[openssl-users] "digest check failure" with AmigaOS3/m68k port of OpenSSL 1.0.x

Hello, I am the current maintainer of a still active port of OpenSSL to the AmigaOS platform which tries to wrap the OpenSSL library API into a full fledged Amiga shared library for applications requiring cryptographic functionality (see https://github.com/jens-maus/amissl). So yes, the Amiga

Re: The no-stdio and NO_FP_API options

That sounds good. How do you want my changes to be submitted? Via an attached diff here or by private mail? regards, Jens -- Jens Maus, Dresden/Germany http://jens-maus.de/ (Please note a real name change effective since 5.9.2013. Previous name: Jens Langner) > Am 05.09.2014 um 13:49 schr

Re: The no-stdio and NO_FP_API options

titioner. That was clear right from the start. regards, jens -- Jens Maus, Dresden/Germany http://jens-maus.de/ (Please note a real name change effective since 5.9.2013. Former name: Jens Langner) *** Content is authentic only with digital signature *** smime.p7s Description: S/MIME cryptographic signature

Re: The no-stdio and NO_FP_API options

t us to keep this, to > contribute code and effort so that we can do so. Right now it's a broken > build that nobody else can use. > > Does that make more sense? -- Jens Maus, Dresden/Germany http://jens-maus.de/ (Please note a real name change effective since 5.9.2013. Former name: J

Re: The no-stdio and NO_FP_API options

our decision is already made. All I can say is that AmiSSL perfectly builds without an file pointer based functions and without stdio. I can of course prepare a diff for you but this diff will then include other amiga related modifications as well. regards, jens -- Jens Maus, Dresden/Germany http

Re: The no-stdio and NO_FP_API options

t; Akamai Technologies, Cambridge MA > IM: rs...@jabber.me Twitter: RichSalz -- Jens Maus, Dresden/Germany http://jens-maus.de/ (Please note a real name change effective since 5.9.2013. Former name: Jens Langner) *** Content is authentic only with digital signature *** smime.p7s Description: S/MIME cryptographic signature

Re: Possibility to cache ca-bundle and reuse it between SSL sessions?

now more optimized and allows to perform SSL connections way faster. best regards, jens -- Jens Maus, Dresden/Germany http://jens-maus.de/ (Please note a real name change effective since 5.9.2013. Former name: Jens Langner) *** Content is authentic only with digital signature *** smime.p7s Description: S/MIME cryptographic signature

Re: Possibility to cache ca-bundle and reuse it between SSL sessions?

since I need to store the index number to access the external data outside the verify callback function. Or is there anything else I can do about that using OpenSSL functionality? best regards, jens -- Jens Maus, Dresden/Germany http://jens-maus.de/ (Please note a real name change effective since 5.9.2013. Former name: Jens Langner) *** Content is authentic only with digital signature *** smime.p7s Description: S/MIME cryptographic signature

Re: Possibility to cache ca-bundle and reuse it between SSL sessions?

Am 25.06.2014 um 18:09 schrieb Jeffrey Walton : > On Wed, Jun 25, 2014 at 11:45 AM, Jens Maus wrote: >> Of course, everything is possible. But if I create a global data structure >> now that uses the SSL* as a key so that I can search for that one within the >> verif

Re: Possibility to cache ca-bundle and reuse it between SSL sessions?

On 2014-06-25 at 17:33, Jeffrey Walton wrote: > On Wed, Jun 25, 2014 at 11:15 AM, Jens Maus wrote: >> ... >> >> Actually, I now understand that I can keep a single SSL_CTX throughout the >> whole lifetime of my application and just assign it to the SSL_new() call.

Re: Possibility to cache ca-bundle and reuse it between SSL sessions?

On 2014-06-25 at 16:58, Jakob Bohm wrote: > On 6/25/2014 3:23 PM, Jens Maus wrote: >> So how can I specify an own app_data for every connection? IMHO there should >> be something like SSL_set_cert_app_data() so that I can specify different >> app_data for diff

Re: Possibility to cache ca-bundle and reuse it between SSL sessions?

On 2014-06-25 at 16:28, Viktor Dukhovni wrote: > On Wed, Jun 25, 2014 at 03:23:27PM +0200, Jens Maus wrote: > >> Ok, but then please allow the question how I should deal with >> >> SSL_CTX_set_cert_verify_callback(sslCtx, func, conn); > > Set this callback

Re: Possibility to cache ca-bundle and reuse it between SSL sessions?

ecify different app_data for different SSL connections. regards, jens -- Jens Maus, Dresden/Germany http://jens-maus.de/ (Please note a real name change effective since 5.9.2013. Former name: Jens Langner) *** Content is authentic only with digital signature *** smime.p7s Description: S/MIME cryptographic signature

Re: Possibility to cache ca-bundle and reuse it between SSL sessions?

Hello Viktor, On 2014-06-25 at 00:49, Viktor Dukhovni wrote: > On Tue, Jun 24, 2014 at 07:58:27PM +0200, Jens Maus wrote: > >> conn->ssLCtx = SSL_CTX_new(SSLv23_client_method()); >> SSL_CTX_set_options(conn->sslCtx, SSL_OP_ALL | SSL_OP_NO_SSLv2); >> SSL_CTX_load

Possibility to cache ca-bundle and reuse it between SSL sessions?

se SSL_CTX_load_verify_locations() which actually loads the ca-bundle.crt file from disk every time a new connection (and thus SSL_CTX_load_verify_locations()) is initiated? Best regards, jens -- Jens Maus, Dresden/Germany http://jens-maus.de/ (Please note a real name change effective since 5.