double free or corruption (!prev) in CRYPTO_free()?

Hi, I have a SSL enabled client application. The client connects to the server with which it shares no common ciphers. When 200 or more simultaneous connections are made the application crashes. The backtrace indicates double free or corruption (!prev) in CRYPTO_free(). However when there is a co

SSL verify options

Hey, I am using SSL_get_verify_result() to check the verification result. In addition to the normal checks, I want to do the followings: 1) I want to accept certificates even if it's expired. However, I can't simply ignore the errors X509_V_ERR_CERT_NOT_YET_VALID and X509_V_ERR_CE

Config option for -keyform?

Hi, I'm looking for a config file option that will force openssl to use an engine's load key functions when accessing key files, like the "-keyform engine" option offered by the openssl command. Does such an option exist? Thanks, Kent -- Kent Yoder IBM LTC Security Dev. __

Re: Is securing a communication channel so simple?

It's hard to state that a communications channel is "secure" without defining what it means to be "secure". TLS takes a three-pronged approach. (For a more in-depth discussion on what the cryptographic community has determined as being "secure" as applied to a communications channel, Schn