> Removing all the problems you can find is simply not a reliable way to
> develop software. You have to design the software such that there aren't
> problems, then remove any that slipped through. You can't use testing as
the
> way to create the guarantee in the first place.
Heh :-)
I totally ag
> Guaranteed to work? Who's doing the indemnification?
The point of a guarantee is that it is much less likely to change on another
machine or if a library is upgraded and compatability is claimed. Of course,
things can still go wrong.
When bugs are fixed in a library or a new version claims co
>
> How are you sure of this ? Did you manually remove the object code from
> the library, or place an abort(); call at the points -DPURIFY is listed
> to you can be sure that execution never gets there.
>
Actually, I am trying to create an application that has one context per
thread,
where each
> IMO, writing security software by doing something that is specifically
not
> documented or guaranteed to work and then trying to fix every problem it
> creates (at least, that you can find) is completely insane.
Guaranteed to work? Who's doing the indemnification?
Security's all about trade-
>
> IMO, writing security software by doing something that is specifically not
> documented or guaranteed to work and then trying to fix every problem it
> creates (at least, that you can find) is completely insane.
>
Ok, I managed to "find" another problem: error setting/getting (eg.
ERR_clear_er
Paul Sheer wrote:
Well my hybrid threaded app now seems to be stable - even under extreme
loads.
2. Use my own RAND object (RAND_set_rand_method) so that
OpenSSL does
not try lock static globals.
How are you sure of this ? Did you manually remove the object code
> Am I doing anything completely insane here?
IMO, writing security software by doing something that is specifically not
documented or guaranteed to work and then trying to fix every problem it
creates (at least, that you can find) is completely insane.
DS
Paul Sheer wrote:
I valgrind'ed OpenSSL as follows:
I compiled OpenSSL (0.9.8g) with my own random number engine - in
order to generate
pseudo random numbers that are not based on unitialized values (if you
run openssl
without doing this you get infinite warnings - of course).
The results a
Well my hybrid threaded app now seems to be stable - even under extreme
loads.
Here is what I did for others to refer:
Comments *most* welcome.
These steps allow me to link both builds of my program with the same
non-threaded
OpenSSL build. I.e. both the fork() and pthread_create() builds of my
Hi,
We have installed 64 bit SSL-enabled Apache 2.2.6 on solaris 10(64 bit).
Used CFLAGS="-O3 -m64"
LDFLAGS="-m64"
When tried to create server request as:-
At /openssl/openssl$openssl req -new -key server.key -out
server.csr
gives an error
openssl req -new -key server.key -out server.csr
Unable
10 matches
Mail list logo