Sorry, I meant the SSL_CTX initialization code.
--
FrÃdÃric Giudicelli
http://www.newpki.org
Alberto Alonso wrote:
Changing the code to use one SSL_CTX per thread is a large
task because of the complexity of the whole system.
The initialization code is probably easier to look at:
I use:
extern
Changing the code to use one SSL_CTX per thread is a large
task because of the complexity of the whole system.
The initialization code is probably easier to look at:
I use:
extern pthread_mutex_t *ggsyscom_ssllock_cs;
extern long *ggsyscom_ssllock_count;
which are defined on the main.c file as
I assume Stephen mentionned EVP_CIPHER_CTX because he wasn't sure which
"ctx" you were talking about.
I can garantee you that shared SSL_CTX work fine, as long as the mutexes
are initialized the proper way.
Did you try to use one SSL_CTX per thread to see if it worked ? If you
have a problem wit
Actually I already initialize the locking callbacks. What got me
confused is the EVP_CIPHER_CTX stuff as I have never seen that.
Thanks,
Alberto
On Fri, 2004-02-20 at 17:33, FrÃdÃric Giudicelli wrote:
> If you share the return of the SSL_CTX_new call, then you need to
> initialize the mutexes
If you share the return of the SSL_CTX_new call, then you need to
initialize the mutexes in libcrypto, see CRYPTO_set_locking_callback for
this.
The second option is to have one SSL_CTX per thread, as mentionned by
Stephen.
Regards,
--
Frédéric Giudicelli
http://www.newpki.org
Alberto Alonso wr
On Fri, 2004-02-20 at 16:34, Dr. Stephen Henson wrote:
> Looks like a race condition of some sort.
>
> Well first thing I'd suggest is using the latest 0.9.7 snapshot and seeing if
> you still have the problem.
I will try that.
>
> Also compile OpenSSL with debugging symbols so the precise loca
On Fri, Feb 20, 2004, Shea Janet B CRBE wrote:
> Everyone -
>
>I am having trouble using SSL with apache for my website.
>
>Things will go along fine for a while - getting every page that I ask
>for. Then, after an unpredictable amount of time, I will get "The page
>cannot be di
On Fri, Feb 20, 2004, Alberto Alonso wrote:
> I'm trying to use openssl-0.9.7a-23 (the RPM from Fedora 1)
> in a multithreaded environment.
>
> Basically I have a server with about 5 worker threads and
> a client with a varying number of threads that connect to
> the server.
>
> When using arou
I'm trying to use openssl-0.9.7a-23 (the RPM from Fedora 1)
in a multithreaded environment.
Basically I have a server with about 5 worker threads and
a client with a varying number of threads that connect to
the server.
When using around 20 threads at the client I can't see any
problems.
But w
Everyone -
I am having trouble using SSL with apache for my website.
Things will go along fine for a while - getting every page that I ask for. Then,
after an unpredictable amount of time, I will get "The page cannot be displayed" in my
browser window and the following message will be wr
FreeBSD 4.8-STABLE
apologies in advance to address this issue on a general freeBSD mail list
any clues why openssl-0.9.7c is failing to build from /usr/ports
here are the build errors:
--- snip ---
cc: -rpath: linker input file unused since linking not done
cc: /usr/local/lib: linker input f
Title: questions about PGP keys used to sign openssl tar balls
Looks like openssl tar balls are signed with a different PGP key for
each source tar ball.
For example, openssl-0.9.7b.tar.gz was signed using a key with key id
E06D2CB1 and openssl-0.9.7c.tar.gz was signed with key id 49A563D9.
On Fri, Feb 20, 2004, Gabriel Fernando Castillo Contreras wrote:
> I'm using Oracle HTTP Server is a part of the Oracle Application Server.
> Although based on Apache web server, it doesn't come with Apache's
> mod_ssl, instead supplying a proprietary mod_ossl module.
> Instead of keeping SSL ce
I'm using Oracle HTTP Server is a part of the Oracle Application Server.
Although based on Apache web server, it doesn't come with Apache's
mod_ssl, instead supplying a proprietary mod_ossl module.
Instead of keeping SSL certificates and keys in the file system,
mod_ossl puts them in "Wallets" w
Do I need to call ioctlsocket(m_socket, FIONBIO, (u_long FAR*) &iMode); to enable non-blocking or can I just #define FIONBIO and #define USE_NBIO from within my code?
From: Chris Rowe
[mailto:[EMAIL PROTECTED]
Sent: Friday, February 20, 2004
9:18 AM
To: '[EMAIL PROTECTED]'
S
You can use X509_NAME_print_ex(...)
for example:
char * X509_NAME_oneline_ex(X509_NAME *a,char *buf,int *size,unsigned long
flag) {
BIO *out=NULL;
out=BIO_new(BIO_s_mem());
if(X509_NAME_print_ex(out,a,0,flag)>0) {
if (buf!=NULL && *size>(int)BIO_number_written(out)) {
I read in a posting somewhere that X509_NAME_oneline() is depracated.
Can someone tell me the preferred alternative?
Thanks,
K.C.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Li
Title: SSL Error SSL3_GET_MESSAGE
I have an error in the SSL logs that I don't know how to fix. From the research I've done this is caused by a cert larger than 1024 bits.
Upgrade is not an option at this time because of the application
My configuration is
NT 4.0
Oracle 9ias applicat
I am having a hard time finding a good example on using
non-blocking I/O with SSL_Read and SSL_Write?
How do I set the underlying BIO to non-blocking? I am
assuming it requires the use of SSL_ERROR_WANT_READ or SSL_peek()???
I have been looking in the man pages on openssl but need a
littl
Hi all,
i'd like some help concerning adding fields in a certificate. Currently with
the openssl default you put Country, state, city, organization, organization
unit, common name and email address. But i'd like to add other fields like a
serial and a number of user among others.
In openssl.cnf
- Original Message -
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, February 20, 2004 9:51 AM
Subject: openssl and windows 2000 and visual basic and winsock
> I wrote an vb script which GETs and POSTs to http urls using the winsock
in visual basic..
>
> is there anyway a
On Fri, Feb 20, 2004 at 04:51:21AM -0400, [EMAIL PROTECTED] wrote:
> I wrote an vb script which GETs and POSTs to http urls using the winsock
> in visual basic..
>
> is there anyway at all I can do the same thing for https urls ?
2 possibilities:
Easier: Use the MSIE ActiveX already installed on
Under Windows and vb SSPI is your "friend" !
[EMAIL PROTECTED] wrote:
I wrote an vb script which GETs and POSTs to http urls using the winsock in visual basic..
is there anyway at all I can do the same thing for https urls ?
can openssl help ?
prem
please see below for the code that I'm using
I wrote an vb script which GETs and POSTs to http urls using the winsock in visual
basic..
is there anyway at all I can do the same thing for https urls ?
can openssl help ?
prem
please see below for the code that I'm using now
---
Func
24 matches
Mail list logo
