Date: Sun, 25 Feb 2001 01:29:56 +0100 From: needle-mls@world-online.no To: freebsd-stable@freebsd.org Subject: libcrypto hosed when compiled with optimizations Message-ID: <20010225012956.A1726@resentment.verloid.net>
next in thread | raw e-mail | index | archive | help
Hi, On my 4.2-stable system I have tweaked my /etc/make.conf to compile sources with -O -mcpu=686 -march=pentiumpro -funroll-loops and as far as I can tell, everything is working flawlessly except for ssh with protocol v2. For some reason when I ssh -2 localhost, or ssh -2 anywhere else I get the following error: % ssh -2 -v arrakis (...) debug: Host 'arrakis' is known and matches the DSA host key. debug: bits set: 499/1024 debug: len 55 datafellows 0 debug: dsa_verify: signature incorrect dsa_verify failed for server_host_key debug: Calling cleanup 0x80592a0(0x0) Ssh'ing from a computer with unoptimized binaries to my workstation, using protocol v2, works so sshd is obviously fine. Recompiling libcrypto without -O -mcpu etc. fixes the problem. It's obviously a little picky about how it's compiled. Now I'm wondering if my foot wound is more serious, could anything else have blown up as well or is the crypto code just more touchy? I use the same optimizations on the kernel, while ports are compiled with -O2 and as I mentioned earlier I have not noticed anything else not working. Has anyone done any testing which shows that things actually run faster, or are the binaries just more likely to be flawed? For the record, this is 4.2-stable as of Feb. 22 with OpenSSH 2.3.0. Regards, Jo To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010225012956.A1726>