Unimplemented stat function in wcecompat-1.2 causes error in OpenSSL-0.9.8a

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Unimplemented stat function in wcecompat-1.2 causes error in OpenSSL-0.9.8a

Michael Wang-7
I just fixed an interesting problem I was having with OpenSSL-0.9.8a running with the wcecompat-1.2 library on WinCE5.0.

I have multiple CA certs in a cert directory hashed by the c_rehash function.  The CA certs are in a hierarchy 2 levels deep.  My app (wpa_supplicant) is running as a client.  When wpa_supplicant receives a server certificate from the authentication server, SSL_connect would return an error (curiously, this problem does not occur if the CA hierarchy is only 1 level deep) .  Using ERR_get_error_line_data, I see the following error data:

0:19.000 file=c:\sslbuild-latest\openssl-0.9.8a\crypto\bio\bss_file.c line=349 data=fopen('/xxx/yyy/OpenSSL/CA/aff044a0.1','rb') flags=0x3

But I don't have any CA files that end with ".1", only ".0".  Then I looked at crypto/x509/by_dir.c:line337 and saw that the last index was being incremented and then "stat" was called to check if the file existed before trying to open the file.

But in wcecompat/src/stat.cpp, the body of the stat function has a giant "ifdef 0" around it, and this function would return success everytime.  I took out the "ifdef 0" and the function still compiles and now my app works as expected.

Haven't checked over the entire OpenSSL source tree to see where else this stat issue would pop up.

Hi Steven, if you are monitoring this, what do you think about taking that ifdef 0 out of the stat function?

Thanks,
Michael



Reply | Threaded
Open this post in threaded view
|

RE: Unimplemented stat function in wcecompat-1.2 causes error in OpenSSL-0.9.8a

Daniel Diaz Sanchez-2

The function stat causes errors in functions as  “by_dir” used when a certificate is verified. Windows CE, at least 4.2 version does not implement stat, and the implementation from wcecompat is not correct.

 

Have a look at the code at http://karajan.it.uc3m.es/~pervasive/wce_lite_compat/

 

Daniel Díaz

http://www.it.uc3m.es/dds

 


De: owner-[hidden email] [mailto:owner-[hidden email]] En nombre de Michael Wang
Enviado el: miércoles, 01 de febrero de 2006 20:32
Para: [hidden email]
Asunto: Unimplemented stat function in wcecompat-1.2 causes error in OpenSSL-0.9.8a

 

I just fixed an interesting problem I was having with OpenSSL-0.9.8a running with the wcecompat-1.2 library on WinCE5.0.

I have multiple CA certs in a cert directory hashed by the c_rehash function.  The CA certs are in a hierarchy 2 levels deep.  My app (wpa_supplicant) is running as a client.  When wpa_supplicant receives a server certificate from the authentication server, SSL_connect would return an error (curiously, this problem does not occur if the CA hierarchy is only 1 level deep) .  Using ERR_get_error_line_data, I see the following error data:

0:19.000 file=c:\sslbuild-latest\openssl-0.9.8a\crypto\bio\bss_file.c line=349 data=fopen('/xxx/yyy/OpenSSL/CA/aff044a0.1','rb') flags=0x3

But I don't have any CA files that end with ".1", only ".0".  Then I looked at crypto/x509/by_dir.c:line337 and saw that the last index was being incremented and then "stat" was called to check if the file existed before trying to open the file.

But in wcecompat/src/stat.cpp, the body of the stat function has a giant "ifdef 0" around it, and this function would return success everytime.  I took out the "ifdef 0" and the function still compiles and now my app works as expected.

Haven't checked over the entire OpenSSL source tree to see where else this stat issue would pop up.

Hi Steven, if you are monitoring this, what do you think about taking that ifdef 0 out of the stat function?

Thanks,
Michael


Reply | Threaded
Open this post in threaded view
|

Re: Unimplemented stat function in wcecompat-1.2 causes error in OpenSSL-0.9.8a

Michael Wang-7
OK, thanks for that pointer.  wcecompat has been working fine in all other respects, and with this fix, I have no issues with it.  So I think I'll just stick to that.  Its good to know there are alternative compatibility libraries around though.

Thanks,
Michael


On 2/1/06, Daniel Díaz Sánchez <[hidden email]> wrote:

The function stat causes errors in functions as  "by_dir" used when a certificate is verified. Windows CE, at least 4.2 version does not implement stat, and the implementation from wcecompat is not correct.

 

Have a look at the code at <a href="http://karajan.it.uc3m.es/%7Epervasive/wce_lite_compat/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://karajan.it.uc3m.es/~pervasive/wce_lite_compat/

 

Daniel Díaz

<a href="http://www.it.uc3m.es/dds" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)"> http://www.it.uc3m.es/dds

 


De: owner-[hidden email] [mailto:[hidden email][hidden email]] En nombre de Michael Wang
Enviado el: miércoles, 01 de febrero de 2006 20:32
Para: [hidden email]
Asunto: Unimplemented stat function in wcecompat-1.2 causes error in OpenSSL-0.9.8a

 

I just fixed an interesting problem I was having with OpenSSL-0.9.8a running with the wcecompat-1.2 library on WinCE5.0.

I have multiple CA certs in a cert directory hashed by the c_rehash function.  The CA certs are in a hierarchy 2 levels deep.  My app (wpa_supplicant) is running as a client.  When wpa_supplicant receives a server certificate from the authentication server, SSL_connect would return an error (curiously, this problem does not occur if the CA hierarchy is only 1 level deep) .  Using ERR_get_error_line_data, I see the following error data:

0:19.000 file=c:\sslbuild-latest\openssl-0.9.8a\crypto\bio\bss_file.c line=349 data=fopen('/xxx/yyy/OpenSSL/CA/aff044a0.1','rb') flags=0x3

But I don't have any CA files that end with ".1", only ".0".  Then I looked at crypto/x509/by_dir.c:line337 and saw that the last index was being incremented and then "stat" was called to check if the file existed before trying to open the file.

But in wcecompat/src/stat.cpp, the body of the stat function has a giant "ifdef 0" around it, and this function would return success everytime.  I took out the "ifdef 0" and the function still compiles and now my app works as expected.

Haven't checked over the entire OpenSSL source tree to see where else this stat issue would pop up.

Hi Steven, if you are monitoring this, what do you think about taking that ifdef 0 out of the stat function?

Thanks,
Michael



Reply | Threaded
Open this post in threaded view
|

Enabling SSL Authentication With Apache/PHP/MySQL

Thomas George
Message
Hello,
 
I'm looking for a primer or how-to on setting up FakeBasicAuth with a Wiki portal engine running in PHP, with a MySQL backend.
 
Any suggestions are greatly appreciated..!
 
Thomas