[PATCH] ecrypto/ecdsa: fix a zero change in the test suite

At the end of the testsuite in test_builtin() happens the following: - a previously created signature gets modified at a random spot - this signature is compared against the data which was used to create the signature. Now, in theory the last step should always fail in reality is passed

Non empty error stack failing non-blocking SSL IO

I'm using OpenSSL 0.9.8i, and have noticed the following scenario: - Some OpenSSL crypto function returns with an error, leaving a description of the error on the error queue - The application neglects to call ERR_clear_error() - SSL_read() is then called on a

What is the REALLY proper way to use an ENGINE?

If we take a look at any ENGINE_load_XXX function, we find that they all has similar structure: ENGINE *toadd = engine_XXX(); if(!toadd) return; ENGINE_add(toadd); ENGINE_free(toadd); ERR_clear_error(); My question is: why we need call ENGINE_free(toadd) ?? Somewhere inside

Re: What is the REALLY proper way to use an ENGINE?

Update: adding ENGINE_init(e) after e = ENGINE_by_id(XXX); doesn't make any difference, as in my case functional reference count is 8(???) at the moment of ENGINE_init(e) call, so engine is not re-initialised. :( On 4 January 2011 04:12, Andrey Kulikov amde...@gmail.com wrote: If we take a

Re: What is the REALLY proper way to use an ENGINE?

On Tue, Jan 04, 2011, Andrey Kulikov wrote: If we take a look at any ENGINE_load_XXX function, we find that they all has similar structure: ENGINE *toadd = engine_XXX(); if(!toadd) return; ENGINE_add(toadd); ENGINE_free(toadd); ERR_clear_error(); My question is:

Re: Non empty error stack failing non-blocking SSL IO

If your program ignores the error queue, your program is doing the equivalent of not checking errno after every system call. The program is required to deal with the error queue, because it is OpenSSL's only mechanism for informing the application code of the wide variety of potential

RE: Non empty error stack failing non-blocking SSL IO

I realize that I must be doing all that. The difference I see from errno (and the reason I wrote this) is that if you fail to read errno, it does not affect the outcome of the NEXT system call (save for few documented cases which specifically instruct you to clear errno before calling the

Re: What is the REALLY proper way to use an ENGINE?

Thanks for a explanations. Let's consider following main, using ccgost engine: main(){ OPENSSL_config(NULL); ENGINE *e = ENGINE_by_id(gost); ENGINE_init(e); ENGINE_free(e); ENGINE_set_default(e, ENGINE_METHOD_ALL); OpenSSL_add_all_algorithms(); // emulating

Re: [CVS] OpenSSL: OpenSSL_1_0_1-stable: openssl/crypto/x509v3/ v3_asid.c

On Mon, Jan 03, 2011 at 01:52:11PM +0100, Dr. Stephen Henson wrote: OpenSSL CVS Repository http://cvs.openssl.org/ Server: cvs.openssl.org Name: Dr. Stephen Henson Root: