I wanted to allow for the handling of CRLs. There is a comment in
X509_verify_cert() that indicates where CRL handling can be placed. But
this is in the library code and therefore not appropriate for private
code.
The verify callback, though, is an opportunity to check against CRLs
without
Should we just post our suggestions to the list, or send them to some
expert (project housekeeper), or act some other way?
Please post them to the list. openssl-dev is where new features and
designs are discussed, and it is also used to submit patches.
Ulf Möller schrieb:
ulf Should we keep /usr/local/ssl as the default installation path?
ulf Or better use $prefix=/usr/local and put the certs and config
ulf into $prefix/openssl or something like that?
Hmm... I guess that's a religious question.
My vote for the default is
Holger.Reif That looks really ugly! Then I would prefer
Holger.Reif $stuff_prefix/etc/openssl with $stuff_prefix beeing
Holger.Reif empty as default.
Holger.Reif
Holger.Reif But that's religious too, isn't it? ;-)
Yup, and my religion says that $stuff_prefix should be the same as
$prefix by
Hi all,
I'm new at developing whith this library and i'm having some
problems.
The thing is that i'm trying to write a client and a server working
over ssl by using the BIO abstraction ( i wasn't able to do it with
SSL_calls only ), something as it's done in demos/bio/
Converting crypto/bio/b_sock.c and ssl/ssl-cert.c to call gethostbyname_r(),
getservbyname_r(), and readdir_r() instead of the non-reentrant functions when
threads are enabled turns out to be ugly. The reentrant function semantics
aren't standard across popular platforms that support threads
"J.Doe" == Anonymous [EMAIL PROTECTED] writes:
J.Doe Converting crypto/bio/b_sock.c and ssl/ssl-cert.c to call gethostbyname_r(),
J.Doe getservbyname_r(), and readdir_r() instead of the non-reentrant functions when
J.Doe threads are enabled turns out to be ugly. The reentrant function
Sebastian Akerman [EMAIL PROTECTED]:
crypt/evp/bio_enc.c: static int enc_read(b,out,outl)
/* Should be continue next time we are called? */
if (!BIO_should_retry(b-next_bio))
{
ctx-cont=i;
i=EVP_CipherFinal((ctx-cipher),
(unsigned char *)ctx-buf,
Niels Poppe [EMAIL PROTECTED]:
Bodo Moeller:
David Harris:
My original request was for something slightly different, I think.
[...] I want to run "make" and have
all the programs compiled _as-if_ they would be installed into the
Carson Gaspar wrote:
sigh Locking these is going to be a significant performance hit, I
suspect. Does anyone care about systems that can't handle dinky memory
allocations for a hostent structure? If so, they should have special case
code that does locking, #ifdef'd out to protect the rest of
10 matches
Mail list logo