 75 6e 64 32 0...Uground2
> 0040 - 30 1e 17 0d 31 30 30 33-32 30 30 30 31 39 35 30 0...100320001950
> 0050 - 5a 17 0d 32 30 30 33 31-37 30 30 31 39 35 30 5a Z..200317001950Z
> 0060 - 30 12 31 10 30 0e 06 03-55 04 03 13 07 67 72 6f 0.1.0...Ugro
> 0070 - 75 6e 64 32 30 81 9f 30-0d 06 09 2a 86 48 86 f7 und20..0...*.H..
> 0080 - 0d 01 01 01 05 00 03 81-8d 00 30 81 89 02 81 81 ..0.
> 0090 - 00 e3 62 43 c7 97 30 f7-15 81 90 50 ea 21 66 21 ..bC..0P.!f!
> 00a0 - 04 4d 2c 29 aa b7 da 7c-fd 4b 35 ca 7f f7 16 ca .M,)...|.K5.
> 00b0 - 98 d7 66 20 ff c4 66 43-88 9f ab 1d 2f a5 c7 b9 ..f ..fC/...
> 00c0 - c6 cb ee 06 ab 92 50 d9-ef 5c e0 ee 77 f1 12 a3 ..P..\..w...
> 00d0 - 41 d0 33 c6 e6 7a 06 12-01 7c cb 50 89 51 0d 01 A.3..z...|.P.Q..
> 00e0 - 21 0c 3e 02 c3 74 d0 30-46 bd 2d 67 f2 8d 41 34 !.>..t.0F.-g..A4
> 00f0 - 9c b2 15 99 6d d0 e0 ef-2c e9 5e 2f eb 91 8d 66 m...,.^/...f
> 0100 - be c6 76 7f 09 f5 fc e3-78 2b 9f 8d 1a 00 ff 10 ..v.x+..
> 0110 - 49 02 03 01 00 01 30 0d-06 09 2a 86 48 86 f7 0d I.0...*.H...
> 0120 - 01 01 05 05 00 03 81 81-00 70 c5 4a 78 49 af 68 .p.JxI.h
> 0130 - 6e 6f c4 a6 bc 6b 07 62-a6 ad 82 9f b4 f3 6e 1e no...k.b..n.
> 0140 - 81 b3 d5 bf 71 30 71 94-28 cd d6 95 b5 de 62 b4 q0q.(.b.
> 0150 - 13 34 fa 54 ae f5 0c 1c-1b 0e 71 29 4c 1e e9 8f .4.T..q)L...
> 0160 - 10 f9 f9 f1 d5 f4 6e 91-7f ae e8 89 86 17 cc 88 ..n.
> 0170 - 5b 11 1f d7 2c 67 0b 3b-ea de a6 0b 13 73 5e 9c [...,g.;.s^.
> 0180 - 42 3b 9f 4e 6b 6d 26 29-e5 2a 7b 25 ee 39 50 e6 B;.Nkm&).*{%.9P.
> 0190 - 6c 85 57 d3 c8 26 47 7c-bf ea 3d af be 7a 42 a1 l.W..&G|..=..zB.
> 01a0 - 97 ff 6e 4c 4e d2 83 c7-a8 ..nLN
> depth=0 /CN=ground2
> verify error:num=18:self signed certificate
> verify return:1
> depth=0 /CN=ground2
> verify return:1
> read from 0x1acf790 [0x1ad63c0] (5 bytes => 5 (0x5))
> - 16 03 01 01 8d .
> read from 0x1acf790 [0x1ad63c5] (397 bytes => 397 (0x18D))
> - 0c 00 01 89 00 80 d6 7d-e4 40 cb bb dc 19 36 d6 .@6.
> 0010 - 93 d3 4a fd 0a d5 0c 84-d2 39 a4 5f 52 0b b8 81 ..J..9._R...
> 0020 - 74 cb 98 bc e9 51 84 9f-91 2e 63 9c 72 fb 13 b4 tQc.r...
> 0030 - b4 d7 17 7e 16
Re: Apache client certificate authentication
On 2010/03/20 6:55 PM, Nuno Gonçalves wrote: Questions: Is normal that firefox hangs when it doesn't have a valid certificate to provide? Openssl output looks OK?(or the error in the end is a exception?) I am not 100% sure of the details, but I do recall a hang being a symptom of using a client or a server that did not have the TLS renegotiation bug fixed along with a server or client that did. First, check you are using the latest version of openssl, the latest version of the webserver, and the latest version of Firefox. Regards, Graham -- __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Memory handling and BIO_*
Hi there, I am struggling with the BIO_* API to understand how I can control the memory. I found a nice function for read-only memory: BIO *data = BIO_new_mem_buf((void*)array, len); but I do not understand how to control output memory (I need to write to a C++ std::stringstream). So what I am doing is memory duplication for now: std::stringstream ss; char *binary; long biolen = BIO_get_mem_data(bio_buffer,&binary); ss.str( std::string(binary, biolen) ); Has anyone found a way to pass from a BIO_* to a std::stringstream for write operation ? Thanks, -- Mathieu __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Apache client certificate authentication
I'm trying to set client certificate authentication.
It looks that I cant set even the simple demo...
With apache2.2 installed:
sudo a2enmod ssl
sudo a2ensite default-ssl
sudo /etc/init.d/apache2 restart
Browse with firefox to (https)localhost - page retrieved after
security warning, ssl working.
Then I edit default-ssl and add:
SSLCACertificatePath /etc/ssl/certs/
SSLVerifyClient require
I now browse again to the address.
As I don't have any certificate for the roots I have
installed(defaults) I would expect the browser to display a error
message. Actually it just hangs.
Also a .net client application that I created can't display the
"acceptable issuers" list. Empty.
n...@ground2:/etc/ssl/certs$ openssl s_client -host localhost -port 443 -debug
CONNECTED(0003)
write to 0x1acf790 [0x1ad0e60] (118 bytes => 118 (0x76))
- 80 74 01 03 01 00 4b 00-00 00 20 00 00 39 00 00 .tK... ..9..
0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0 8..5
0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 05 00 ..3..2../...
0030 - 00 04 01 00 80 00 00 15-00 00 12 00 00 09 06 00
0040 - 40 00 00 14 00 00 11 00-00 08 00 00 06 04 00 80 @...
0050 - 00 00 03 02 00 80 e8 cd-46 6c ac 68 35 93 d6 74 Fl.h5..t
0060 - fb e8 80 20 3f 35 bd 84-13 a1 7c da 22 f4 3d 39 ... ?5|.".=9
0070 - b9 69 1e 2b 77 9c .i.+w.
read from 0x1acf790 [0x1ad63c0] (7 bytes => 7 (0x7))
- 16 03 01 00 4a 02 J.
0007 -
read from 0x1acf790 [0x1ad63c7] (72 bytes => 72 (0x48))
- 00 46 03 01 4b a4 1a 68-ea 82 78 13 40 b9 bd 53 .f..k..h@..s
0010 - f4 5c 3f c8 e2 aa 88 60-57 d7 7e 38 ce 82 c5 51 .\?`W.~8...Q
0020 - a1 70 90 d0 20 79 67 a2-48 a9 9c 09 e5 47 85 e7 .p.. yg.HG..
0030 - f6 b3 8d 88 7a 5a 62 39-83 f9 14 40 20 a1 66 ac zZb9...@ .f.
0040 - a1 a5 2d 5a f8 00 39 ..-Z..9
0048 -
read from 0x1acf790 [0x1ad63c0] (5 bytes => 5 (0x5))
- 16 03 01 01 a9 .
read from 0x1acf790 [0x1ad63c5] (425 bytes => 425 (0x1A9))
- 0b 00 01 a5 00 01 a2 00-01 9f 30 82 01 9b 30 82 ..0...0.
0010 - 01 04 02 09 00 c3 8d a4-df 92 38 53 ba 30 0d 06 ..8S.0..
0020 - 09 2a 86 48 86 f7 0d 01-01 05 05 00 30 12 31 10 .*.H0.1.
0030 - 30 0e 06 03 55 04 03 13-07 67 72 6f 75 6e 64 32 0...Uground2
0040 - 30 1e 17 0d 31 30 30 33-32 30 30 30 31 39 35 30 0...100320001950
0050 - 5a 17 0d 32 30 30 33 31-37 30 30 31 39 35 30 5a Z..200317001950Z
0060 - 30 12 31 10 30 0e 06 03-55 04 03 13 07 67 72 6f 0.1.0...Ugro
0070 - 75 6e 64 32 30 81 9f 30-0d 06 09 2a 86 48 86 f7 und20..0...*.H..
0080 - 0d 01 01 01 05 00 03 81-8d 00 30 81 89 02 81 81 ..0.
0090 - 00 e3 62 43 c7 97 30 f7-15 81 90 50 ea 21 66 21 ..bC..0P.!f!
00a0 - 04 4d 2c 29 aa b7 da 7c-fd 4b 35 ca 7f f7 16 ca .M,)...|.K5.
00b0 - 98 d7 66 20 ff c4 66 43-88 9f ab 1d 2f a5 c7 b9 ..f ..fC/...
00c0 - c6 cb ee 06 ab 92 50 d9-ef 5c e0 ee 77 f1 12 a3 ..P..\..w...
00d0 - 41 d0 33 c6 e6 7a 06 12-01 7c cb 50 89 51 0d 01 A.3..z...|.P.Q..
00e0 - 21 0c 3e 02 c3 74 d0 30-46 bd 2d 67 f2 8d 41 34 !.>..t.0F.-g..A4
00f0 - 9c b2 15 99 6d d0 e0 ef-2c e9 5e 2f eb 91 8d 66 m...,.^/...f
0100 - be c6 76 7f 09 f5 fc e3-78 2b 9f 8d 1a 00 ff 10 ..v.x+..
0110 - 49 02 03 01 00 01 30 0d-06 09 2a 86 48 86 f7 0d I.0...*.H...
0120 - 01 01 05 05 00 03 81 81-00 70 c5 4a 78 49 af 68 .p.JxI.h
0130 - 6e 6f c4 a6 bc 6b 07 62-a6 ad 82 9f b4 f3 6e 1e no...k.b..n.
0140 - 81 b3 d5 bf 71 30 71 94-28 cd d6 95 b5 de 62 b4 q0q.(.b.
0150 - 13 34 fa 54 ae f5 0c 1c-1b 0e 71 29 4c 1e e9 8f .4.T..q)L...
0160 - 10 f9 f9 f1 d5 f4 6e 91-7f ae e8 89 86 17 cc 88 ..n.
0170 - 5b 11 1f d7 2c 67 0b 3b-ea de a6 0b 13 73 5e 9c [...,g.;.s^.
0180 - 42 3b 9f 4e 6b 6d 26 29-e5 2a 7b 25 ee 39 50 e6 B;.Nkm&).*{%.9P.
0190 - 6c 85 57 d3 c8 26 47 7c-bf ea 3d af be 7a 42 a1 l.W..&G|..=..zB.
01a0 - 97 ff 6e 4c 4e d2 83 c7-a8 ..nLN
depth=0 /CN=ground2
verify error:num=18:self signed certificate
verify return:1
depth=0 /CN=ground2
verify return:1
read from 0x1acf790 [0x1ad63c0] (5 bytes => 5 (0x5))
- 16 03 01 01 8d .
read from 0x1acf790 [0x1ad63c5] (397 bytes => 397 (0x18D))
- 0c 00 01 89 00 80 d6 7d-e4 40 cb bb dc 19 36 d6 .@6.
0010 - 93 d3 4a fd 0a d5 0c 84-d2 39 a4 5f 52 0b b8 81 ..J..9._R...
0020 - 74 cb 98 bc e9 51 84 9f-91 2e 63 9c 72 fb 13 b4 tQc.r...
0030 - b4 d7 17 7e 16 d5 5a c1-79 ba 42 0b 2a 29 fe 32 ...~..Z.y.B.*).2
0040 - 4a 46 7a 63 5e 81 ff 59-01 37 7b ed dc fd 33 16 JFzc^..Y.7{...3.
0050 - 8a 46 1a ad 3b 72 da e8-86 00 78 04 5b 07 a7 db .F..;rx.[...
0060 - ca 78 74 08 7d 15 10 ea-9f cc 9d dd 33 05 07 dd .xt.}...3...
0070 - 62 db 88 ae aa 74 7d e0-f4 d6 e2 bd 68 b0 e7 39
Problem in using openssl in PC
Hi, I am using openssl in QT4.I copy libeay32.dll,ssleay32.dll along with my application.In some machine its work fine.While in some other PC i get error ssl not supported Please help as only ssl creating problem. Its urgent Thanks in advanced __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Openssl-0.9.8m On Darwin
Folks, I can't get the latest version of openssl to build on Darwin. I *think* the assembler is confused by the quotes in comments. I did this: ./Configure darwin-ppc-cc make The build fails thus: ... cc -I.. -I../.. -I../../include -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch ppc -O3 -DB_ENDIAN -c -o osx_ppc32.o osx_ppc32.s osx_ppc32.s:132: unterminated character constant osx_ppc32.s:1481: unterminated character constant osx_ppc32.s:1482: unterminated character constant osx_ppc32.s:1743: unterminated character constant make[2]: *** [osx_ppc32.o] Error 1 make[1]: *** [subdirs] Error 1 make: *** [build_crypto] Error 1 -Nigel __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
