> From: owner-openssl-us...@openssl.org On Behalf Of Lukas Haase > Sent: Monday, 01 July, 2013 09:40
> I am facing a very strange problem here: openssl successfully creates > signatures but when run by www-data, the signatures are invalid! All > files are readable and there are not error messages: > > # openssl version > OpenSSL 0.9.8o 01 Jun 2010 > # echo -ne Test | openssl dgst -ecdsa-with-SHA1 -sign activation.key > > /tmp/asRoot.der > # su user1 <same> > # su www-data <same> > All files (as*.der) are transfered to a different computer for > verification with the public key: <snip> > OpenSSL 1.0.1e 11 Feb 2013 > > I don't believe it! What is wrong here? > Check the users get >identical< echo result: echo -ne Test |od -c [ su user1 ## squares mean this one probably not needed echo -ne Test |od -c ] su www-data echo -ne Test |od -c If www-data was created to run a web server, it might well have a restricted shell, a chroot jail, or both. echo is a builtin on some shells but not others, and on some Unixes there are multiple executables that comply with different (legacy) standards. To be on the safe side also check all users are getting the same openssl (which openssl) but even a different openssl should be okay here unless it's really way old. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
