On Sat, Jan 25, 2003 at 10:43:50AM +1000, Mark Devin wrote: > I am not sure if this is a bug or I just don't have things installed > correctly. I have just installed the sid version of openssl and its > required dependencies with: > apt-get -t unstable install openssl > > But the perl script CA.pl that came with openssl didn't seem to work on > my system. > > When I did: > cd /usr/lib/ssl/misc > ./CA.pl -newca > > It created the demoCA directory but didn't ask me the usual questions > and didn't generate any keys. > > Then upon reading through the perl script I tried running the command > directly: > openssl req -new -x509 -keyout demoCA/private/cakey.pem -out > demoCA/cacert.pem -days 3650 > Illegal instruction > > So then I tried running: > openssl version > Illegal instruction > > I then tried the following on another machine running the testing > version and got: > openssl version > OpenSSL 0.9.6g 9 Aug 2002 > > So I figure that there is a problem with the sid version of openssl on > my system. > > I have both libc6 and libssl0.9.7 from unstable. > > Does anyone have any idea what I should check next?
Ooooh, ooooh, I know this one! Are you using a VIA C3 or such chip? They apparently don't support an assembly code instruction called CMOV, but the dynamic loader, OpenSSL and GCC (incorrectly) assume it does, so it generates code the CPU can't execute. It was the subject of a rather long discussion on d-d, and still doesn't seem to have been properly resolved. If you're interested, it's bug #164766. I think you'll have to downgrade to the last version before the bug was filed (sorry, I'm offline ATM, so I can't find the version number for you) until it's properly fixed. -rob
msg26125/pgp00000.pgp
Description: PGP signature
