> From: owner-openssl-us...@openssl.org On Behalf Of Alexander Lamaison > Sent: Thursday, 06 August, 2009 09:12
> I'm trying to avoid passing any C-runtime objects (such as a > FILE*) across the OpenSSL DLL boundary. This is unsafe as > the two DLLs may be using different runtime instances which > causes crashes on Windows. To be clear, different C-runtime *libraries* e.g. /ML /ML /MD . FYI in recent (~2years?) versions of OpenSSL, there is another way to handle this: compile OpenSSL_Applink (include/openssl/applink.c) into your app; that directs OpenSSL's I/O calls to correct CRT. However, (I think) your (traditional) approach should (still) work. There's a third way in some cases -- don't have OpenSSL access the file(s) itself, but instead app reads the file and pass in the data, and/or get out the data and app writes the file. > Apparently using BIO_new_file is a safe way to pass a file to > a function as the FILE* is created and remains on the OpenSSL > side of the border. Does this make sense? > Looks right to me. > Also, I came across the OPENSSL_NO_FP_API preprocessor > definition which seemed to prevent accidentally calling an > API function that allowed unsafe FILE* passing. However, I I'm not sure that's its purpose; it's not documented that I can see, and maybe no longer supported; per below it clearly wasn't very often tested (and perhaps used). > notice that BIO_new_file isn't defined if OPENSSL_NO_FP_API > is. And I can't actually get the OpenSSL headers to work > with this defined at all: > In file included from openssl.h:46, > from libssh2_priv.h:136, > from channel.c:40: > /usr/include/openssl/pem.h:657: error: expected ')' before 'RSA' > /usr/include/openssl/pem.h:668: error: expected ')' before 'DSA' > /usr/include/openssl/pem.h:673: error: expected ')' before 'EC_GROUP' > /usr/include/openssl/pem.h:680: error: expected ')' before 'DH' > > Is there some magic required to define this properly? > This appears to have been fixed (recently) in 098k by the addition of obviously needed _write*_const macros in the NO_FP branch to match the yes_FP branch near line 214. OTOH you can build OpenSSL normally and just never call *fp*. Using a DLL this is easy to verify; just do (MS) dumpbin/imports, and I think (sysinternals-now-MS) dependency-walker can do it too. (For static linking it is more work -- but normally unneeded because static linking already catches library mismatches.) ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
