Re: SSL_shutdown and SIGPIPE

Hallo Alberto, Alberto Alonso schrieb: > I personally don't know why pipes are even in use in the openssl > internals (though I bet there is a good reason for it :-) OpenSSL doesn't use pipes. You get a SIGPIPE if you write to a socket for that the other end is closed. I prefer using send() with

Re: OCSP documentation

> Is there any documentation on how I can programmatically > create OCSP > requests, ready to be sent on the wire? > > Thanks in advance! > Randy > Well, you should look at openssl.org and the openssl source code. Here I can give you a small code snippet which should give you a basic idea of wh

OCSP documentation

Is there any documentation on how I can programmatically create OCSP requests, ready to be sent on the wire? Thanks in advance! Randy __ OpenSSL Project http://www.openssl.org User Support Maili

Re: SSL_shutdown and SIGPIPE

I personally don't know why pipes are even in use in the openssl internals (though I bet there is a good reason for it :-) Ignoring SIGPIPE (or most signals for that matter) is not really that good. They get generated for good reasons. In my case, depending on what came down the wire, I have to i

RE: SSL_shutdown and SIGPIPE

Excellent, I'll give this a try. Thanks, Alberto On Mon, 2006-02-13 at 10:51 +0530, Gayathri Sundar wrote: > Probably you can call the following > > iRet = SSL_get_shutdown(pSSL); > if(iRet >= 0) SSL_shutdown(pSSL); > > This is because, SSL_shutdown writes data on the wire, > i.e the closure a

Re: SSL_shutdown and SIGPIPE

Why are you trying to avoid SIGPIPE, anyway? It's easy to ignore, and a global state would make it possible to determine what socket you were writing on (if you needed that). -Kyle H On 2/12/06, Gayathri Sundar <[EMAIL PROTECTED]> wrote: > Probably you can call the following > > iRet = SSL_get_s

RE: SSL_shutdown and SIGPIPE

Probably you can call the following iRet = SSL_get_shutdown(pSSL); if(iRet >= 0) SSL_shutdown(pSSL); This is because, SSL_shutdown writes data on the wire, i.e the closure alerts..and if a FIN was received meanwhile, you will catch a SIGPIPE..this piece of code, actually saves me from this.. Tha

RE: Certificate chain question

I think you should load myside.com as well onto the browser.. as it is needed to verify part.myside.com. Thanks --G3 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Zaid Sent: Sunday, February 12, 2006 5:33 AM To: openssl-users@openssl.org Subject: Certifica

unable to load key file solution

Dear User Support Mailing List   In order to be able to fulfill the fiscal legislation in Mexico, I am developing a system to obtain electronic invoices, but up to here I have been able to advance without being able to follow ahead. For this reason I ask for your a

Fedora CORE II SSL Installation Question

I've tried getting SSL setup but thusfar to no avail, so I'll have to humbly admit defeat and seek expert assistance. Firstly, I need only real certificates. These are some of the things I've tried: 1.) openssl genrsa -des3 -out server.key 1024 2.) openssl req -new -key server.key -out www_xy

Re: SSL_shutdown and SIGPIPE

The standard practice is that of ignoring SIGPIPE in all TCP servers. signal(SIGPIPE,SIG_IGN); OpenSSL cannot help you here because the problem occurs at a lower level(TCP). I remember seeing this line in the ssh server source code as well. regards, Girish --- Alberto Alonso <[EMAIL PROTECT

SSL_shutdown and SIGPIPE

I am getting SIGPIPE signals under Linux when calling on SSL_shutdown and the remote is gone. Basically, the remote end terminates the connection abruptly, then the server finishes doing whatever is doing and issues a SSL_shutdown on the ssl structure that used to handle the connection. This gener