ENOBUFS errors on MACOS 10.7
We have been seeing occasional ENOBUFS errors in our application sending data from MAC-OS since the introduction of OS/X 10.7 on both SSL and non-SSL connections. ENOBUFS appears to be a transient error for sends that is now being exhibited on the MAC platform. However, it is not handled as such by the BIO_sock_non_fatal_error routine in OpenSSL. We changed our non-SSL code to treat this as a transient error on sends and that cleared up the issue there. OpenSSL has only a single routine to determine non fatal errors for both send and recv operations, however, and it's not at all clear to me that such an error is non-fatal for recv. I would appreciate any insight others might have on this issue. Thanks Ken
New features in openssl-1.0.1c
Hello everyone. I'd like to use new openssl features (GCM, CMAC, etc), but have troubles: with standard flags (-lssl -lcrypto) compilation failed: test.c:(.text+0x7f): undefined reference to `CRYPTO_gcm128_new' test.c:(.text+0x9e): undefined reference to `CRYPTO_gcm128_setiv' test.c:(.text+0xbd): undefined reference to `CRYPTO_gcm128_encrypt' test.c:(.text+0xd8): undefined reference to `CRYPTO_gcm128_tag' test.c:(.text+0xe4): undefined reference to `CRYPTO_gcm128_release' Any ideas how to link it properly? Thanks in advance, Edward. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Is PKCS5_PBKDF2_HMAC() thread safe?
Hello: Is PKCS5_PBKDF2_HMAC() thread safe? Thanks, Bill __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Undefined reference to 'FIPS_text_start()'
Thanks Dr. Stephen and Andy for helping me resolve this issue. I modified fipsld script to use gcc for compiling fips_premain.c and it worked. On 11/25/12 1:42 PM, Andy Polyakov ap...@openssl.org wrote: Santhosh Kokala wrote: I would really appreciate, if someone helps me with this issue. Why not just think for a second? export FIPSLD_CC=g++ export CC=gcc means that it's using g++ to compile fips_premain.c. FIPSLD_CC takes precedence over CC in fipsld: CC=${FIPSLD_CC:-${CC}} export CXX=/usr/local/ssl/fips-2.0/bin/fipsld Build Errors: /tmp/cczHeW7i.o: In function `FINGERPRINT_premain()': /usr/local/ssl/fips-2.0/bin/../lib/fips_premain.c:103: undefined reference to `FIPS_text_start()' /usr/local/ssl/fips-2.0/bin/../lib/fips_premain.c:116: undefined reference to `FIPS_incore_fingerprint(unsigned char*, unsigned int)' So try to compile fips_premain.c manually with g++ and run 'nm fips_premain.o'. Note undefined symbols and try to find them in fipscanister.o. This answers question what's going on. With this answer you can also determine what to do. Setting FIPSLD_CC to gcc shall compile fips_premain.c correctly, but it might fail to link with rest of your code, because g++ driver adds language-specific libraries [and linker options]. Therefore there are two options. a) Set FIPSLD_CC to gcc, figure out language-specific libraries [and linker options] and explicitly add them to fipsld command line. b) Make g++ treat fips_premain.c as C and not C++, e.g. by setting FIPSLD_CC to g++ -x c. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-...@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Undefined reference to 'FIPS_text_start()'
I have seen Dr. Stephen's reply in this thread http://www.mail-archive.com/openssl-users@openssl.org/msg63620.html, that fipsld can be modified as long as it follows rules in the security policy. On 11/26/12 4:30 PM, Santhosh Kokala santhosh.kok...@riverbed.com wrote: Thanks Dr. Stephen and Andy for helping me resolve this issue. I modified fipsld script to use gcc for compiling fips_premain.c and it worked. On 11/25/12 1:42 PM, Andy Polyakov ap...@openssl.org wrote: Santhosh Kokala wrote: I would really appreciate, if someone helps me with this issue. Why not just think for a second? export FIPSLD_CC=g++ export CC=gcc means that it's using g++ to compile fips_premain.c. FIPSLD_CC takes precedence over CC in fipsld: CC=${FIPSLD_CC:-${CC}} export CXX=/usr/local/ssl/fips-2.0/bin/fipsld Build Errors: /tmp/cczHeW7i.o: In function `FINGERPRINT_premain()': /usr/local/ssl/fips-2.0/bin/../lib/fips_premain.c:103: undefined reference to `FIPS_text_start()' /usr/local/ssl/fips-2.0/bin/../lib/fips_premain.c:116: undefined reference to `FIPS_incore_fingerprint(unsigned char*, unsigned int)' So try to compile fips_premain.c manually with g++ and run 'nm fips_premain.o'. Note undefined symbols and try to find them in fipscanister.o. This answers question what's going on. With this answer you can also determine what to do. Setting FIPSLD_CC to gcc shall compile fips_premain.c correctly, but it might fail to link with rest of your code, because g++ driver adds language-specific libraries [and linker options]. Therefore there are two options. a) Set FIPSLD_CC to gcc, figure out language-specific libraries [and linker options] and explicitly add them to fipsld command line. b) Make g++ treat fips_premain.c as C and not C++, e.g. by setting FIPSLD_CC to g++ -x c. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-...@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-...@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org