Sorry... there was a typo: Incorrect: > Default build: darwin64-x86_64-cc (did not detect CERT_UNTRUSTED) > Local build: darwin64-x86_64-llvm (detected CERT_UNTRUSTED correctly)
Correct: Default build: darwin64-x86_64-llvm (did not detect CERT_UNTRUSTED)Local build: darwin64-x86_64-cc (detected CERT_UNTRUSTED correctly) Thanks. On Wed, Nov 16, 2011 at 2:53 PM, Yutaka Takeda <yt0...@gmail.com> wrote: > After some more investigation, the problem seems to happen only with > OpenSSL (v0.9.8r) preinstalled with Mac OS X 10.6.8. > > If the test program is linked against *locally* built 0.9.8r, > CERT_UNTRUSTED is correctly reported by SSL_get_verify_result(). > > Log: > OpenSSL 0.9.8r 8 Feb 2011 > compiler: cc -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H > -fmessage-length=0 -pipe -Wno-trigraphs -fpascal-strings -fasm-blocks > -O3 -DOPENSSL_NO_IDEA -DOPENSSL_PIC -DZLIB -mmacosx-version-min=10.6 > -arch x86_64 -O3 -DL_ENDIAN -DMD32_REG_T=int -Wall > built on: Wed Nov 16 13:53:59 PST 2011 > platform: darwin64-x86_64-cc > OPENSSLDIR: "/usr/local/ssl" > TCP connection successful >>>>> verifyCallback() - in: preverify_ok=0 > Verify error: unable to get local issuer certificate(20) > - depth=1 > - sub ="/C=US/O=Google Inc/CN=Google Internet Authority" > <<<< verifyCallback() - out > SSL handshake failed: SSL_ERROR_SSLFAIL > > Looking at the compile options, the only difference is the compiler > openssl is built with: > > Default build: darwin64-x86_64-cc (did not detect CERT_UNTRUSTED) > Local build: darwin64-x86_64-llvm (detected CERT_UNTRUSTED correctly) > > Unfortunately, I cannot build libssl/libcrypto with > darwin64-x86_64-llvm and I cannot check if that makes any difference. > > Does anyone has any thoughts? > - Yutaka > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
