High CPU usage on dial-up connections
Hi, I have a problem using OpenSSL on Windows platform. Version 0.9.7g and 0.9.8. I created a simple file transfer application which transfers files between two computers using SSL connection. This is a multithreaded application and the file transfer separated to an other thread in this application. It works perfectly using broadband connection utilizing minimal CPU usage but when I use dial-up connections (I mean 56k modem) then the CPU usage on the modem side is always 100% and on the server side the CPU usage is sometimes 50% sometimes 100% always varying during the file transfer. I cannot explain why. Do you have any experience with this problem? -- Matyas Majzik __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
x64 compilation
Hi! I have successfully compiled OpenSSL 0.9.8-beta2 using the new platform SDK which includes 64 bit compiler for AMD 64 and EM64T processors on windows x64. After the compile the tests are successful and even my 64 bit applications worked properly and fast :)) (Of course I had to use do_ms or do_nt instead of do_masm because the 64 bit assemler failed on those asm routines) However during compilation I get warning about size_t to int and long conversations: possible loss of data. This is because size_t and even SOCKET is 64 bit wide in this environment. Should I care about this? Or it is enough that tests are all successful. I had to modify nt.mak and and ntdll.mak: I had to remove /WX and /G5 flags from the compiler directives. I had to remove /machine:I386 flag from linker directives. I had to add bufferoverflowU.lib to the libs to enable runtime checks. However it is impossible to create a dynamic link library. When I want to compile using ntdll.mak I get the following: link /nologo /subsystem:console /opt:ref /dll bufferoverflowU.lib /out:o ut32dll\libeay32.dll /def:ms/LIBEAY32.def @C:\DOCUME~1\openssldev\LOCALS~1\Temp\nm10.tmp ms/LIBEAY32.def(7) : warning LNK4017: DESCRIPTION statement not supported for the target platform; ignored Creating library out32dll\libeay32.lib and object out32dll\libeay32.exp bss_fd.obj : error LNK2019: unresolved external symbol OPENSSL_UplinkTable referenced in function fd_free bss_file.obj : error LNK2001: unresolved external symbol OPENSSL_UplinkTable b_dump.obj : error LNK2001: unresolved external symbol OPENSSL_UplinkTable out32dll\libeay32.dll : fatal error LNK1120: 1 unresolved externals NMAKE : fatal error U1077: 'link' : return code '0x460' Stop. I also tried to compile 0.9.7g using the 64 bit compiler and it was successful but using FILE * type routines in this compilation always result in a crash. Even with /MD and /MT flags properly used. But beta2 statically linked working flawlessly and absolutely perfectly on Windows X64 edition using a 64 bit compiler. Great! Can you help compiling to create dlls? -- Matyas Majzik __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: PEM_read_bio: no start line
Hi All, someone knows what does mean : "PEM_read_bio: no start line" when server calls the function (for CA file) :SSL_CTX_load_verify_locations() ? I'm using openssl-0.9.7d I think that CA certificate file is not in PEM file format. Therefore I think that there is no -BEGIN CERTIFICATE- line in that file. Matyas __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: hmac problem in fips mode
Check that you have successfully entered FIPS mode. It may be that an error occurred there. Thanks. It was my fault. However I do not understand why I should switch back to non fips mode if failed to switch to fips mode. I thought that if entering fips mode is impossible then it remains in non-fips mode. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
problems in nt.mak file
There is an error in ms\nt.mak file. I think. The following line is generated improperly: CFLAG= /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32 /Fdout32 -DOPENSSL_NO_KRB5 -DOPENSSL_FIPS It should be /MT instead of /MD because it is used to be a static library not a dynamic. I always have to edit this makefile manually after running ms\do_masm.bat. I cannot use the created library if I leave it to /MD. I am using visual c++. Matyas Majzik __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
hmac problem in fips mode
Hi! I have a problem with hmac in fips mode. The following code always returns the same fingerprint. It doesn't depend on the data. #include #include . . . unsigned char data[16384]; unsigned char md[256]; unsigned int no; . . . HMAC_CTX ctx; HMAC_CTX_init(&ctx); FILE *fh=fopen("file","rb"); HMAC_Init_ex(&ctx, (unsigned char *)"etaonrishdlcupfm", 16,EVP_sha1(),NULL); //HMAC_CTX_set_flags(&ctx,EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); do { no=fread(data,1,16384,fh); if( no>0 ) HMAC_Update(&ctx, data, no); } while(!feof(fh)); HMAC_Final(&ctx, md, &no); HMAC_CTX_cleanup(&ctx); So md always contains the same values in fips mode. However in non fips mode this code works properly and md contains the proper sha1 hmac fingerprint. I tried openssl 0.9.7g stable and snapshot 2005.05.11. I built them on Windows XP. VS .NET 2003 using masm, both static and dynamic linking. Thanks, Matyas Majzik __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]