On 11/6/2019 11:42 PM, Frederick Gotham wrote:
> Jordan Brown wrote:
>
>> Note that __pthread_once_slow is in the stack twice, called from
>> OPENSSL_init_crypto and CRYPTO_THREAD_run_once.
>>
>> "once" functions ensure that they call their function argument exactly
>> once, even if they are called
From: Frederick Gotham
To: openssl-users@openssl.org
Date: 11/07/2019 10:39 AM
Subject:[EXTERNAL] Re: SOLVED: Force use of engine all the time
Sent by:"openssl-users"
Frederick Gotham wrote:
> I don't think any code other than "libcrypt
Frederick Gotham wrote:
> I don't think any code other than "libcrypto.so" is using the TPM2, and so
> I don't know why I'm getting "device or resource busy" (considering I'm
> using a global named mutex)". I see that there's also a TPM2 tcti called
> "abrmd", and I'm not sure if this purpose i
I know I've called this "solved", but I've achieved my objective about 98%
so there's only a little bit left to go.
My changes to the source code for LibOpenSSL are confined to the file
"rand_lib.c".
Firstly, I've added the following code:
#include
#include
#include
static int Dummy__se
Jordan Brown wrote:
> Note that __pthread_once_slow is in the stack twice, called from
> OPENSSL_init_crypto and CRYPTO_THREAD_run_once.
>
> "once" functions ensure that they call their function argument exactly
> once, even if they are called multiple times in parallel while their
> function is
On 11/6/2019 3:03 AM, Frederick Gotham wrote:
>> I used GDB on the core file and saw the following backtrace:
>
> I think I'm actually getting a stack overflow from "openssl_config_int"
> calling "OPENSSL_init_crypto" because of the recursion.
No, a stack overflow would be much deeper.
> #0 0x0
> My temporary solution is to link "ssh-keygen" statically with a normal
> version of "libcrypto.a", and then have every other program link
> dynamically with my altered version of "libcrypto.so".
>
> I'll at least see if that works.
Yeah the problem is **definitely** that the function
"OPEN
Dmitry Belyavsky wrote
in
news:CADqLbz+6WbCpday_1Gq-Zmst1y-17Hbc1S9OvYtE4=b=njp...@mail.gmail.com:
> Could you please reproduce this behavior without your patches?
>
> On Wed, Nov 6, 2019 at 2:04 PM Frederick Gotham
> wrote:
>
>>
>>
>> > I used GDB on the core file and saw the following backt
Could you please reproduce this behavior without your patches?
On Wed, Nov 6, 2019 at 2:04 PM Frederick Gotham
wrote:
>
>
> > I used GDB on the core file and saw the following backtrace:
>
>
> I think I'm actually getting a stack overflow from "openssl_config_int"
> calling "OPENSSL_init_crypto"
> I used GDB on the core file and saw the following backtrace:
I think I'm actually getting a stack overflow from "openssl_config_int"
calling "OPENSSL_init_crypto" because of the recursion.
I have edited the source code for OpenSSL in the init functions so that the
config file always gets loaded. My config file specifies a custom engine, so
this means that every process that links with "libssl.so" or "libcrypto.so"
will use my custom engine.
The problem I'm having is that my dev
> Okay first I'll show the changes that I've made to the source code and
> build setup for "libopenssl".
I added one more change, I added to the beginning of the function
"OPENSSL_init_crypto" these two lines:
opts &= ~(uint64_t)OPENSSL_INIT_NO_LOAD_CONFIG;
opts |= OPENSSL_IN
Okay first I'll show the changes that I've made to the source code and
build setup for "libopenssl".
I have added two compiler flags: OPENSSL_NO_RDRAND, OPENSSL_LOAD_CONFIG
Not that the following compiler flag is NOT set:
OPENSSL_NO_AUTOLOAD_CONFIG
And here are the source code changes:
(1)
Since I already have a well-formed config file, I think it would be a
minimalistic change to hijack the "OPENSSL_noconfig" function (instead of
changing the code for Init).
But your idea could work too. Even if I do implement your idea though, I
will still remove the random number generation routi
If you are changing openssl, why not just change the init function to load your
engine and abort/exit/fail if it doesn’t load?
>> int OPENSSL_config(void)
>> {
>> return OPENSSL_config();
>> }
That first line should be:
int OPENSSL_noconfig(void)
I have a config file, "/etc/ssl/openssl.cnf". This config file gives the
details of an engine to use for random number generation. I know that this
config file is well-formed because I have confirmed that it uses my engine
when I try to use the "openssl" utility at the command line to generate a
ra
Hi,
Thanks again. This might sound like a very basic question but if I am right...the way to disable engine is to specify a -noengine flag while configuration rit? Also, does that automatically define the OPENSSL_NO_ENGINE flag?
Thanks for all the help.
JoeGeoff Thorpe <[EMAIL PROTECTED]> wrote
On July 7, 2004 06:39 pm, Joe smith wrote:
> I am new to openssl and am still exploring its use. Can someone tell me
> what is the use of the various Engines in openssl.
Well that depends on who you listen to, there are some who would tell you
that the sole use of those engines is to grow your li
Hi,
I am new to openssl and am still exploring its use. Can someone tell me what is the use of the various Engines in openssl.
And what happens if I disable the engine?
Joe
Do you Yahoo!?
Yahoo! Mail - 50x more storage than other providers!
20 matches
Mail list logo
