1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<TITLE> [Mageia-dev] Old OpenSSL HOWTO [was Re: openssl regression]
</TITLE>
<LINK REL="Index" HREF="index.html" >
<LINK REL="made" HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20Old%20OpenSSL%20HOWTO%20%5Bwas%20Re%3A%20openssl%20regression%5D&In-Reply-To=%3CCA%2BCX%2BbgRvMQ%3D%2BG135x8P1YpoobSV36A%3Dn5BeZrb_00kfZFawAA%40mail.gmail.com%3E">
<META NAME="robots" CONTENT="index,nofollow">
<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
<LINK REL="Previous" HREF="017126.html">
<LINK REL="Next" HREF="017129.html">
</HEAD>
<BODY BGCOLOR="#ffffff">
<H1>[Mageia-dev] Old OpenSSL HOWTO [was Re: openssl regression]</H1>
<B>Pascal Terjan</B>
<A HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20Old%20OpenSSL%20HOWTO%20%5Bwas%20Re%3A%20openssl%20regression%5D&In-Reply-To=%3CCA%2BCX%2BbgRvMQ%3D%2BG135x8P1YpoobSV36A%3Dn5BeZrb_00kfZFawAA%40mail.gmail.com%3E"
TITLE="[Mageia-dev] Old OpenSSL HOWTO [was Re: openssl regression]">pterjan at gmail.com
</A><BR>
<I>Wed Jul 4 01:56:18 CEST 2012</I>
<P><UL>
<LI>Previous message: <A HREF="017126.html">[Mageia-dev] Old OpenSSL HOWTO [was Re: openssl regression]
</A></li>
<LI>Next message: <A HREF="017129.html">[Mageia-dev] Old OpenSSL HOWTO [was Re: openssl regression]
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#17127">[ date ]</a>
<a href="thread.html#17127">[ thread ]</a>
<a href="subject.html#17127">[ subject ]</a>
<a href="author.html#17127">[ author ]</a>
</LI>
</UL>
<HR>
<!--beginarticle-->
<PRE>On Tue, Jul 3, 2012 at 4:54 PM, Pascal Terjan <<A HREF="https://www.mageia.org/mailman/listinfo/mageia-dev">pterjan at gmail.com</A>> wrote:
><i> On Mon, Jun 11, 2012 at 3:15 PM, Shlomi Fish <<A HREF="https://www.mageia.org/mailman/listinfo/mageia-dev">shlomif at shlomifish.org</A>> wrote:
</I>>><i> Hi all,
</I>>><i>
</I>>><i> here is a small HOWTO about using OpenSSL with Mageia Cauldron applications
</I>>><i> that broke with the new version of the "openssl" package (1.0.1), such as svn
</I>>><i> with <A HREF="https://">https://</A> URLs:
</I>>><i>
</I>>><i> 1. Download openssl-1.0.0j.tar.gz from:
</I>>><i>
</I>>><i> <A HREF="http://www.openssl.org/source/">http://www.openssl.org/source/</A>
</I>>><i>
</I>>><i> 2. Unpack it.
</I>>><i>
</I>>><i> 3. Use the following shell script to configure it (you can customise the
</I>>><i> ossl_pref prefix to your liking:
</I>>><i>
</I>>><i> [QUOTE]
</I>>><i> #!/bin/bash
</I>>><i> ossl_pref="$HOME/apps/openssl"
</I>>><i> ./config --prefix="$ossl_pref" --openssldir="$ossl_pref/openssl" shared
</I>>><i> [/QUOTE]
</I>>><i>
</I>>><i> There is more coverage of this here:
</I>>><i>
</I>>><i> <A HREF="http://www.devside.net/guides/linux/openssl">http://www.devside.net/guides/linux/openssl</A>
</I>>><i>
</I>>><i> 4. Add the following lines to your .bashrc:
</I>>><i>
</I>>><i> [QUOTE]
</I>>><i> oldssl()
</I>>><i> {
</I>>><i> export LD_LIBRARY_PATH="$HOME/apps/openssl/lib/:$LD_LIBRARY_PATH"
</I>>><i> }
</I>>><i> [/QUOTE]
</I>>><i>
</I>>><i> 5. Now when you want to use svn with <A HREF="https://">https://</A> or whatever just type "oldssl"
</I>>><i> first.
</I>>><i>
</I>>><i> -------------
</I>>><i>
</I>>><i> I've tried to fix svn in Cauldron, but rebuilding it didn't help, and trying to
</I>>><i> rebuild libneon0.27 caused "%check" to fail. This was reported here:
</I>>><i>
</I>>><i> <A HREF="http://lists.manyfish.co.uk/pipermail/neon/2012-June/001473.html">http://lists.manyfish.co.uk/pipermail/neon/2012-June/001473.html</A>
</I>>><i>
</I>><i>
</I>><i> I am not on the ML so can't reply to the thread but debug.log seems to
</I>><i> be the interesting one:
</I>><i>
</I>><i> ******* Running test 18: client_cert_pkcs12 ********
</I>><i> HTTP session to <A HREF="https://localhost:7777">https://localhost:7777</A> begins.
</I>><i> ssl: SNI enabled by default.
</I>><i> ssl: Match common name 'ignored.example.com' against ''
</I>><i> Identity match for '': bad
</I>><i> ssl: Match common name 'nowhere.example.com' against ''
</I>><i> Identity match for '': bad
</I>><i> Running pre_send hooks
</I>><i> Sending request headers:
</I>><i> GET /foo HTTP/1.1^M
</I>><i> Keep-Alive: ^M
</I>><i> Connection: TE, Keep-Alive^M
</I>><i> TE: trailers^M
</I>><i> Host: localhost:7777^M
</I>><i> ^M
</I>><i> Sending request-line and headers:
</I>><i> Doing DNS lookup on localhost...
</I>><i> req: Connecting to 127.0.0.1:7777
</I>><i> Doing SSL negotiation.
</I>><i> Supplying client certificate.
</I>><i> sess: Closing connection.
</I>><i> sess: Connection closed.
</I>><i> Request ends, status 0 class 0xx, error line:
</I>><i> SSL handshake failed: SSL error: digest too big for rsa key
</I>><i> Running destroy hooks.
</I>><i> Request ends.
</I>
Also, <A HREF="https://github.com/joyent/node/pull/2991">https://github.com/joyent/node/pull/2991</A>
</PRE>
<!--endarticle-->
<HR>
<P><UL>
<!--threads-->
<LI>Previous message: <A HREF="017126.html">[Mageia-dev] Old OpenSSL HOWTO [was Re: openssl regression]
</A></li>
<LI>Next message: <A HREF="017129.html">[Mageia-dev] Old OpenSSL HOWTO [was Re: openssl regression]
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#17127">[ date ]</a>
<a href="thread.html#17127">[ thread ]</a>
<a href="subject.html#17127">[ subject ]</a>
<a href="author.html#17127">[ author ]</a>
</LI>
</UL>
<hr>
<a href="https://www.mageia.org/mailman/listinfo/mageia-dev">More information about the Mageia-dev
mailing list</a><br>
</body></html>
|
