SSL_connect and SSL_accept deadlock!

2010-11-02 Thread Md Lazreg
I have an SSL client that connects to an SSL server. The server is able to process 1000s of clients just fine on a variety of platforms [Window/Linux/HP/Solairs] for long periods of time. The problem that is driving me nuts is that from time to time like once every 24 hours some client fails to co

Re: trust settings on the root CA

2010-11-02 Thread Dr. Stephen Henson
On Tue, Nov 02, 2010, Michael Strder wrote: > Michael Ströder wrote: > > man 1ssl verify says: > > > > "The third operation is to check the trust settings on the root CA. The root > > CA should be trusted for the supplied purpose. For compatibility with > > previous > > versions of SSLeay and Op

Re: trust settings on the root CA

2010-11-02 Thread Michael Ströder
Michael Ströder wrote: > man 1ssl verify says: > > "The third operation is to check the trust settings on the root CA. The root > CA should be trusted for the supplied purpose. For compatibility with previous > versions of SSLeay and OpenSSL a certificate with no trust settings is > considered to

trust settings on the root CA

2010-11-02 Thread Michael Ströder
man 1ssl verify says: "The third operation is to check the trust settings on the root CA. The root CA should be trusted for the supplied purpose. For compatibility with previous versions of SSLeay and OpenSSL a certificate with no trust settings is considered to be valid for all purposes." I wond

RE: B64_read_PKCS7 : Anyone modified the base64 reader to be more forgiving?

2010-11-02 Thread Harakiri
--- On Thu, 10/28/10, Dave Thompson wrote: > From: Dave Thompson > Subject: RE: B64_read_PKCS7 : Anyone modified the base64 reader to be more > forgiving? > To: openssl-users@openssl.org > Date: Thursday, October 28, 2010, 7:00 PM > > From: owner-openssl-us...@openssl.org > On Behalf Of Harak

cross compile openSSL for octeom

2010-11-02 Thread Naama Bar Menachem
Hi I need to cross-compile openSSL. My target should be: mips64-octeon-linux-gnu And the host is:i686-pc-linux-gnu How can I do so? I don't find "octeon" on the os/compiler list ./Configure is showing Naaama Bar-Menachem Software Engineer, R&D T: +972-9788-9737

String-Representations of DNs

2010-11-02 Thread Michael Ströder
HI! It's confusing that OpenSSL seems to output distinguished names in different string representations. While one can use command-line argument -nameopt to influence the output of openssl x509 -issuer -subject this does not affect DN output of X.509v3 extensions and there's no such argument for

RE: B64_read_PKCS7 : Anyone modified the base64 reader to be more forgiving?

2010-11-02 Thread Harakiri
--- On Thu, 10/28/10, Dave Thompson wrote: > From: Dave Thompson > Subject: RE: B64_read_PKCS7 : Anyone modified the base64 reader to be more > forgiving? > To: openssl-users@openssl.org > Date: Thursday, October 28, 2010, 7:00 PM > > From: owner-openssl-us...@openssl.org > On Behalf Of Harak