I am facing some random crash issues using libcurl with openssl in a Multi
threaded program. I wrote a sample code to create 2 threads that will ping
to https://www.google.com.
Using [libcurl- 7.21.7] [openssl- 1.0.0d]
I have implemented the two callbacks function required by openssl
This patch fixes two padding related bugs for the Heartbeat Response messages.
For DTLS, the wrong pointer was used, which may overwrite the payload with the
random padding. For TLS, there was no random padding at all.
Best regards
Robin
tls-heartbeat-padding-bug-1.0.1.patch
Is it multithreaded curl? one version of the curl i used was doing
openssl_init and cleanup in its init and cleanup routines and it was not
multithreaded. result was my code would not work properly if curl_cleanup
is called before.
On Mon, Feb 27, 2012 at 7:52 PM, Anurag Shukla
The certificate example you gave seems to be corrupted: the parse
rejects it and it never calls i2c_ASN1_BIT_STRING().
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
Hi,
The certificate example you gave seems to be corrupted: the parse
rejects it and it never calls i2c_ASN1_BIT_STRING().
You're right, I'm sorry, I have mixed it up with another test.
This one is the right one.
Thank you for looking into this issue !
Regards,
Remi Gacogne
On Mon, 27 Feb 2012, Remi Gacogne wrote:
You're right, I'm sorry, I have mixed it up with another test.
This one is the right one.
Ok, just checked by downloading the certificate from RT, and it is
corrupted again.
I can't think of any other way that putting it here :
NetBSD recently changed to a /dev/urandom implementation which keys a
stream generator per-open rather than one that draws bits directly
from the kernel entropy pool. When we did this we added a number of
extra warnings that are triggered by applications consuming large
amounts of entropy.
[rgacogne-b...@coredump.fr - Mon Feb 27 18:45:51 2012]:
On Mon, 27 Feb 2012, Remi Gacogne wrote:
You're right, I'm sorry, I have mixed it up with another test.
This one is the right one.
Ok, just checked by downloading the certificate from RT, and it is
corrupted again.
I can't
On Mon, 27 Feb 2012, Stephen Henson via RT wrote:
OK thanks it works fine now. The cause is rather subtle: when OpenSSL
reencodes a BIT STRING it normally preserves the original encoding so
this shouldn't happen. However in the case of a BIT STRING inside a Name
(X509_NAME) structure it
[rgacogne-b...@coredump.fr - Mon Feb 27 20:24:34 2012]:
On Mon, 27 Feb 2012, Stephen Henson via RT wrote:
OK thanks it works fine now. The cause is rather subtle: when OpenSSL
reencodes a BIT STRING it normally preserves the original encoding so
this shouldn't happen. However in the
It seems that the padlock engine does something wrong for
aes192 and aes256. Things work perfectly with aes128.
If I use openssl enc -aes256 -nosalt to encrypt something
it generates something different with and without the padlock
engine loaded.
Also, when the padlock engine is loaded,
On Tue, Feb 28, 2012 at 12:08:31AM +0100, Andy Polyakov via RT wrote:
In Debian we ship several versions of the shared libraries on i386.
One that's build the default instruction set of that architecture
(which is still i486 I think), and then 2 optimised versions,
one for 586 and one for
On Tue, Feb 28, 2012 at 12:08:31AM +0100, Andy Polyakov via RT wrote:
In Debian we ship several versions of the shared libraries on i386.
One that's build the default instruction set of that architecture
(which is still i486 I think), and then 2 optimised versions,
one for 586 and one for
I have check the libcurl code and it is calling Curl_ssl_init() only once
on call from curl_global_init() and Curl_ssl_cleanup() once on call from
curl_global_cleanup().
On Mon, Feb 27, 2012 at 10:31 PM, Keyoor Khristi
keyoor.khri...@gmail.comwrote:
Is it multithreaded curl? one version of the
14 matches
Mail list logo