RE: renegotiating problem - connection hanging?

> > The same problem occurs with one thread. Consider the > > following code, > > assume blocking sockets: > > 1) do some stuff > > 2) do a huge write, don't check for short writes since our socket is > > blocking > That code is broken. Fix it. You must _always_ check for short > writes. Not

RE: renegotiating problem - connection hanging?

--On Wednesday, June 21, 2006 3:36 PM -0700 David Schwartz <[EMAIL PROTECTED]> wrote: The same problem occurs with one thread. Consider the following code, assume blocking sockets: 1) do some stuff 2) do a huge write, don't check for short writes since our socket is blocking That cod

RE: On select and blocking

> David, > Please post a link to a manpage or other documentation that > justifies your > description of select. I posted a link to the SuSv2 description of 'select'. There is no guarantee there that a future operation will not block. http://www.opengroup.org/onlinepubs/007908799/xsh/sel

RE: renegotiating problem - connection hanging?

> David Schwartz wrote: > > No. That you cannot think of a way does not mean that no way exists. > > WTF ! Is dark the absence of light, or is light the absence of dark ? > Please prove your way exists, there are enough poll/select > implementations available to inspect. Your words have n

RE: renegotiating problem - connection hanging?

> David you are bringing completely unrelated issues into the situation. No, you are failing to understand my argument. > David Schwartz wrote: > ...SNIP... > > One other point, I didn't mention threads to argue that if > another thread > > steals your data, the operation will clearl

Re: FIPS 1.1 module availability

I heard 'very soon now' :) Tinnerello, Richard wrote: Can anyone say when the openssl-fips-1.1.tar.gz distribution announced on Saturday will be available for download? Thanks! Richard __ OpenSSL Project

FIPS 1.1 module availability

Can anyone say when the openssl-fips-1.1.tar.gz distribution announced on Saturday will be available for download? Thanks! Richard

RE: openssl 0.9.8 install issue?

Is your OS 8 or 9? Why not just get a package version from sunfreeware? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Alex Bartonek Sent: Wednesday, June 21, 2006 3:54 PM To: openssl-users@openssl.org Subject: RE: openssl 0.9.8 install issue? yes I ran

RE: openssl 0.9.8 install issue?

yes I ran configure and yes the prerequisites are met... what does the readme say..alot of stuff from a descripton of openssl, small overview about libssl.a, libcrypto... then about a young Tim Hudson and Eric Young how they fought off the cold weather and braved the harsh conditions in the Saha

RE: openssl 0.9.8 install issue?

yes.. I did a ldd svn ..seems as though I do not have the library.. --- Marek Marcola <[EMAIL PROTECTED]> wrote: > Hello, > > installing libcrypto.a > > installing libssl.a > > cp libcrypto.pc /usr/local/ssl/lib/pkgconfig > > chmod 644 > /usr/local/ssl/lib/pkgconfig/libcrypto.pc > > cp libssl.pc

RE: openssl 0.9.8 install issue?

Hello, > installing libcrypto.a > installing libssl.a > cp libcrypto.pc /usr/local/ssl/lib/pkgconfig > chmod 644 /usr/local/ssl/lib/pkgconfig/libcrypto.pc > cp libssl.pc /usr/local/ssl/lib/pkgconfig > chmod 644 /usr/local/ssl/lib/pkgconfig/libssl.pc > cp openssl.pc /usr/local/ssl/lib/pkgconfig > ch

RE: openssl 0.9.8 install issue?

So your issue is not after the package is installed... it's during the make/install phase. Did you run a configure prior to running make? What does the README files state? Are the pre-req packages installed eg. gcc3.2 and libiconv? -Original Message- From: [EMAIL PROTECTED] [mailto:[

RE: openssl 0.9.8 install issue?

no the export does not help... Here is the output of 'make': making all in crypto... making all in crypto/objects... making all in crypto/md2... making all in crypto/md4... making all in crypto/md5... making all in crypto/sha... making all in crypto/hmac... making all in crypto/ripemd... making a

RE: openssl 0.9.8 install issue?

Try adding: LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/lib/ssl; export LD_LIBRARY_PATH to see if that helps. Also, does the library actually exist? Questions: Did the compile work? Did the "make install" work? Did you see where the file was installed? -Original Message- From

RE: openssl 0.9.8 install issue?

no..I dont have a env variable as LD_LIBRARY_PATH setup currently.. also, /usr/lib/ssl/lib does not exist. (/usr/lib/ssl does though). -alex --- "Scott, James" <[EMAIL PROTECTED]> wrote: > Did you update your LD_LIBRARY_PATH to include > /usr/local/ssl/lib? > > -Original Message- > From

RE: openssl 0.9.8 install issue?

Did you update your LD_LIBRARY_PATH to include /usr/local/ssl/lib? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Alex Bartonek Sent: Wednesday, June 21, 2006 1:36 PM To: openssl-users@openssl.org Subject: openssl 0.9.8 install issue? I'm running Solaris 5

openssl 0.9.8 install issue?

I'm running Solaris 5.9 and did the basic install commands w/ openssl 0.9.8.. make make install when I run svn (subversion) I get the following error: ld.so.1: svn: fatal: libssl.so.0.9.8: open failed: No such file or directory Killed i'm stumped as to what I did wrong..did I miss a step somewh

sk_X509_pop_free correct usage Question?

Hello, I have the following code nothing fancy just opening a pkcs12 file and then trying to free every thing. when I run the code though purify I get an error on sk_X509_pop_free, Freeing unallocated memeory, Freeing memory read. If I don't uses sk_X509_free I get a memory leek but I don't

Re: regarding usage of SSL_CTX in server

jimmy wrote: Hi, I am trying to write an http server which supports virtual servers & ssl sessions. If I were to support the TLS 1.0 server name extension (which says different virtual servers cud send different certificates), then would I be able to use the same SSL_CTX across the different

On select and blocking

David, Please post a link to a manpage or other documentation that justifies your description of select. Your stat analogy is incomplete; stat returns the true file size, in the absence of other external factors, such as another process (or thread) doing something. Select makes the same guaran

SSL_shutdown() with non-blocking API not returning -1

Hello, I am trying to work a full SSL shutdown (close notify sent and received before closing the socket). The situation: * Am currently in established / active SSL state, with a working connection. * No shutdown notify has been received and we are being to instigate the shutdown notify.

RE: renegotiating problem - connection hanging?

Hello, > > People thought that if they got a read hit on a listening socket, they > could then call accept without blocking. Oops, if the connection terminated > before they called accept, they blocked. They couldn't think of a way, but > they were not *guaranteed* there was no way. Thing ar

Re: renegotiating problem - connection hanging?

David Schwartz wrote: No. That you cannot think of a way does not mean that no way exists. WTF ! Is dark the absence of light, or is light the absence of dark ? Please prove your way exists, there are enough poll/select implementations available to inspect. Your words have no weigh

Re: renegotiating problem - connection hanging?

David you are bringing completely unrelated issues into the situation. David Schwartz wrote: ...SNIP... One other point, I didn't mention threads to argue that if another thread steals your data, the operation will clearly block. I mentioned it to show that it's impossible for 'select