>libcurl is able to use 9 different SSL implementation as its SSL library for SSL connections. And yes, OpenSSL is one of them. [cnm] Does libcurl statically link ssl or dynamically load those ssl?
>I've never seen the error message *> * error:0506706E:Diffie-Hellman routines:GENERATE_KEY:key size too small * [cnm] If you believe this error message is NOT from libcurl itself, then I believe this error message is from the openssl routines that the libcurl invokes. The question is why openssl throw this error, and in what situation (from libcurl code) this error will be throwed from libcurl? >What SSL implementation is your libcurl using? How is the SSL stack build and how did you build libcurl? [cnm] 1. I am not sure if I understand your first question, we use libcurl, if libcurl uses ssl, then we use whatever is on the system, in our case, we use openssl. 2. We use dlopen()/dlsym()/dlclose() to load libcurl library. This is the ONLY way that we can fit libcurl into our software layers. I need to check with other groups and see how many they use ssl in their layers. I'll get back to you on this. On Fri, Mar 15, 2013 at 10:44 AM, cnm marketing <cnn.market...@gmail.com>wrote: > How that can be? Does libcurl also use openssl? > > From my code, I only invoke libcurl routines. Again the following > output are the libcurl output by using CURLOPT_VERBOSE and CURLOPT_STDERR. > When setting CURLOPT_SSL_VERIFYHOST to 1, we got the debug1.txt output, > when setting CURLOPT_SSL_VERIFYHOST to 0, we get the debug.txt output > > > [root@l2se0132 bin]# more /debug1.txt > > * About to connect() to l2se0060.lss.emc.com port 8443 (#0) > > * Trying 10.247.73.60... > > * Connected to l2se0060.lss.emc.com (10.247.73.60) port 8443 (#0) > > * successfully set certificate verify locations: > > * CAfile: /usr/yhuang/cert.pem > > CApath: none > > * error:0506706E:Diffie-Hellman routines:GENERATE_KEY:key size too small > > * Closing connection 0 > > > > [root@l2se0132 bin]# more /debug.txt > > * About to connect() to l2se0060.lss.emc.com port 8443 (#0) > > * Trying 10.247.73.60... > > * Connected to l2se0060.lss.emc.com (10.247.73.60) port 8443 (#0) > > * error:0506706E:Diffie-Hellman routines:GENERATE_KEY:key size too small > > * Closing connection 0 > > > > On Fri, Mar 15, 2013 at 3:45 AM, Daniel Stenberg <dan...@haxx.se> wrote: > >> On Thu, 14 Mar 2013, cnm marketing wrote: >> >> * error:0506706E:Diffie-Hellman routines:GENERATE_KEY:key size too small >>> >> >> Please stop top-posting and full-quoting. >> >> My 3.2 seconds of googling on this topic lead to this: >> >> >> http://comments.gmane.org/**gmane.comp.encryption.openssl.**user/43777<http://comments.gmane.org/gmane.comp.encryption.openssl.user/43777> >> >> -- >> >> / daniel.haxx.se >> > >
------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html