On Mon, Jan 03, 2011 at 01:52:11PM +0100, Dr. Stephen Henson wrote:
> OpenSSL CVS Repository
> http://cvs.openssl.org/
>
>
> Server: cvs.openssl.org Name: Dr. Stephen Henson
> Root: /v/opens
Thanks for a explanations.
Let's consider following main, using ccgost engine:
main(){
OPENSSL_config(NULL);
ENGINE *e = ENGINE_by_id("gost");
ENGINE_init(e);
ENGINE_free(e);
ENGINE_set_default(e, ENGINE_METHOD_ALL);
OpenSSL_add_all_algorithms();
// emulating ENGINE_
I realize that I must be doing all that. The difference I see from errno (and
the reason I wrote this) is that if you fail to read errno, it does not affect
the outcome of the NEXT system call (save for few documented cases which
specifically instruct you to clear errno before calling the functi
If your program ignores the error queue, your program is doing the equivalent
of not checking errno after every system call. The program is required to deal
with the error queue, because it is OpenSSL's only mechanism for informing the
application code of the wide variety of potential protocol
On Tue, Jan 04, 2011, Andrey Kulikov wrote:
> If we take a look at any ENGINE_load_XXX function, we find that they all has
> similar structure:
>
> ENGINE *toadd = engine_XXX();
> if(!toadd) return;
> ENGINE_add(toadd);
> ENGINE_free(toadd);
> ERR_clear_error();
>
> My questi
Update: adding
ENGINE_init(e)
after
e = ENGINE_by_id("XXX");
doesn't make any difference, as in my case functional reference count is
8(???) at the moment of ENGINE_init(e) call, so engine is not
re-initialised. :(
On 4 January 2011 04:12, Andrey Kulikov wrote:
> If we take a look at any ENGIN
If we take a look at any ENGINE_load_XXX function, we find that they all has
similar structure:
ENGINE *toadd = engine_XXX();
if(!toadd) return;
ENGINE_add(toadd);
ENGINE_free(toadd);
ERR_clear_error();
My question is: why we need call ENGINE_free(toadd) ??
Somewhere inside it
I'm using OpenSSL 0.9.8i, and have noticed the following scenario:
- Some OpenSSL crypto function returns with an error, leaving a
description of the error on the error queue
- The application neglects to call ERR_clear_error()
- SSL_read() is then called on a non-blo
At the end of the testsuite in test_builtin() happens the following:
- a previously created signature gets modified at a random spot
- this signature is compared against the data which was used to create the
signature.
Now, in theory the last step should always fail in reality is passed
sometime