Christophe Devine wrote:
Christian Marg [EMAIL PROTECTED] wrote:
See the log on http://pastebin.com/892617 (or if that takes to long to
load: http://pastebin.ca/379610 ) - didn't want to post 30K mail ;)
Looking at the logs, it appears the server drops the connection after
the client has
Ben Laurie schrieb:
Lutz Jaenicke wrote:
Lutz Jaenicke wrote:
Peter Waltenberg wrote:
Yes, it's desirable that that data is unknown however there is a
compromise possible:
Complement the area. It'll mean valgrind will only complain at the correct
place, or possibly not
Hi.
I'm developing an TLS implementation for Common Lisp.
I'm using openssl s_server and s_client for tests propose.
Why initial Handshake messages are sent only in TLSPlaintext and not
TLSCompressed and TLSCiphertext?
Where is written on protocol RFC that the initial handshake messages are
Hi.
I'm developing an TLS implementation for Common Lisp.
I'm using openssl s_server and s_client for tests propose.
Why initial Handshake messages are sent only in TLSPlaintext and not
TLSCompressed and TLSCiphertext?
Because all security parameters are negotiated during this phase. So
Oi. Don't do that.
Why not?
Because it's a pure pessimization whose sole purpose is to suppress a
bogus
warnings that very, very few people even see, when there's already a way to
suppress those warnings that doesn't impose costs on people who don't care
about them because they'll
Yes but:
If you use Purify you have to recompile anyway to instrument the code.
Valgrind runs on unmodified binaries - and it's not always possible to get
someone else to recompile their code so that you can find problems.
OpenSSL is used in commercial products where source isn't always
Valgrind runs on unmodified binaries - and it's not always
possible to get someone else to recompile their code so that
you can find problems. OpenSSL is used in commercial products
where source isn't always available.
Valgrind *can* run on unmodified binaries, but when you do that, you get
Peter Waltenberg wrote:
Valgrind runs on unmodified binaries - and it's not always possible to
get someone else to recompile their code so that you can find problems.
OpenSSL is used in commercial products where source isn't always
available.
This does not mean the valgrind ready version
If you want to debug with OpenSSL you must compile a debugging version,
if you want to profile with OpenSSL you must compile a profiling
version, if you want to use valgrind with OpenSSL you must compile a
valgrind version, yadda, yadda.
Which is fine - IF you have access to the sources of