is sigaction, which works perfect.
I hope this helps anybody else reading this list.
Alberto
On Sun, 2006-02-19 at 01:16 -0600, Alberto Alonso wrote:
I am getting an unexpected behavior where SSL_accept doesn't
return after a SIGALRM
The thread's SIGALRM handler is called and a message is printed
SSL_MODE_AUTO_RETRY enabled on my end?
Thanks,
Alberto
--
Alberto AlonsoGlobal Gate Systems LLC.
(512) 351-7233http://www.ggsys.net
Hardware, consulting, sysadmin, monitoring and remote backups
, Alberto Alonso [EMAIL PROTECTED] wrote:
I personally don't know why pipes are even in use in the openssl
internals (though I bet there is a good reason for it :-)
It's there because the underlying operating system forces them to be
there. It's certainly not at the behest of the OpenSSL
. This generates a SIGPIPE on the server.
Is there anything I should be checking for before calling
SSL_shutdown to make sure the connection is still OK?
Thanks,
Alberto
--
Alberto AlonsoGlobal Gate Systems LLC.
(512) 351-7233http://www.ggsys.net
Hardware
..and if a FIN was received meanwhile,
you will catch a SIGPIPE..this piece of code, actually
saves me from this..
Thanks
--G3
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Alberto Alonso
Sent: Sunday, February 12, 2006 2:08 PM
To: openssl-users
writes data on the wire,
i.e the closure alerts..and if a FIN was received meanwhile,
you will catch a SIGPIPE..this piece of code, actually
saves me from this..
Thanks
--G3
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Alberto Alonso
What would be the equivalent to do the root certificate to
be used during validation?
Basically the next step for me is not having to have the
SSL_CTX_load_verify_locations call.
The SSL_CTX_set_cert_store seems to be what I want, but I don't
find documentation on how to create the store in the
Thanks, this is exactly what I was looking for.
And thanks also to Peter for pointing out the already
built options openssl x509 -C
which produce the perfect C stub code.
Alberto
On Mon, 2006-02-06 at 10:04 +, Katie Lucas wrote:
On Fri, Feb 03, 2006 at 02:54:38PM -0600, Alberto Alonso
would also like to have already in memory the cert chain
for the root cert.
The goal is to distribute a single binary that doesn't depend
on any external files that can verify that it is connecting
to the right server.
Thanks,
Alberto
--
Alberto AlonsoGlobal Gate
ideas on what I need to be looking at?
Thanks,
Alberto
--
Alberto AlonsoGlobal Gate Systems LLC.
(512) 351-7233http://www.ggsys.net
Hardware, consulting, collocation, monitoring and remote backups
:140AC00D:SSL routines:SSL_CTX_use_certificate_ASN1:ASN1
lib:ssl_rsa.c:556:
Any ideas as to how I can get the ASN1 data so that I can
put it on a char buffer?
Thanks,
Alberto
--
Alberto AlonsoGlobal Gate Systems LLC.
(512) 260-2523http://www.ggsys.net
--
Alberto AlonsoGlobal Gate Systems LLC.
(512) 260-2523http://www.ggsys.net
Hardware, consulting, collocation, monitoring and remote backups
__
OpenSSL Project
.
Any ideas as to where I need to be looking to figure this out?
Thanks,
Alberto
--
Alberto AlonsoGlobal Gate Systems LLC.
(512) 260-2523http://www.ggsys.net
Hardware, consulting, collocation, monitoring and remote backups
because
state information is stored in there.
I'm confused, what is the EVP_CIPHER_CTX?
I do calls to OpenSSL_add_all_algorithms,SSL_load_error_strings,
TLSv1_client_method
And then share the return of the SSL_CTX_new call.
Is that SSL_CTX or EVP_CIPHER_CTX?
Thanks,
Alberto
--
Alberto Alonso
in libcrypto, see CRYPTO_set_locking_callback for
this.
The second option is to have one SSL_CTX per thread, as mentionned by
Stephen.
Regards,
--
Alberto AlonsoGlobal Gate Systems LLC.
(512) 260-2523http://www.ggsys.net
Hardware, consulting
work fine, as long as the mutexes
are initialized the proper way.
Did you try to use one SSL_CTX per thread to see if it worked ? If you
have a problem with this setup then it must be coming from your code,
and you might want to post your initialization code in the NG.
Regards,
--
Alberto
16 matches
Mail list logo