ENOBUFS errors on MACOS 10.7
We have been seeing occasional ENOBUFS errors in our application sending data from MAC-OS since the introduction of OS/X 10.7 on both SSL and non-SSL connections. ENOBUFS appears to be a transient error for sends that is now being exhibited on the MAC platform. However, it is not handled as such by the BIO_sock_non_fatal_error routine in OpenSSL. We changed our non-SSL code to treat this as a transient error on sends and that cleared up the issue there. OpenSSL has only a single routine to determine non fatal errors for both send and recv operations, however, and it's not at all clear to me that such an error is non-fatal for recv. I would appreciate any insight others might have on this issue. Thanks Ken
New features in openssl-1.0.1c
Hello everyone. I'd like to use new openssl features (GCM, CMAC, etc), but have troubles: with standard flags (-lssl -lcrypto) compilation failed: test.c:(.text+0x7f): undefined reference to `CRYPTO_gcm128_new' test.c:(.text+0x9e): undefined reference to `CRYPTO_gcm128_setiv' test.c:(.text+0xbd): undefined reference to `CRYPTO_gcm128_encrypt' test.c:(.text+0xd8): undefined reference to `CRYPTO_gcm128_tag' test.c:(.text+0xe4): undefined reference to `CRYPTO_gcm128_release' Any ideas how to link it properly? Thanks in advance, Edward. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Is PKCS5_PBKDF2_HMAC() thread safe?
Hello: Is PKCS5_PBKDF2_HMAC() thread safe? Thanks, Bill __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Undefined reference to 'FIPS_text_start()'
Thanks Dr. Stephen and Andy for helping me resolve this issue. I modified
fipsld script to use gcc for compiling fips_premain.c and it worked.
On 11/25/12 1:42 PM, Andy Polyakov ap...@openssl.org wrote:
Santhosh Kokala wrote:
I would really appreciate, if someone helps me with this issue.
Why not just think for a second?
export FIPSLD_CC=g++
export CC=gcc
means that it's using g++ to compile fips_premain.c. FIPSLD_CC takes
precedence over CC in fipsld: CC=${FIPSLD_CC:-${CC}}
export CXX=/usr/local/ssl/fips-2.0/bin/fipsld
Build Errors:
/tmp/cczHeW7i.o: In function `FINGERPRINT_premain()':
/usr/local/ssl/fips-2.0/bin/../lib/fips_premain.c:103: undefined
reference
to `FIPS_text_start()'
/usr/local/ssl/fips-2.0/bin/../lib/fips_premain.c:116: undefined
reference
to `FIPS_incore_fingerprint(unsigned char*, unsigned int)'
So try to compile fips_premain.c manually with g++ and run 'nm
fips_premain.o'. Note undefined symbols and try to find them in
fipscanister.o. This answers question what's going on. With this answer
you can also determine what to do. Setting FIPSLD_CC to gcc shall
compile fips_premain.c correctly, but it might fail to link with rest of
your code, because g++ driver adds language-specific libraries [and
linker options]. Therefore there are two options. a) Set FIPSLD_CC to
gcc, figure out language-specific libraries [and linker options] and
explicitly add them to fipsld command line. b) Make g++ treat
fips_premain.c as C and not C++, e.g. by setting FIPSLD_CC to g++ -x c.
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-...@openssl.org
Automated List Manager majord...@openssl.org
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
Re: Undefined reference to 'FIPS_text_start()'
I have seen Dr. Stephen's reply in this thread
http://www.mail-archive.com/openssl-users@openssl.org/msg63620.html, that
fipsld can be modified as long as it follows rules in the security policy.
On 11/26/12 4:30 PM, Santhosh Kokala santhosh.kok...@riverbed.com
wrote:
Thanks Dr. Stephen and Andy for helping me resolve this issue. I modified
fipsld script to use gcc for compiling fips_premain.c and it worked.
On 11/25/12 1:42 PM, Andy Polyakov ap...@openssl.org wrote:
Santhosh Kokala wrote:
I would really appreciate, if someone helps me with this issue.
Why not just think for a second?
export FIPSLD_CC=g++
export CC=gcc
means that it's using g++ to compile fips_premain.c. FIPSLD_CC takes
precedence over CC in fipsld: CC=${FIPSLD_CC:-${CC}}
export CXX=/usr/local/ssl/fips-2.0/bin/fipsld
Build Errors:
/tmp/cczHeW7i.o: In function `FINGERPRINT_premain()':
/usr/local/ssl/fips-2.0/bin/../lib/fips_premain.c:103: undefined
reference
to `FIPS_text_start()'
/usr/local/ssl/fips-2.0/bin/../lib/fips_premain.c:116: undefined
reference
to `FIPS_incore_fingerprint(unsigned char*, unsigned int)'
So try to compile fips_premain.c manually with g++ and run 'nm
fips_premain.o'. Note undefined symbols and try to find them in
fipscanister.o. This answers question what's going on. With this answer
you can also determine what to do. Setting FIPSLD_CC to gcc shall
compile fips_premain.c correctly, but it might fail to link with rest of
your code, because g++ driver adds language-specific libraries [and
linker options]. Therefore there are two options. a) Set FIPSLD_CC to
gcc, figure out language-specific libraries [and linker options] and
explicitly add them to fipsld command line. b) Make g++ treat
fips_premain.c as C and not C++, e.g. by setting FIPSLD_CC to g++ -x c.
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-...@openssl.org
Automated List Manager majord...@openssl.org
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-...@openssl.org
Automated List Manager majord...@openssl.org
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
