Hi, I've recently started looking at OpenSSL programming API and I'm a
bit confused about thread locking funtions:
1. Static VS Dynamic locking callbacks
Why have both? Does OpenSSL use dynamic callbacks? Can I omit static
callbacks and only use dynamic, or maybe static callbacks are mandatory
wh
On Mon, 15 Feb 2010 15:19:23 +0100
"Steffen DETTMER" wrote:
> * Sad Clouds wrote on Mon, Feb 15, 2010 at 13:18 +:
> > 2. Rationale for callbacks?
> >
> > Pushing some of the responsibility for locking OpenSSL internal
> > structures to application dev
On Mon, 15 Feb 2010 11:39:51 -0500
"Lee Linkoff" wrote:
> Can someone please give me some links to some basic tutorials on
> "locking callbacks". I tried different searches on Google, but no
> links to basic tutorials came up. I tried different search criteria.
>
> To date, I have never used t
On Tue, 6 Apr 2010 21:17:01 +0200
"Dr. Stephen Henson" wrote:
> Well that actual manual page is rather old and it still talks about
> PRNG initialisation which dates from the time OpenSSL didn't handle
> that automatically on many platforms.
So are you saying there is no need to seed PRNG? Is th
Greetings, I'm trying to develop a simple SSL module for a web server.
I don't have much experience with cryptography and OpenSSL, so I am bit
confused about various combinations of cipher suits when performing key
exchange and authentication.
1. I assume RSA key exchange and authentication is th
Hi, is there any sort of documentation on how to use SNI with OpenSSL?
For example, what functions to use and what steps to take.
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
On Fri, 09 Apr 2010 16:50:48 +0200
Peter Sylvester wrote:
> Sad Clouds wrote:
> > Hi, is there any sort of documentation on how to use SNI with
> > OpenSSL?
> As far as I know, only the source in s_client and s_server.c
OK thanks. I'll have a look at the source code of
I'm testing a very simple SSL web server. Everything seems to work OK
with RSA and DSA 1024-bit keys.
I tried using DSA 2048-bit key and now I'm getting errors:
# Generate DSA parameters
openssl dsaparam -out dsa_param.pem -outform PEM 2048
# Generate a certificate request
openssl req -newkey d
On Sat, 10 Apr 2010 15:55:38 +0100
Sad Clouds wrote:
> I'm testing a very simple SSL web server. Everything seems to work OK
> with RSA and DSA 1024-bit keys.
>
> I tried using DSA 2048-bit key and now I'm getting errors:
Maybe it's just the Firefox issue, trying &#
On Sat, 10 Apr 2010 15:55:38 +0100
Sad Clouds wrote:
> On the server side I set up a callback function for DH parameters:
Could someone explain to me the relationship between DH parameters and
DSA key lengths? For example, with larger keys, do I need to load
larger DH paramet
On Sun, 11 Apr 2010 23:29:27 -0400
"Dave Thompson" wrote:
> Aside: do you really need this? FIPS 186-3 extended DSA to 2k and 3k,
> but SP 800-57 no longer approves classic DSA for USgovt use at all,
> even in the new sizes, it switches to ECDSA instead.
I probably don't need DSA, I was testin
Please note, I don't know the insides of OpenSSL, but I do a lot of
multithreaded programming on Unix, so the following are not authorative
answers, just my own opinions:
> 1) According to the FAQ, "an SSL connection may not concurrently be
> used by multiple threads". Does this mean that an SSL
On Sun, 18 Apr 2010 21:11:40 -0700
"David Schwartz" wrote:
>
> Sad Clouds wrote:
>
> > > 1) According to the FAQ, "an SSL connection may not concurrently
> > > be used by multiple threads". Does this mean that an SSL
> > > connec
On Sun, 18 Apr 2010 23:35:16 +0200 (CEST)
Ondrej Jombik wrote:
> [ Please Cc me in the answer as I'm not in the list. Thank you. ]
>
> I was googlig for over two days and now I'm stuck. The thing I would
> like to accomplish is to bind outgoing SSL connection to certain IP
> address.
>
> Our se
On Mon, 19 Apr 2010 11:58:51 +0200 (CEST)
Ondrej Jombik wrote:
> I do need this for client side. Machine where connection is
> originating has several IP addresses and the remote machine will
> accept connection only from one of those. So I need to choose exactly
> one source IP address when crea
On Mon, 19 Apr 2010 11:09:33 -0700
"Jeremy Farrell" wrote:
> That's the usual way to handle significant numbers of connections.
> For many programs handling a small number of connections, two threads
> per connection is the normal approach. It's simpler, and much easier
> to port between OSes. Ho
On Wed, 16 Jun 2010 12:14:49 -0400
Brandon McCaig wrote:
> Hello,
>
> I'm having trouble finding up-to-date tutorials (or any documentation
> at all) for the OpenSSL APIs. The best one that I have found is
> apparently from 2004:
>
> http://www.ibm.com/developerworks/linux/library/l-openssl.htm
17 matches
Mail list logo
