On 01/08/2013 04:34 PM, Serhiy Ivanov wrote:
Is there way to get some 3rd party documentation about advanced
configuration of ssl.
I need to
1) Get rid from linkage
b75d6000-b75e6000 r-xp 00000000 08:03 54611
/lib/i386-linux-gnu/i686/cmov/libresolv-2.13.so
b75e6000-b75e7000 r--p 00010000 08:03 54611
/lib/i386-linux-gnu/i686/cmov/libresolv-2.13.so
b75e7000-b75e8000 rw-p 00011000 08:03 54611
/lib/i386-linux-gnu/i686/cmov/libresolv-2.13.so
b7789000-b778d000 r-xp 00000000 08:03 72640
/lib/i386-linux-gnu/i686/cmov/libnss_dns-2.13.so
b778d000-b778e000 r--p 00004000 08:03 72640
/lib/i386-linux-gnu/i686/cmov/libnss_dns-2.13.so
b778e000-b778f000 rw-p 00005000 08:03 72640
/lib/i386-linux-gnu/i686/cmov/libnss_dns-2.13.so
b778f000-b7791000 r-xp 00000000 08:03 126382 /lib/libnss_mdns4_minimal.so.2
b7791000-b7792000 rw-p 00001000 08:03 126382 /lib/libnss_mdns4_minimal.so.2
b7792000-b779c000 r-xp 00000000 08:03 65529
/lib/i386-linux-gnu/i686/cmov/libnss_files-2.13.so
b779c000-b779d000 r--p 00009000 08:03 65529
/lib/i386-linux-gnu/i686/cmov/libnss_files-2.13.so
b779d000-b779e000 rw-p 0000a000 08:03 65529
/lib/i386-linux-gnu/i686/cmov/libnss_files-2.13.so
I don't understand why openssl tries to work with means of nss,
althought they are two different implementations of same
"NSS" means "Name Service Switch" and is required (at least on Linux and
Solaris) for DNS lookups using the system libraries (getaddrinfo etc.).
Fully static linking generally breaks DNS lookups on Linux.
2) Reconfigure openssl to get work with rather BSD Sockets directly
It already does that internally. You can create a streaming socket in
some way and pass it to BIO_new_fp.
--
Florian Weimer / Red Hat Product Security Team
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
