To clarify, I will probably just use the API you suggested to make it more
simple. Was distracted by my obvious oversight.
From: openssl-users on behalf of Jason
Schultz
Sent: Friday, November 5, 2021 1:59 PM
To: Tomas Mraz ; openssl-users@openssl.org
before I know if the user wants FIPS or not. I may just set up two stores, or I
need to change the order of how I do things.
Thanks,
Jason
From: Tomas Mraz
Sent: Friday, November 5, 2021 1:52 PM
To: Jason Schultz ; openssl-users@openssl.org
Subject: Re
ry context/provider
setup, or 3.0.
Let me know if you need more info.
Thanks,
Jason
From: Tomas Mraz
Sent: Friday, November 5, 2021 1:19 PM
To: Jason Schultz ; openssl-users@openssl.org
Subject: Re: Establishing connection errors
On Fri, 2021-11-05 at 13:04
I know I've been raising a lot of issues this week, because of varying reasons,
but I've hit another one that seems like either an OpenSSL problem, or
something new/different I need to do with OpenSSL 3.0 in connection
establishment.
To recap, I'm using two non-default library contexts, one
From: openssl-users on behalf of Viktor
Dukhovni
Sent: Wednesday, November 3, 2021 9:25 PM
To: openssl-users@openssl.org
Subject: Re: X509_get_pubkey() in OpenSSL 3.0?
On Wed, Nov 03, 2021 at 08:32:43PM +, Jason Schultz wrote:
> To summar
ng?
Jason
From: openssl-users on behalf of Viktor
Dukhovni
Sent: Wednesday, November 3, 2021 4:47 PM
To: openssl-users@openssl.org
Subject: Re: X509_get_pubkey() in OpenSSL 3.0?
On Wed, Nov 03, 2021 at 12:38:51PM +0000, Jason Schultz wrote:
> In any case, things appear to b
, 2021 9:01 PM
To: openssl-users@openssl.org
Subject: Re: X509_get_pubkey() in OpenSSL 3.0?
On Tue, Nov 02, 2021 at 08:28:01PM +, Jason Schultz wrote:
> Victor-
>
> I can't seem to find any documentation on SSL_CTX_get0_privatekey(),
> but by the name of it, it sounds like
Victor-
I can't seem to find any documentation on SSL_CTX_get0_privatekey(), but by the
name of it, it sounds like it's getting the private key; I'm trying to get the
public key.
That said, I should probably explain more of why I'm doing what I'm doing,
because there may be an easier way all
:15:79:09:0f:34:
14:02:21:00:fd:29:34:bf:bb:c5:02:0d:9a:04:44:6e:94:22:
52:b4:0e:ab:1f:3d:15:5c:07:47:eb:76:68:80:f9:72:96:f6
From: openssl-users on behalf of Jason
Schultz
Sent: Tuesday, November 2, 2021 7:42 PM
To: openssl-users@openssl.org
I thought I should start a new thread since this question was buried in my
"FIPS" thread and I dont' think it has anything to do with FIPS and OpenSSL
providers. I'm hitting another problem that I think is related to the migration
to OpenSSL 3.0, as this code works with OpenSSL 1.1.1 (and 1.0.2
e same "FIPS OpenSSL 3.0" thread because I'm not 100% sure
it's unrelated.
What am I missing here?
Thanks,
Jason
From: Matt Caswell
Sent: Thursday, October 28, 2021 6:03 PM
To: Jason Schultz ; Dr Paul Dale ;
openssl-users@openssl.org
Subject: Re: O
rypto.so.3
Thanks,
Jason
From: Matt Caswell
Sent: Thursday, October 28, 2021 2:00 PM
To: Jason Schultz ; Dr Paul Dale ;
openssl-users@openssl.org
Subject: Re: OpenSSL 3.0 FIPS questions
On 28/10/2021 14:49, Jason Schultz wrote:
> A call to OSSL_PROVIDER_ava
anyone reading this agree?
I'm running into another issue that I need to troubleshoot a bit more before I
add too much information and too many questions to a single message.
Thanks to everyone for their help with this, things are starting to make more
sense now.
___
't have any environment variables set up? I'm not sure what the default
search path is.
Jason
From: Matt Caswell
Sent: Wednesday, October 27, 2021 10:34 AM
To: Jason Schultz ; Dr Paul Dale ;
openssl-users@openssl.org
Subject: Re: OpenSSL 3.0 FIPS questions
Ah, OK. Yes, I am running on the same machine. Thanks for clarifying.
From: Kory Hamzeh
Sent: Tuesday, October 26, 2021 9:15 PM
To: Jason Schultz
Cc: Dr Paul Dale ; openssl-users@openssl.org
Subject: Re: OpenSSL 3.0 FIPS questions
Actually, if you
e you saying I still needed to do "openssl fipsinstall" after the 4 steps I
already did?
Thanks,
Jason
From: Kory Hamzeh
Sent: Tuesday, October 26, 2021 8:13 PM
To: Jason Schultz
Cc: Dr Paul Dale ; openssl-users@openssl.org
Subject: Re: OpenSSL 3.0
nks,
Jason
From: Dr Paul Dale
Sent: Monday, October 25, 2021 9:37 PM
To: Jason Schultz ; openssl-users@openssl.org
Subject: Re: OpenSSL 3.0 FIPS questions
It was meant for the second method only. The first method is using different
library contexts to dis
have much impact. You will need a fips section
specifying where the integrity check data are. You shouldn't need base or
default sections.
Pauli
On 25/10/21 5:23 am, Jason Schultz wrote:
Thank you for your response. I think all of that makes sense, and seems to
accomplish what I want progra
Thank you for your response. I think all of that makes sense, and seems to
accomplish what I want programmatically, limiting it to my application. I guess
the only question I have is what about the config files? Should they remain as
they were installed, or do I need to provide sections for
Quick aside: I know the 3.0 FIPS module is not "approved" yet, I'm just trying
to get my application updates done in advance.
I’m porting an application from OpenSSL 1.1.1, which was originally written for
OpenSSL 1.0.2, to OpenSSL 3.0. Going to 3.0, I need to incorporate FIPS usage.
My Linux
OpenSSL SSL_SESSSIONS are reference-counted. This is typical of a
number of similar sufficiently complex structures for which it makes
more sense to bump a reference counter than to make a copy.
The SSL_SESSION_free(3), X509_free(), and various other calls just
decrement the reference counter,
I’m not sure I fully understand client-side sessions in OpenSSL. My
understanding is that on the server side, OpenSSL internally handles managing
sessions. On the client side, they need to be handled by the application. This
is true for both TLS 1.3 and TLS 1.2 (and prior), even though both
I read the most recent (10/20) update to the OpenSSL 3.0 release page here:
https://www.openssl.org/blog/blog/2020/10/20/OpenSSL3.0Alpha7/
As well as the release strategy:
https://wiki.openssl.org/index.php?title=OpenSSL_3.0_Release_Schedule=3099
I have not done anything with the Alpha
From: openssl-users on behalf of Viktor
Dukhovni
Sent: Monday, March 30, 2020 9:19 PM
To: openssl-users@openssl.org
Subject: Re: Peer certificate verification in verify_callback
On Mon, Mar 30, 2020 at 09:02:47PM +, Jason Schultz wrote:
> I won't get into the details of
users on behalf of Viktor
Dukhovni
Sent: Monday, March 30, 2020 6:17 PM
To: openssl-users@openssl.org
Subject: Re: Peer certificate verification in verify_callback
On Thu, Mar 05, 2020 at 02:04:27PM +0000, Jason Schultz wrote:
> I have some questions about my application’s verify_callback() fu
Just wanted to bring this up again as I didn't get any responses initially. Has
anyone dealt with this or similar issues with OpenSSL 1.1.1?
From: openssl-users on behalf of Jason
Schultz
Sent: Thursday, March 5, 2020 2:04 PM
To: openssl-users@openssl.org
Changing the subject to be more relevant to my questions. Just wanted to ping
the list again.
From: openssl-users on behalf of Jason
Schultz
Sent: Friday, March 20, 2020 3:21 PM
To: openssl-users@openssl.org
Subject: Re: OpenSSL server sending certificate
PM
To: openssl-users@openssl.org
Subject: Re: OpenSSL server sending certificate chain(inc. root cert) during
handshake
> On May 31, 2019, at 3:20 PM, Jason Schultz wrote:
>
> My questions deal with #2: Why does OpenSSL include the root cert in the
> certificate chain?
The OpenSSL SSL_
I have some questions about my application’s verify_callback() function and how
I handle some of the OpenSSL errors.
For example, if my client application is presented a self-signed certificate in
the handshake, verify_callback() is called with an error, for which
X509_STORE_CTX_get_error()
That's fair. So the only option is to use another module? Extended 1.0.2
support does not resolve this either, correct?
From: Salz, Rich
Sent: Thursday, February 27, 2020 8:49 PM
To: Jason Schultz ; openssl-users@openssl.org
Subject: Re: OpenSSL 3.0
For option 2, we have a support contract in place. But does this actually help
us as far as the FIPS Object Module?
From: openssl-users on behalf of Neptune
Sent: Thursday, February 27, 2020 8:56 PM
To: openssl-users@openssl.org
Subject: Re: OpenSSL 3.0
You
Thanks for all of the responses. This question has led to other related topics,
so I have another one. According to this blog:
https://keypair.us/2019/12/rip-fips-186-2/
The OpenSSL FIPS Object Module will be moved to the CMVP historical list as of
9/1/2020. Since there is no OpenSSL 3.0 until
Greetings. It has been several months since this blog post on OpenSSL 3.0:
https://www.openssl.org/blog/blog/2019/11/07/3.0-update/
“We are now not expecting code completion to occur until the end of Q2 2020
with a final release in early Q4 2020.”
Is OpenSSL 3.0 still expected to reach
Nicola...my apologies for the typo...
From: openssl-users on behalf of Jason
Schultz
Sent: Friday, February 21, 2020 1:05 PM
To: Nicola Tuveri
Cc: openssl-users
Subject: Re: Questions about using Elliptic Curve ciphers in OpenSSL
Nicole-
This was very
way to test before
they have their own certificate, signed by a CA).
Thanks again.
From: Nicola Tuveri
Sent: Wednesday, February 19, 2020 9:42 PM
To: Jason Schultz
Cc: Kyle Hamilton ; openssl-users
Subject: Re: Questions about using Elliptic Curve ciphers
ediate ecparams file? Or is there
something else I'm missing on the generation of certificate/private key pairs?
Thanks,
Jason
From: Nicola Tuveri
Sent: Tuesday, February 18, 2020 2:50 PM
To: Jason Schultz
Cc: Kyle Hamilton ; openssl-users
Subject:
/dsaparams/, which is
readable. Should that file also reside in /etc/ssl/private/ so it's protected?
Thanks.
From: Kyle Hamilton
Sent: Sunday, February 16, 2020 10:49 PM
To: Jason Schultz
Cc: Thulasi Goriparthi ; openssl-users
Subject: Re: Questions about using
you
should regenerate a new keypair/certificate to use. Otherwise, anyone who can
manipulate traffic to your machine can execute a man-in-the-middle attack.
-Kyle H
On Fri, Feb 14, 2020, 07:40 Jason Schultz
mailto:jetso...@hotmail.com>> wrote:
Thank you for your response Thulasi, this
Thank you for your response Thulasi, this helped. I'm posting this back to the
OpenSSL users list in case it helps anyone else, and in case anyone can help
with my additional questions. While waiting for responses, I've been able to
find out how my certificate and keys were generated. I'd like
m? Or do I need them in
a separate file?
From: Salz, Rich
Sent: Tuesday, February 11, 2020 4:37 PM
To: Jason Schultz ; openssl-users@openssl.org
Subject: Re: Questions about using Elliptic Curve ciphers in OpenSSL
The first thing I would suggest is to separate ECDH, the session key ex
Anyone have any advice on Elliptic Curve?
Thanks in advance.
From: openssl-users on behalf of Jason
Schultz
Sent: Friday, February 7, 2020 2:58 AM
To: openssl-users@openssl.org
Subject: Questions about using Elliptic Curve ciphers in OpenSSL
I’m somewhat
I’m somewhat confused as to what I need to do to use ECDHE ciphers
(ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, etc). I’m hoping
this list can help, or at least point me to a good tutorial somewhere. A lot of
the information I’ve looked at is from the following links:
That makes sense. Thanks to everyone for the responses.
Jason
From: Dave Coombs
Sent: Wednesday, November 13, 2019 5:30 PM
To: Jason Schultz
Cc: openssl-users@openssl.org
Subject: Re: sk_X509_OBJECT_num()
Hi,
They're macros, defined in SKM_DEFINE_STACK_OF
Hello-
I am updating my Linux application from using OpenSSL 1.0.2 to 1.1.1 in
preparation for OpenSSL 3.0 (and of course the EOL of 1.0.2). I'm confused
about the function in the subject line as well as other, related sk_X509_*
functions.
My code has always used these functions, and
mportantly, can I force OpenSSL to not send the root cert?
Thanks,
Jason
From: Sam Roberts
Sent: Friday, May 31, 2019 7:32 PM
To: Jason Schultz
Cc: openssl-users@openssl.org
Subject: Re: OpenSSL server sending certificate chain(inc. root cert) during
handshake
I believe this behavior is common among all supported versions of OpenSSL, but
most of my testing has been with OpenSSL 1.0.2, the latest LTS release.
My application using OpenSSL is acting as a server. I have a server certificate
configured that has been signed by a self-signed/root
: Re: X509_STORE_CTX_get1_certs
On Wed, May 29, 2019 at 07:44:26PM +, Jason Schultz wrote:
> It looks like this function is available in OpenSSL 1.1.1 (not available
> in 1.0.2) and I think I need to use it, but I can't find documentation for
> it anywhere.
In 1.0.2 it w
It looks like this function is available in OpenSSL 1.1.1 (not available in
1.0.2) and I think I need to use it, but I can't find documentation for it
anywhere.
Is this an over site, or am I missing something obvious?
Thanks,
Jason
| Cryptographer | Network Security & Encryption
Phone +61 7 3031 7217
Oracle Australia
From: Jason Schultz [mailto:jetso...@hotmail.com]
Sent: Wednesday, 13 February 2019 9:39 AM
To: openssl-users@openssl.org
Subject: [openssl-users] FIPS Module for OpenSSL 1.1.1
Just wondering if there is a
Just wondering if there is a time frame for the availability of the FIPS Module
for OpenSSL 1.1.1? Q3 2019? Q4?
I realize this has been asked before, but the most recent answer I found was
from several months ago, so I thought there might be new information.
Thanks in advance.
--
Just curious, but does this satisfy Section 6.6 of the User Guide, since the CD
does not come directly from the OpenSSL Foundation?
I don't have a huge need to know, just curious since as with a lot of issues
regarding FIPS, no answer would surprise me.
>From the original question, it appears the server here only supports two
>cipher suites:
RSA_With_AES_128_CBC_SHA and RSA_With_3DES_EDE_CBC_SHA
This would explain the alert 71, which is the sent because there are no cipher
suites in common.
From:
I am re-posting this (and another) message to the list as I was having email
issues with the list and I posted an erroneous subject line, which may have
deterred responses.
I have another question that was encountered at the same time as my previous
one, but I believe it is two separate
Greetings. I am re-posing this message (as well as another message) to the list
as I was having problems with my list membership when it was posted, and I also
made a mistake in the subject line, which may have deterred some responses.
I'm having problems building OpenSSL, starting with 1.0.1g.
I have another question that was encountered at the same time as my previous
one, but I believe it is two separate issues, so I created a different thread.
When building 1.0.2g and attempting to remove some ciphers at build time
("no-idea"), I discovered that the Make scripting was attempting
Greetings. I'm having problems building OpenSSL, starting with 1.0.1g. The
scenario is as follows.
I'm not sure when the problem was introduced; however, with the compiling-out
of SSLv2 *by default* in -1.0.2g, that change has exacerbated this problem.
(That is, instead of affecting only
with a FIN without first
sending a close_notify
On Mon, Apr 20, 2015 at 03:03:37PM +, Jason Schultz wrote:
We am seeing the following situation and are not quite sure the proper
way to handle it, so I thought I'd solicit the mailing list. Our application
is an FTP server using OpenSSL
Greetings.
We am seeing the following situation and are not quite sure the proper way to
handle it, so I thought I'd solicit the mailing list. Our application is an FTP
server using OpenSSL. The peer is a non-OpenSSL FTP client in active mode.
The problem comes in with how the FTP client handles
Is this function available to call in OpenSSL 1.0.1? I'm trying to call it from
my application running a FIPS capable version of OpenSSL (everything else
works, turning FIPS on, etc), but I include fips.h but I get a compile error
saying the function was not declared.
I did find something in
Hmm. I am pretty sure I was linking against the FIPS capable OpenSSL but I will
double check tomorrow to make sure I did it right.
Thanks.
On Mar 10, 2015, at 7:28 PM, Dr. Stephen Henson st...@openssl.org wrote:
On Tue, Mar 10, 2015, Jason Schultz wrote:
Is this function available
I guess I didn't have the correct fips.h file in my include path when I
couldn't get it to compile. But I don't think it will work for my purposes
since if I install my application on another system, that entry point is not
defined in libcrypto.so or libssl.so.
Does anyone know if it's really
I've been trying to build the latest (1.0.1i) OpenSSL, and I'm having problems
with the self-tests.
The steps I followed were the same steps I used to build a FIPS enabled 1.0.1h.
I built the FIPS object module using the 2.0.6 ecp module without issue. When I
attempt to build the FIPS capable
Thank you for the fast reply.
On Aug 13, 2014, at 4:31 PM, Jeffrey Walton noloa...@gmail.com wrote:
On Wed, Aug 13, 2014 at 5:19 PM, Jason Schultz jetso...@hotmail.com wrote:
I've been trying to build the latest (1.0.1i) OpenSSL, and I'm having
problems with the self-tests.
...
http
I'm having trouble figuring out how to get a CRL I created working. I'll start
from the beginning, apologies for length.
First, I created my own CA with OpenSSL (1.0.1h) on my server machine,
consisting of 3 certificates: root - serverCA - serverI successfully opened
connections from my client
It appears this is resolved already, sort of. It appears the one thing I did
not try after revoking the serverCA certificate with my root was to concatenate
the new CRL to the root cert on the client machine. When I did that, my client
got a certificate revoked error.
However, I do have a
Rich-
Thanks for your response. The client is my own Linux client using OpenSSL. So
are you saying that I need to do certificate validation on my own, at least as
far as checking for revocation? That's assuming the solution isn't to
concatenate the files as described previously. I am not
OK, maybe I'm confused. I can get the CRL to my client machine OK, that's not
an issue. What I'm saying is, placing the CRLs into the local directory alone
is not OK, revocation check will not work. In order for that to work, I need to
append the CRL to the root certificate in /etc/ssl/crls.
So
OK. So as far as you're aware, there's not a way to avoid the requirement of
the combined root cert/CRL file when checking for revoked certificates? I would
prefer to just have to deal with the CRL in PEM format, but the CRL file must
always be the CRL appended to the root cert, as far as I can
every .pem file in the
/etc/ssl/crls directory and read in each one(successfullly).
Date: Wed, 30 Jul 2014 23:44:45 +0200
From: st...@openssl.org
To: openssl-users@openssl.org
Subject: Re: Can't get my CRL to work on my OpenSSL client
On Wed, Jul 30, 2014, Jason Schultz wrote:
OK. So
According to this wiki page:
http://wiki.openssl.org/index.php/FIPS_mode_and_TLS
When in FIPS mode, SHA1 signatures can not be used when
using the TLS 1.2 protocol:
If that wasn't enough there's another complication. For TLS v1.2 you have to
restrict the supported signature algorithms to
Another follow up question. The Wiki page refers to FIPS 186-4. Are these
restrictions only for FIPS 186-4, or FIPS 140-2 as well?
From: jetso...@hotmail.com
To: openssl-users@openssl.org
Subject: SHA1 signatures in FIPS mode w/ TLS 1.2
Date: Wed, 16 Jul 2014 13:31:35 +
According to this
I'm a bit confused on the appropriate protocol versions
to use on a ClientHello in my SSL/TLS implementation. (I am using s_server to
test my client code.) I say “versions” as there is the record version
and the suggested protocol version. Ignoring SSLv2, the initial
ClientHello to a server
I’m trying to decipher FIPS 140-2 Certification in regards
to OpenSSL FIPS module 2.0 and have some questions:
1.
Can one claim FIPS validated if running on an
Operating Environment not listed on Cert #1747? (I don’t think not having
an OE direct match is necessarily required, as long as
I've been doing some testing with the latest 2.0 FIPS Object Module I
downloaded and 1.0.1e OpenSSL and have a question.
I was wondering what the Software Integrity
self-test is designed to accomplish? It
seems like it's to ensure the source code or build hasn't been tampered
with. Out of
I have a server that implements secure communication using OpenSSL. The server
does a listen() on a port and keeps track of what listens are secure/SSL
listens. When a peer opens to that IP addr/port, the server sees that it's for
a secure connection and then makes the calls to set up SSL
Back in November a question(and response) were posted regarding thread safety
in the 1.0.1 branch of OpenSSL:
http://www.mail-archive.com/openssl-users@openssl.org/msg69322.html
In the response to the questions, the user states he removed the thread ID
callback function and the call to
Has there been any response to this? I dealt with a similar situation about 6
months ago. It turned out, at first my application was handling some responses
to SSL_write() and SSL_read incorrectly:
http://www.mail-archive.com/openssl-users@openssl.org/msg67276.html However,
after furthur
to 0.9.8,
while applications compiled against 1.0.x will also run smoothly.
HTH
Christian
On Wed, Jun 20, 2012 at 05:56:07PM +, Jason Schultz wrote:
I'm building and running an application that uses OpenSSL on SUSE Linux. I
don't know a lot about linking
I'm building and running an application that uses OpenSSL on SUSE Linux. I
don't know a lot about linking in general, just very basic stuff, so my
question might be better posed to a Linux forum, but it might be specific to
OpenSSL. Let me describe the scenario.
I have built installed
I have a question on how this situation happens, exactly, when using TLS 1.1 or
1.2. From ticket 2771, I see that the length of the ClientHello is what causes
the problem. But what needs to happen in order to make a ClientHello get too
big? My OpenSSL application only supports around 25
OpenSSL is telling me to do.
Date: Tue, 7 Feb 2012 19:47:59 +0100
From: st...@openssl.org
To: jetso...@hotmail.com
Subject: Re: Renegotiation
On Tue, Feb 07, 2012, Jason Schultz wrote:
Dr. Henson-
I've sent this question to the OpenSSL mailing list, but have not received
any
My apologies for accidently spamming the list with this message, my web based
email was having issues.
I am still unable to successfully rehandshake in the scenario below, and was
wondering if anyone might have some ideas. Is this the proper list for this
email?
Thanks.
From:
My apologies again, my posts were somehow got attached to an earlier
conversation. Posting one more time to place the message at the top of the
list:
I have implemented a server using OpenSSL 0.9.8r. If I use s_client to open a
connection to a listenening SSL port on the server, and use
I have implemented a server using OpenSSL 0.9.8r. If I use s_client to open a
connection to a listenening SSL port on the server, and use the R commend to
initiate a rehandshake, the rehandshake completes successfully(as expected). I
have verified this using both SSL 3.0 and TLS 1.0.
I have implemented a server using OpenSSL 0.9.8r. If I use s_client to open a
connection to a listenening SSL port on the server, and use the R commend to
initiate a rehandshake, the rehandshake completes successfully(as expected). I
have verified this using both SSL 3.0 and TLS 1.0.
I have implemented a server using OpenSSL 0.9.8r. If I use s_client to open a
connection to a listenening SSL port on the server, and use the R commend to
initiate a rehandshake, the rehandshake completes successfully(as expected). I
have verified this using both SSL 3.0 and TLS 1.0.
I think it does, but don't know for sure. Can you just try it on your system?
openssl dgst -sha256 filename
Subject: RE: OpenSSL server problems
Date: Tue, 9 Mar 2010 12:28:28 -0500
From: chr...@motorola.com
To: openssl-users@openssl.org
CC: openssl-...@openssl.org
Hi All,
I'm just curious, what was the offending library? I have seen similar memory
issues in the past that I never had a chance to get to the bottom of, actually
openssl behaved differently between 0.9.8i and 0.9.8j. But I'm wondering what
library you had to work around.
Thanks.
From:
One point of confusion for me, I read this email to say the OpenSSL FIPS Object
Module v1.2 will(may?) not be usable beyond 2010. But in the first discussion
link, I read that to say that the v1.2 Module will not be suitable for private
label validations(which require changes to FIPS module
Greetings.
I have recently done some testing with OpenSSL versions 0.9.8i and 0.9.8j.
Basically, the application is opening 10,000 connections between a client and
server on the same Linux machine. I've noticed quite a difference in memory
utilization when monitered with the top command.
Greetings.
I have recently done some testing with OpenSSL versions 0.9.8i and 0.9.8j.
Basically, the application is opening 10,000 connections between a client and
server on the same Linux machine. I've noticed quite a difference in memory
utilization when monitered with the Linux top
Forgot to include a subject line, my apoligies.
From: jetso...@hotmail.com
To: openssl-users@openssl.org
Subject:
Date: Tue, 24 Feb 2009 14:48:01 +
Greetings.
I have recently done some testing with OpenSSL versions 0.9.8i and 0.9.8j.
92 matches
Mail list logo
