search for: engine_finish

...14:30:42 pop3-login: Debug: SSL: elliptic curve secp384r1 will be used for ECDH and ECDHE key exchanges Sep 05 14:30:50 pop3-login: Info: Login: user=<tstrand>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=18361, secured, session=<65m8ZXBYtpN/AAAB> Sep 05 14:30:50 pop3-login: Error: ENGINE_finish, bad functional reference count Sep 05 14:30:50 pop3-login: Fatal: master: service(pop3-login): child 18359 killed with signal 6 (core dumped) >From ./crypto/engine/eng_init.c ......... int engine_unlocked_finish(ENGINE *e, int unlock_for_handlers) { int to_return = 1; /* *...

...e () from /lib64/libc.so.6 No symbol table info available. #1 0x00007ff0bd9d08c8 in abort () from /lib64/libc.so.6 No symbol table info available. #2 0x00007ff0bd3c0f2f in engine_unlocked_finish (e=0x1c51c60, unlock_for_handlers=1) at eng_init.c:115 to_return = 1 #3 0x00007ff0bd3c1064 in ENGINE_finish (e=0x1c51c60) at eng_init.c:150 to_return = 1 #4 0x00007ff0be0f9300 in ssl_proxy_deinit () from /local/nextmail/dovecot/lib64/dovecot/libdovecot-login.so.0 No symbol table info available. #5 0x00007ff0be0f4472 in main_deinit () from /local/nextmail/dovecot/lib64/dovecot/libdovecot-login.s...

...mbol > table info available. > #1 0x00007ff0bd9d08c8 in abort () from /lib64/libc.so.6 No symbol > table info available. > #2 0x00007ff0bd3c0f2f in engine_unlocked_finish (e=0x1c51c60, unlock_for_handlers=1) at eng_init.c:115 > to_return = 1 > #3 0x00007ff0bd3c1064 in ENGINE_finish (e=0x1c51c60) at eng_init.c:150 > to_return = 1 > #4 0x00007ff0be0f9300 in ssl_proxy_deinit () from > /local/nextmail/dovecot/lib64/dovecot/libdovecot-login.so.0 > No symbol table info available. > #5 0x00007ff0be0f4472 in main_deinit () from > /local/nextmail/dovecot/...

...t RemoteIP 88.89.118.45 Maildir /var/nextmail/nfs2.flex14/49/79/841 Info: Disconnected: Logged out top=0/0, retr=0/0, del=0/22, size=17589388, totalread=32, totalsent=2181, uidl=22/50a23327 Sep 12 11:40:56 pop3-login: Debug: SSL alert: close notify [88.89.118.45] Sep 12 11:40:56 pop3-login: Error: ENGINE_finish, bad functional reference count Sep 12 11:40:56 pop3-login: Fatal: master: service(pop3-login): child 18247 killed with signal 6 (core dumped) -----Original Message----- From: Aki Tuomi [mailto:aki.tuomi at dovecot.fi] Sent: 12. september 2017 08:37 To: dovecot at dovecot.org; Eik?s Arvid Subject...

...o available. >> #1 0x00007ff0bd9d08c8 in abort () from /lib64/libc.so.6 No symbol >> table info available. >> #2 0x00007ff0bd3c0f2f in engine_unlocked_finish (e=0x1c51c60, unlock_for_handlers=1) at eng_init.c:115 >> to_return = 1 >> #3 0x00007ff0bd3c1064 in ENGINE_finish (e=0x1c51c60) at eng_init.c:150 >> to_return = 1 >> #4 0x00007ff0be0f9300 in ssl_proxy_deinit () from >> /local/nextmail/dovecot/lib64/dovecot/libdovecot-login.so.0 >> No symbol table info available. >> #5 0x00007ff0be0f4472 in main_deinit () from >> /l...

...enssl.so: undefined reference to `ENGINE_load_builtin_engines at OPENSSL_1_1_0' /opt/bin/ld: ../lib-ssl-iostream/.libs/libssl_iostream_openssl.so: undefined reference to `ENGINE_free at OPENSSL_1_1_0' /opt/bin/ld: ../lib-ssl-iostream/.libs/libssl_iostream_openssl.so: undefined reference to `ENGINE_finish at OPENSSL_1_1_0' /opt/bin/ld: ../lib-ssl-iostream/.libs/libssl_iostream_openssl.so: undefined reference to `ENGINE_by_id at OPENSSL_1_1_0' collect2: error: ld returned 1 exit status make[3]: *** [Makefile:892: test-http-payload] Error 1 make[3]: Leaving directory '/share/CACHEDEV1_DATA...

...sl.Tpo -c istream-openssl.c -fPIC -DPIC -o .libs/istream-openssl.o iostream-openssl-context.c:9:28: openssl/engine.h: No such file or directory iostream-openssl-context.c: In function `ssl_iostream_deinit_global': iostream-openssl-context.c:431: warning: implicit declaration of function `ENGINE_finish' iostream-openssl-context.c:432: warning: implicit declaration of function `ENGINE_cleanup' ... 2) Dovecot's LDA does not work After stopping the the old dovecot, and starting dovecot 2.1.3 using tghe exact same config file, local mail delivery tempfails: Mar 23 02:51:51 se...

OpenSC has taken a different approach to OpenSSL-1.1. Rather then writing a shim for OpenSSL-1.1, the OpenSC code has been converted to the OpenSSL-1.1 API and a sc-ossl-compat.h" file consisting of defines and macros was written to support older versions of OpenSSL and Libressl. https://github.com/OpenSC/OpenSC/blob/master/src/libopensc/sc-ossl-compat.h The nice part of this approach is

...x_size && ctx->md_data > ?? > && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) { > ?? > OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size); > ?? > } > ?? > EVP_PKEY_CTX_free(ctx->pctx); > #ifndef OPENSSL_NO_ENGINE > ?? > ENGINE_finish(ctx->engine); > #endif > ?? > OPENSSL_cleanse(ctx, sizeof(*ctx)); > > ?? > return 1; > } > ?---->8----- > > > Other functions are getter and setters such as : > > ?----8<-----? > void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGN...

I've architected this in a way that looks future proof at least to the openssl provider transition. What will happen in openssl 3.0.0 is that providers become active and will accept keys via URI. The current file mechanisms will still be available but internally it will become a file URI. To support the provider interface, openssl will have to accept keys by URI instead of file and may

...SSL_1.0.0' /usr/local/lib/dovecot/libdovecot-storage.so: undefined reference to `X509_STORE_add_crl at OPENSSL_1.0.0' /usr/local/lib/dovecot/libdovecot-storage.so: undefined reference to `BIO_read at OPENSSL_1.0.0' /usr/local/lib/dovecot/libdovecot-storage.so: undefined reference to `ENGINE_finish at OPENSSL_1.0.0' /usr/local/lib/dovecot/libdovecot-storage.so: undefined reference to `SSL_free at OPENSSL_1.0.0' /usr/local/lib/dovecot/libdovecot-storage.so: undefined reference to `SSL_read at OPENSSL_1.0.0' /usr/local/lib/dovecot/libdovecot-storage.so: undefined reference to `X5...

Engine keys are private key files which are only understood by openssl external engines. ?The problem is they can't be loaded with the usual openssl methods, they have to be loaded via ENGINE_load_private_key(). ?Because they're files, they fit well into openssh pub/private file structure, so they're not very appropriately handled by the pkcs11 interface because it assumes the private

...sl.so X509_NAME_dup ../lib-ssl-iostream/.libs/libssl_iostream_openssl.so SSL_CTX_set_tmp_rsa_callback ../lib-ssl-iostream/.libs/libssl_iostream_openssl.so X509_get_subject_name ../lib-ssl-iostream/.libs/libssl_iostream_openssl.so SSL_library_init ../lib-ssl-iostream/.libs/libssl_iostream_openssl.so ENGINE_finish ../lib-ssl-iostream/.libs/libssl_iostream_openssl.so ENGINE_by_id ../lib-ssl-iostream/.libs/libssl_iostream_openssl.so ld: fatal: symbol referencing errors. No output written to .libs/test-http-client collect2: ld returned 1 exit status *** Error code 1 make: Fatal error: Command failed for targ...

...rs_fp(stderr); + return ret; + } + UI_method_set_reader(ui, ui_read); + + if (!ENGINE_init(e)) { + verbose("%s: failed to init engine %s", __func__, engine); + ERR_print_errors_fp(stderr); + return ret; + } + + d.passphrase = pin; + pk = ENGINE_load_private_key(e, file, ui, &d); + ENGINE_finish(e); + + if (d.ret == -2) + return SSH_ERR_KEY_WRONG_PASSPHRASE; + + if (!pk) { + verbose("%s: engine returned no key", __func__); + ERR_print_errors_fp(stderr); + return ret; + } + + /* here's a nasty problem: most engines don't tell us the password + * was wrong until we try...