High CPU usage on dial-up connections

2005-07-31 Thread Matyas Majzik 
Hi,

I have a problem using OpenSSL on Windows platform. Version 0.9.7g and 
0.9.8.

I created a simple file transfer application which transfers files
between  two computers using SSL connection. This is a multithreaded 
application and the file transfer separated to an other thread in this 
application. It works perfectly using broadband connection utilizing 
minimal CPU usage but when I use dial-up connections (I mean 56k modem) 
then the CPU usage on the modem side is always 100% and on the server 
side the CPU usage is sometimes 50% sometimes 100% always varying
during the file transfer.

I cannot explain why. Do you have any experience with this problem?

-- 
Matyas Majzik
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]

x64 compilation

2005-05-28 Thread Matyas Majzik 
Hi!

I have successfully compiled OpenSSL 0.9.8-beta2 using the new platform
SDK which includes 64 bit compiler for AMD 64 and EM64T processors on
windows x64. After the compile the tests are successful and even my 64
bit applications worked properly and fast :))  (Of course I had to use
do_ms or do_nt instead of do_masm because the 64 bit assemler failed on
those asm routines) However during compilation I get warning about
size_t to int and long conversations:
possible loss of data. This is because size_t and even SOCKET is 64 bit
wide in this environment.
Should I care about this? Or it is enough that tests are all successful.

I had to modify nt.mak and and ntdll.mak:

I had to remove /WX and /G5 flags from the compiler directives.
I had to remove /machine:I386 flag from linker directives.
I had to add bufferoverflowU.lib to the libs to enable runtime checks.

However it is impossible to create a dynamic link library. When I want
to compile using ntdll.mak I get the following:
   link /nologo /subsystem:console /opt:ref /dll bufferoverflowU.lib
/out:o
ut32dll\libeay32.dll /def:ms/LIBEAY32.def
@C:\DOCUME~1\openssldev\LOCALS~1\Temp\nm10.tmp
ms/LIBEAY32.def(7) : warning LNK4017: DESCRIPTION statement not supported
for the target platform; ignored
  Creating library out32dll\libeay32.lib and object out32dll\libeay32.exp
bss_fd.obj : error LNK2019: unresolved external symbol OPENSSL_UplinkTable
referenced in function fd_free
bss_file.obj : error LNK2001: unresolved external symbol OPENSSL_UplinkTable
b_dump.obj : error LNK2001: unresolved external symbol OPENSSL_UplinkTable
out32dll\libeay32.dll : fatal error LNK1120: 1 unresolved externals
NMAKE : fatal error U1077: 'link' : return code '0x460'
Stop.


I also tried to compile 0.9.7g using the 64 bit compiler and it was
successful but using FILE * type routines in this compilation always
result in a crash. Even with /MD and /MT flags properly used.

But beta2 statically linked working flawlessly and absolutely perfectly
on Windows X64 edition using a 64 bit compiler. Great! Can you help
compiling to create dlls?
-- 
Matyas Majzik
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]

Re: PEM_read_bio: no start line

2005-05-20 Thread Matyas Majzik 
Hi All,
someone knows what does mean :
"PEM_read_bio: no start line"
when server  calls the function (for CA file) 
:SSL_CTX_load_verify_locations() ?
I'm using openssl-0.9.7d
I think that CA certificate file is not in PEM file format. Therefore I 
think that there is no
-BEGIN CERTIFICATE- 
line in that file.

Matyas 

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]

Re: hmac problem in fips mode

2005-05-11 Thread Matyas Majzik 
Check that you have successfully entered FIPS mode. It may be that an 
error
occurred there.
Thanks. It was my fault. However I do not understand why I should switch 
back to non fips mode if failed to switch to fips mode. I thought that if 
entering fips mode is impossible then it remains in non-fips mode. 

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]

problems in nt.mak file

2005-05-11 Thread Matyas Majzik 
There is an error in ms\nt.mak file. I think.
The following line is generated improperly:
CFLAG= /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy 
/nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32 
/Fdout32 -DOPENSSL_NO_KRB5 -DOPENSSL_FIPS

It should be /MT instead of /MD because it is used to be a static library 
not a dynamic. I always have to edit this makefile manually after running 
ms\do_masm.bat. I cannot use the created library if I leave it to /MD. I am 
using visual c++.

Matyas Majzik 

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]

hmac problem in fips mode

2005-05-11 Thread Matyas Majzik 
Hi!
I have a problem with hmac in fips mode.
The following code always returns the same fingerprint. It doesn't depend on 
the data.

#include
#include
.
.
.
unsigned char data[16384];
unsigned char md[256];
unsigned int no;
.
.
.
HMAC_CTX ctx;
HMAC_CTX_init(&ctx);
FILE *fh=fopen("file","rb");
HMAC_Init_ex(&ctx, (unsigned char *)"etaonrishdlcupfm", 16,EVP_sha1(),NULL);
//HMAC_CTX_set_flags(&ctx,EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
do
{
   no=fread(data,1,16384,fh);
   if( no>0 ) HMAC_Update(&ctx, data, no);
}
while(!feof(fh));
HMAC_Final(&ctx, md, &no);
HMAC_CTX_cleanup(&ctx);
So md always contains the same values in fips mode. However in non fips mode 
this code works properly and md contains the proper sha1 hmac fingerprint.

I tried openssl 0.9.7g stable and snapshot 2005.05.11. I built them on 
Windows XP. VS .NET 2003 using masm, both static and dynamic linking.

Thanks,
Matyas Majzik 

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]