Leon wrote:
$ grep __FD_SETSIZE /usr/include/bits/*.h
/usr/include/bits/typesizes.h:#define __FD_SETSIZE 1024
This is the maximum number of fd's the "fd_set" type holds by default.
Maybe it would be possible to stop the crashes and override this with
some ugly stack paddings:
If I follow the OpenSSL code (using source navigator), the FD_SET and
others are defined in openssl/apps/s_apps.h and the code restricts the
set to be a maximum of 32 bits (sizeof int). 32 entries is enough since
the random devices are only accessed one by one at that point.
So please educate me: How does the system define __FD_SETSIZE influence
the OpenSSL defined FD_SET. [ Or am I just totally missing the point
now? ]
I am making the presumption that it was application code using the
FD_SET macros and allocating the fd_set storage.
You quote the file openssl/apps/s_apps.h but isn't this file for the
distributed applications openssl comes with, like /usr/local/bin/openssl
? How does that header file affect *users* of OpenSSL. The header
files you should be looking at are in openssl/include/openssl/*.h ?
But I can see your point now, if it is an OpenSSL problem you are pretty
much stuck. For example if OpenSSL uses select() to sleep for
/dev/random but your application is already into the 1500th active file
descritor. Then OpenSSL is pretty much hosed for using select() inside
itself, infact it should do a sanity check internally otherwise random
corruption/crashes will occur because FD_SET() may scribble on memory.
Unless you start to compile a custom version of OpenSSL library and make
sure you link your application with that specific version (like
-static). But you said you didn't want to do this.
So maybe you are asking too much, something has to give.
You can't increase the default fd_set without recompiling whatever is
using it and raising the limit. Alternatively as Marek suggested look
at /usr/include/sys/select.h and make your own my_fd_set. The Linux
glibc macros look like they will still work on large sizes.
Darryl
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]