* Where can I get a compiled version of OpenSSL?
* Why aren't tools like 'autoconf' and 'libtool' used?
* What is an 'engine' version?
+* How do I check the authenticity of the OpenSSL distribution?
[LEGAL] Legal questions
* Why does the linker complain about undefined symbols?
* Why does the OpenSSL test fail with "bc: command not found"?
* Why does the OpenSSL test fail with "bc: 1 no implemented"?
+* Why does the OpenSSL test fail with "bc: stack empty"?
* Why does the OpenSSL compilation fail on Alpha Tru64 Unix?
* Why does the OpenSSL compilation fail with "ar: command not found"?
* Why does the OpenSSL compilation fail on Win32 with VC++?
* What is special about OpenSSL on Redhat?
* Why does the OpenSSL compilation fail on MacOS X?
* Why does the OpenSSL test suite fail on MacOS X?
+* Why does the OpenSSL test suite fail in BN_sqr test [on a 64-bit platform]?
+* Why does OpenBSD-i386 build fail on des-586.s with "Unimplemented
+ segment type"?
[PROG] Questions about programming with OpenSSL
* Which is the current version of OpenSSL?
The current version is available from <URL: http://www.openssl.org>.
-OpenSSL 0.9.6f was released on August 8, 2002.
+OpenSSL 0.9.6h was released on December 5, 2002.
In addition to the current stable release, you can also access daily
snapshots of the OpenSSL development version at <URL:
version 0.9.7 (not yet released) the changes were merged into the main
development line, so that the special release is no longer necessary.
+* How do I check the authenticity of the OpenSSL distribution?
+
+We provide MD5 digests and ASC signatures of each tarball.
+Use MD5 to check that a tarball from a mirror site is identical:
+
+ md5sum TARBALL | awk '{print $1;}' | cmp - TARBALL.md5
+
+You can check authenticity using pgp or gpg. You need the OpenSSL team
+member public key used to sign it (download it from a key server). Then
+just do:
+
+ pgp TARBALL.asc
+
[LEGAL] =======================================================================
* Do I need patent licenses to use OpenSSL?
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsrdb/27606&zone_32=SUNWski
However, be warned that /dev/random is usually a blocking device, which
may have some effects on OpenSSL.
+A third party /dev/random solution for Solaris is available at
+ http://www.cosy.sbg.ac.at/~andi/
* Why do I get an "unable to write 'random state'" error message?
for download instructions) can be safely used, for example.
+* Why does the OpenSSL test fail with "bc: stack empty"?
+
+On some DG/ux versions, bc seems to have a too small stack for calculations
+that the OpenSSL bntest throws at it. This gets triggered when you run the
+test suite (using "make test"). The message returned is "bc: stack empty".
+
+The best way to deal with this is to find another implementation of bc
+and compile/install it. GNU bc (see http://www.gnu.org/software/software.html
+for download instructions) can be safely used, for example.
+
+
* Why does the OpenSSL compilation fail on Alpha Tru64 Unix?
On some Alpha installations running Tru64 Unix and Compaq C, the compilation
Look in the file PROBLEMS for a more detailed explanation and for possible
solutions.
+* Why does the OpenSSL test suite fail in BN_sqr test [on a 64-bit platform]?
+
+Failure in BN_sqr test is most likely caused by a failure to configure the
+toolkit for current platform or lack of support for the platform in question.
+Run './config -t' and './apps/openssl version -p'. Do these platform
+identifiers match? If they don't, then you most likely failed to run
+./config and you're hereby advised to do so before filing a bug report.
+If ./config itself fails to run, then it's most likely problem with your
+local environment and you should turn to your system administrator (or
+similar). If identifiers match (and/or no alternative identifier is
+suggested by ./config script), then the platform is unsupported. There might
+or might not be a workaround. Most notably on SPARC64 platforms with GNU
+C compiler you should be able to produce a working build by running
+'./config -m32'. I understand that -m32 might not be what you want/need,
+but the build should be operational. For further details turn to
+<openssl-dev@openssl.org>.
+
+* Why does OpenBSD-i386 build fail on des-586.s with "Unimplemented
+ segment type"?
+
+As of 0.9.7 assembler routines were overhauled for position independency
+of the machine code, which is essential for shared library support. Now
+for some reason OpenBSD is equipped with out-of-date GNU assembler which
+finds the new code offending. To work the problem around configure with
+no-asm (and sacrifice a great deal of performance) or upgrade /usr/bin/as.
+For your convenience a pre-compiled replacement binary is provided as
+http://www.openssl.org/~appro/i386-openbsd3-as, which is compiled from
+binutils-2.8 released in 1997.
+
[PROG] ========================================================================
* Is OpenSSL thread-safe?
projects / openssl.git / blobdiff