Looks like the crash is in SHA-512 this time, not SHA-1. There's a separate perl script to generate that assembly code. Try the 1.0.1 version of sha512-sparcv9.pl. The output from your rand command is valid. You can use the -base64 option if you want something more readable. On 04/15/2015 11:13 AM, John Unsworth wrote: > > That seems to have fixed the crash. > > > > -bash-3.00$ ./openssl rand 64 > > z??M??Ov??@?t????E?^?Q!?\?b_??Y???iT-&n?????B+?9kx??%hR?z-bash-3.00$ > > > > Not sure about the output though. > > > > However negotiation causes a core: > > > > -bash-3.00$ ./openssl s_client -connect eos.es.cpth.ie:4250 > > CONNECTED(00000004) > > depth=0 CN = jusworth-lt4.eu.cp.net > > verify error:num=20:unable to get local issuer certificate > > verify return:1 > > depth=0 CN = jusworth-lt4.eu.cp.net > > verify error:num=21:unable to verify the first certificate > > verify return:1 > > Segmentation Fault (core dumped) > > -bash-3.00$ pstack core > > core 'core' of 12587: ./openssl s_client -connect eos.es.cpth.ie:4250 > > 000ed408 sha512_block_data_order (30e538, 30c050, 71a, 30e588, 30c050, > 64f98fa7) + 8 > > 0009fb30 ssl3_digest_cached_records (2f8ae0, 6, 2f8ea0, 14, 100, > 2f8ea0) + 1cc > > 000980ec ssl3_get_certificate_request (2f8ae0, 2f8ea0, 2f8ea0, 10, > a42e0, 2f8ae0) + 90 > > 00093ad8 ssl3_connect (2f8ae0, 0, 1180, 1000, 1130, ffffffff) + 6c0 > > 000aa2b8 ssl23_get_server_hello (2f8ae0, 16, 3, 3, 2f8ea0, 301638) + 648 > > 000a9198 ssl23_connect (2f8ae0, 0, 3000, 2b4d64, 2b3d78, 1) + 588 > > 000aa60c ssl23_write (2f8ae0, 2f0270, 0, 3000, ff247c94, a8c10) + 4c > > 0004ee64 s_client_main (0, 0, 1, 2b4d64, 2f8ae0, 2f4280) + 7374 > > 0001328c do_cmd (2eb3c8, 3, ffbffad0, 2b4638, 13e64, 2b3d78) + b8 > > 00012f08 main (4, ffbffacc, 2eb3c8, 29fc00, 2b3d78, 2b49dc) + 3a4 > > 00012a08 _start (0, 0, 0, 0, 0, 2b3d78) + 108 > > > > Regards, > > John > > > > *From:*openssl-users [mailto:openssl-users-bounces at openssl.org] *On > Behalf Of *John Foley > *Sent:* 15 April 2015 15:10 > *To:* openssl-users at openssl.org > *Subject:* Re: [openssl-users] OpenSSL 1.0.2 Solaris 32 bit build is > broken > > > > How about the ./openssl sha1 command? Does that bomb too? > > It might be interesting to copy crypto/sha/asm/sha1-sparcv9.pl from > the 1.0.1 source into the 1.0.2 source. Then clean, configure, > compile and try again. There were changes to this file between 1.0.1 > and 1.0.2. Perhaps a bug was introduced. I'm assuming this script > generates the SHA source for your target platform. > > > On 04/15/2015 09:56 AM, John Unsworth wrote: > > core 'core' of 24243: ./openssl rand 64 > > 000e9ce8 sha1_block_data_order (2ec298, 2ec2f4, 4, ffbfe018, > ffbfe01c, 44) + 8 > > 00226160 ssleay_rand_add (ffbfe114, 1, 20, ffbfdfec, 0, 14) + 530 > > 00227048 RAND_poll (4, ffbfe100, ffbfe120, ffbfe120, 2c0650, > 2c0644) + 38c > > 00226c00 ssleay_rand_status (c734, 0, 2b9f7c, 2c05cc, 2a0e70, > 13000) + 138 > > 00065eb4 app_RAND_load_file (ffbfe418, 2d5238, 0, 2800, 0, 1) + 88 > > 00077cb8 rand_main (0, 0, ff242b30, 0, 0, 0) + 4b8 > > 0001328c do_cmd (2eb4e8, 2, ffbffae0, 2b4728, 13e64, 2b3e98) + b8 > > 00012f08 main (3, ffbffadc, 2eb4e8, 2a0000, 2b3e98, 2b4afc) + 3a4 > > 00012a08 _start (0, 0, 0, 0, 0, 2b3e98) + 108 > > > > Regards, > > John. > > > > *From:*openssl-users [mailto:openssl-users-bounces at openssl.org] > *On Behalf Of *John Foley > *Sent:* 15 April 2015 13:31 > *To:* openssl-users at openssl.org <mailto:openssl-users at openssl.org> > *Subject:* Re: [openssl-users] OpenSSL 1.0.2 Solaris 32 bit build > is broken > > > > Do you see the same stack trace when simply using the random > number generator: > > ./openssl rand 64 > > What if you simply use SHA1: > > ./openssl sha1 <somefile> > > > > On 04/14/2015 12:17 PM, John Unsworth wrote: > > Is no-one interested at all about this problem? Or do I need > to send it to another place? > > > > Regards, > > John. > > > > *From:*openssl-users > [mailto:openssl-users-bounces at openssl.org] *On Behalf Of *John > Unsworth > *Sent:* 10 April 2015 14:54 > *To:* openssl-users at openssl.org <mailto:openssl-users at openssl.org> > *Subject:* Re: [openssl-users] OpenSSL 1.0.2 Solaris 32 bit > build is broken > > > > I have compiled 1.0.1m in the same way and that works fine > using asm. > > > > John. > > > > *From:*openssl-users > [mailto:openssl-users-bounces at openssl.org] *On Behalf Of *John > Unsworth > *Sent:* 10 April 2015 12:21 > *To:* openssl-users at openssl.org <mailto:openssl-users at openssl.org> > *Subject:* [openssl-users] OpenSSL 1.0.2 Solaris 32 bit build > is broken > > > > I have an application that runs quite happily using OpenSSL > 1.0.1h on Solaris 32 bit. I want to upgrade but both 1.0.2 and > 1.0.2a cause problems. > > > > 1 When building 1.0.2 using > > > > ./Configure solaris-sparcv9-cc no-shared -m32 -xcode=pic32 > -xldscope=hidden > > > > openssl s_client crashes on start: > > > > -bash-3.00$ ./openssl s_client -connect eos.es.cpth.ie:4250 > > Segmentation Fault (core dumped) > > -bash-3.00$ pstack core > > core 'core' of 468: ./openssl s_client -connect > eos.es.cpth.ie:4250 > > 000e9ce8 sha1_block_data_order (2ed490, 2ed4ec, 4, ffbfebc0, > ffbfebc4, 44) + 8 > > 00226140 ssleay_rand_add (ffbfecbc, 1, 20, ffbfeb94, 0, 14) + 530 > > 00227028 RAND_poll (4, ffbfeca8, ffbfecc8, ffbfecc8, 2c0630, > 2c0624) + 38c > > 00226be0 ssleay_rand_status (c734, 0, 2b9f5c, 2c05ac, 2a0e50, > 13000) + 138 > > 00065eb4 app_RAND_load_file (ffbfefc0, 2d5218, 1, 2800, 0, 1) + 88 > > 0004d784 s_client_main (0, c00, 0, c00, 2b4adc, 2f4380) + 5c94 > > 0001328c do_cmd (2eb4c8, 3, ffbffa88, 2b4738, 13e64, 2b3e78) > + b8 > > 00012f08 main (4, ffbffa84, 2eb4c8, 2a0000, 2b3e78, > 2b4adc) + 3a4 > > 00012a08 _start (0, 0, 0, 0, 0, 2b3e78) + 108 > > > > 2 So I then rebuilt adding no-asm flag. It manages to connect > but negotiation fails with an error: > > > > 4280581268:error:140943FC:SSL routines:ssl3_read_bytes:sslv3 > alert bad record mac:s3_pkt.c:1456:SSL alert number 20 > > 4280581268:error:140790E5:SSL routines:ssl23_write:ssl > handshake failure:s23_lib.c:177: > > > > This is against the server that is still running 1.0.1h and > can be successfully connected with openssl built with 1.0.1h. > > > > Note that the 64 bit build seems to work perfectly. > Unfortunately for historical reasons we need to use the 32 bit > version. > > > > The 32 bit builds that we use on Windows and Linux also work > perfectly. Is it something to do with byte order? > > > > Regards, > > John. > > > > > > > > > > _______________________________________________ > > openssl-users mailing list > > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > > > > > > > _______________________________________________ > > openssl-users mailing list > > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > > > > > > _______________________________________________ > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150415/60830245/attachment-0001.html>
