You will have to use JNI to do that. But java has good ssl built-in
support, you shouldn't do this
On Jan 23, 2008 5:13 PM, tigerpaw [EMAIL PROTECTED] wrote:
Hi
I am currently working on calling crypto library from Java program. Since
the algorithms are already available in OpenSSL i presume
Paul Sheer, 2008-01-29:
Let's say you have 1600 clients. Let's say that you have 40 threads, and
each thread
handles 40 connections. Now let's say that each thread initializes it's own
SSL_CTX structure.
The SSL_CTX structure contains most of the data required for SSL
functionality.
There is no global variable named errno, it only exist in the TLS. You
could say that because there is only 1 TLS, that it's global, and it
acts that way. But it's not really the same as a normal global
variable. You can't access the variables in the same manner you access
other global
On Tue, 2008-01-29 at 07:54 -0800, David Schwartz wrote:
There is no global variable named errno, it only exist in the TLS.
You
could say that because there is only 1 TLS, that it's global, and it
acts that way. But it's not really the same as a normal global
variable. You can't access
Another possibility, if you absolutely must go through OpenSSL, is to set
up the OpenSSL side as some type of server and use some sort of
client/server model. This isn't entirely brain-dead -- I've been looking
at that as a way to put an airgap between the bulk of code that handles
code and the
The answer is that if you're compiled single-threaded, it's perfectly
legal.
If you're multi-threaded, it's not.
err, nobody codes like this
find me an example in real-life code that is being used.
better yet, find me an example in OpenSSL.
Your other points I agree with however.
Let's
Leandro Santi, 2008-01-29:
I won't argue with you about using the library in an
undocumented manner; but I *do* think it'd be interesting
to get some real quantitative data: we could use it as a
basis to discuss possible future library modifications,
more compatible with your requests.
One
This behavior, by itself, does not necessary guarantee
that your OpenSSL library code won't race against itself,
won't corrupt its own data, or crash (hint: learn about
the MySQL case, search the archives).
it's own data?? - well this is exactly why I asked on this
list :-) I wanted to get a
void foo(void)
{
static int *my_errno=NULL;
if(my_errno==NULL) my_errno=errno;
// code that uses 'my_errno' as if it were 'errno'
}
No, this is not legal code under the POSIX standard at all.
Since this code is single-threaded only, what POSIX standard are you talking
about? The pthreads
Further, on some systems you can't link with libpthread
if you intend to use fork(). I have two builds of my
software, one that does fork()ing and one that does
pthread_create()ing. So I am trying to avoid having to have two
installations of OpenSSL on every build platform.
I find it hard
void foo(void)
{
static int *my_errno=NULL;
if(my_errno==NULL) my_errno=errno;
// code that uses 'my_errno' as if it were 'errno'
}
No, this is not legal code under the POSIX standard at all.
Since this code is single-threaded only, what POSIX standard are you talking
about? The
Well, I'm late to this discussion, but it would seem to me that quite
a few things are wrong with that ...
First, my_errno=errno; might be more appropriate, after all, you need
to reference the address of errno, not the current value, right? But that
would also assume errno is declared as
Hi,
Try Eric Rescorla's SSL and TLS book - the appendix has some Java code.
Paul
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED]
Sent: Tuesday, January 29, 2008 11:54 AM
To: openssl-dev@openssl.org
Subject: Re:
I find it hard to believe that there exists a platform where:
On FreeBSD/OpenBSD my program outright core dumped and I could not
figure out why for days and days. Now I have two separate builds - one built
with -D_REENTRANT -DTHREADS ... -lpthread and one without.
Only with Linux do you have
On Tue, Jan 29, 2008 at 10:22:16PM +0200, Paul Sheer wrote:
I find it hard to believe that there exists a platform where:
On FreeBSD/OpenBSD my program outright core dumped and I could not
figure out why for days and days. Now I have two separate builds - one built
with -D_REENTRANT
On Tue, Jan 29, 2008 at 07:54:54AM -0800, David Schwartz wrote:
There is no global variable named errno, it only exist in the TLS. You
could say that because there is only 1 TLS, that it's global, and it
acts that way. But it's not really the same as a normal global
variable. You
Hi all,
3 X509_V_ERR_UNABLE_TO_GET_CRL unable to get certificate CRL
should read
3 X509_V_ERR_UNABLE_TO_GET_CRL: unable to get certificate CRL
i.e. there is a colon missing. If there is any interest, I can create a patch
but it is probably faster for both sides if someone with commit access
The answer is that if you're compiled single-threaded, it's
perfectly legal.
If you're multi-threaded, it's not.
I guess by legal you mean that it has defined behaviour.
Yes, that's correct.
Both the C99 standard and SUS have this nice warning in it. In C99:
errno
On FreeBSD/OpenBSD my program outright core dumped and I could not
figure out why for days and days.
So you had a bug in your code. So what?
Now I have two separate builds - one built
with -D_REENTRANT -DTHREADS ... -lpthread and one without.
Only with Linux do you have the freedom of
Any argument which begins with on Linux or (generalized) on
[platform] is automatically suspect, regardless of whether there is
any currently-extant platform which violates the assumptions put
forward.
For an example of why this is a problem, remember the assumption on 32-
bit platforms
On 01/23/2008 05:13 PM, tigerpaw wrote:
Hi
I am currently working on calling crypto library from Java program. Since
the algorithms are already available in OpenSSL i presume i need to make
calls to the necessary methods.
Does anyone have an example of Java programs calling the
21 matches
Mail list logo
