Re: Real-Time CRL handling

2009-06-22 Thread Daniel Black
Vadim, >David, Daniel actually. >thanks a lot for the info. >If i understood correctly OSCP is a protocol which permits real-time >CRL retreival... its real time verification of a single certificate. >My sittuation is a little bit different: a third party application >will retrieve CRLs and wil

Re: example code for OpenSSL

2009-06-22 Thread patfla
I added a prototype for DLLMain and then prototypes for vcheck() and bind_engine() were needed in many locations (all 'engines'-related). And then it compiled (and in my case since this is windows, DLLs were built). Apparently my prototypes were sufficiently well informed that openssl s_client w

Re: memory leak in openssl

2009-06-22 Thread Kyle Hamilton
It looks like you did not do an SSL_free when the connection was shut down. -Kyle H On Mon, Jun 22, 2009 at 1:16 AM, Vivek Subbarao wrote: > Hi, > > > > I am using openssl 0.9.8e that comes along with the linux rhel 5 u3 OS. We > have a client server architecture where both the client and server

Re: Real-Time CRL handling

2009-06-22 Thread Vadim Lebedev
Le 22 juin 09 à 15:46, Daniel Black a écrit : Any idea how to approach this problem? OCSP Maybe there is an example code somewhere? https://issues.apache.org/bugzilla/show_bug.cgi?id=41123 David, thanks a lot for the info. If i understood correctly OSCP is a protocol which permits re

Re: Real-Time CRL handling

2009-06-22 Thread Daniel Black
> Any idea how to approach this problem? OCSP > Maybe there is an example code somewhere? https://issues.apache.org/bugzilla/show_bug.cgi?id=41123 __ OpenSSL Project http://www.openssl.org User Su

Real-Time CRL handling

2009-06-22 Thread Vadim Lebedev
Hello, I've following situation: An application maintaining multiple SSL connections will receive a CRL's in real-time. The application will need to drop all connections authenticated by the certificates which where invalidated by the CRL. Any idea how to approach this problem? Maybe there is a

OpenSSL FIPS Runtime Module

2009-06-22 Thread Patrik Slouk
Hi, I do not understand, what means "runtime module" in FIPS certificate #? Are anywhere available these runtime modules, i.e. compiled libosslfips.dll and libfips.so ? Security policy - Installation instructions: 1. Copy the shared library file to the appropriate location on the host system.

memory leak in openssl

2009-06-22 Thread Vivek Subbarao
Hi, I am using openssl 0.9.8e that comes along with the linux rhel 5 u3 OS. We have a client server architecture where both the client and server use openssl for communication. When i run my server through valgrind i get the following error messages. Please do advice me on what i need to do to