Hi Dmitry,>>If you have just built the openssl, try to set the LD_LIBRARY_PATH environment variable pointing to freshly built libcrypto/libsslI try setting the LD_LIBRARY_PATH but it is still crashingwhich openssl
/usr/local/bin/openssl
export LD_LIBRARY_PATH=/usr/local/lib64/
ls -lhrt
total 11M
drwxr-xr-x. 2 root root 61 Oct 25 16:27 pkgconfig
-rwxr-xr-x. 1 root root 3.3M Oct 26 12:58 libcrypto.so.1.1
-rwxr-xr-x. 1 root root 726K Oct 26 12:58 libssl.so.1.1
-rw-r--r--. 1 root root 5.4M Oct 26 12:58 libcrypto.a
-rw-r--r--. 1 root root 1.1M Oct 26 12:58 libssl.a
lrwxrwxrwx. 1 root root 16 Oct 26 12:58 libcrypto.so -> libcrypto.so.1.1
lrwxrwxrwx. 1 root root 13 Oct 26 12:58 libssl.so -> libssl.so.1.1
drwxr-xr-x. 2 root root 39 Oct 26 12:58 engines-1.1
openssl ciphers -V
Segmentation fault
gdb ./openssl core.3370
GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-119.el7
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /home/openssl-1.1.1h/openssl-1.1.1h/apps/openssl...(no debugging symbols found)...done.
[New LWP 3370]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Core was generated by `openssl ciphers -V'.
Program terminated with signal 11, Segmentation fault.
#0 0x000000000041c53d in do_body.isra.3 ()
(gdb) bt
#0 0x000000000041c53d in do_body.isra.3 ()
(gdb)
Thanks
Satyam
On Mon, 26 Oct 2020 at 12:16, Dmitry Belyavsky <beldmit@xxxxxxxxx> wrote:If you have just built the openssl, try to set the LD_LIBRARY_PATH environment variable pointing to freshly built libcrypto/libsslOn Mon, Oct 26, 2020 at 9:33 AM Satyam Mehrotra <satyam226@xxxxxxxxx> wrote:Hello,Any Suggestions on how this can be done ?why openssl binary is crashing if i am compiling it with -enable-weak-ssl-ciphers , also what is the location of the crash file.ThanksSatyamOn Sun, 25 Oct 2020 at 12:57, Satyam Mehrotra <satyam226@xxxxxxxxx> wrote:Hello Everyone,I have just joined the openssl users community.My requirement is to have the SSLv3 and weak ciphers enable with openssl installation .I have a query regarding enabling SSLv3 protocol and weak ciphers with openssl-1.1.1h installationI have followed the below steps1) ./config -enable-weak-ssl-ciphers
2) The Makefile looks as below
===============================
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
##
## Makefile for OpenSSL
##
## WARNING: do not edit!
## Generated by Configure from Configurations/common0.tmpl, Configurations/unix-Makefile.tmpl, Configurations/common.tmpl
PLATFORM=linux-x86_64
OPTIONS=-enable-weak-ssl-ciphers no-asan no-buildtest-c++ no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-heartbeats no-md2 no-msan no-rc5 no-sctp no-ubsan no-unit-test no-zlib no-zlib-dynamic
CONFIGURE_ARGS=("linux-x86_64", "-enable-weak-ssl-ciphers")
SRCDIR=.
BLDDIR=.
VERSION=1.1.1h
MAJOR=1
MINOR=1.1
SHLIB_VERSION_NUMBER=1.1
SHLIB_VERSION_HISTORY=
SHLIB_MAJOR=1
SHLIB_MINOR=1
SHLIB_TARGET=linux-shared
SHLIB_EXT=.so.$(SHLIB_VERSION_NUMBER)
SHLIB_EXT_SIMPLE=.so
SHLIB_EXT_IMPORT=
LIBS=apps/libapps.a libcrypto.a libssl.a test/libtestutil.a
SHLIBS=libcrypto$(SHLIB_EXT) libssl$(SHLIB_EXT)
SHLIB_INFO=";" "libcrypto$(SHLIB_EXT);libcrypto$(SHLIB_EXT_SIMPLE)" "libssl$(SHLIB_EXT);libssl$(SHLIB_EXT_SIMPLE)" ";"
ENGINES=engines/afalg.so engines/capi.so engines/dasync.so engines/ossltest.so engines/padlock.so
@
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
if i do any openssl operations it gives error ( core dumped )
./openssl ciphers -V
Segmentation fault (core dumped)
Can someone help me in resolving this issue ?
If i don't use option "-enable-weak-ssl-ciphers " then the above issue is not seen but SSLv3 and weak ciphers do not get enable.
Thanks
Satyam
--SY, Dmitry Belyavsky
Dear Satyam,
First of all, I'll suggest checking whether the libcrypto/libssl are those you've built. It can be done, e.g., via running strace.
I also suggest building openssl with -ggdb (./config -ggdb should do the trick).
On Mon, Oct 26, 2020 at 11:34 AM Satyam Mehrotra <satyam226@xxxxxxxxx> wrote:
SY, Dmitry Belyavsky
