You might want to check what strerror_r gives you, rather than strerror, since on GCC platforms that's what OpenSSL uses.
Also, OpenSSL builds its table of error strings at startup (or, for older versions, when you tell it to). It's conceivable an application's NLS settings changed between the time when OpenSSL built its table and the time
when the error occurred, which could result in different text from OpenSSL and from a strerror or strerror_r at the point of failure. From: openssl-users <openssl-users-bounces@xxxxxxxxxxx> on behalf of Jakob Bohm via openssl-users <openssl-users@xxxxxxxxxxx>
Sent: Monday, November 26, 2018 11:13:35 AM To: openssl-users@xxxxxxxxxxx Subject: Re: error message oddity On 25/11/2018 22:30, Viktor Dukhovni wrote:
>> On Nov 25, 2018, at 4:23 PM, Jeremy Harris <jgh@xxxxxxxxxxx> wrote: >> >> That isn't the package name, it is text defined in openssl/opensslv.h > That happens when "OPENSSL_FIPS" is defined: > > # define OPENSSL_VERSION_NUMBER 0x101000b0L > # ifdef OPENSSL_FIPS > # define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0k-fips-dev xx XXX xxxx" > # else > # define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0k-dev xx XXX xxxx" > # endif > > Given no FIPS for 1.1.x, perhaps that "#ifdef" should be "#if 0". With > 1.1.x the "Configure" arguments should not mention "fips". > A better solution would be to have a separate part of the 1.1.0/1.1.1 headers error out hard (with #error) if attempting to build with OPENSSL_FIPS defined. This would preserve all the FIPS-related stuff (such as the above version naming code) for when a FIPS module for 1.1.x is provided, while leaving the blocking of accidental miscompilation in a clear location having no other effects. Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users |
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users