]' failed
Please advise.
Thanks and Regards,
Prabhu. S
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Ma
Hi David,
Thanks. By providing the "OPENSSL_THREADS" option in the Makefile and
compiling as solved the problem.
Regards,
Prabhu. S
On 5/5/07, David Schwartz <[EMAIL PROTECTED]> wrote:
> Hi ,
>
> In my SSL enabled client application , about 100 threads are spawne
frame (corrupt stack?)
Any idea why while the function SSL_CTX_use_certificate_chain_file () is
being called there is a crash. All threads would be calling the function.
The crash is intermittent. Most of the times there are no issues.
Thanks and Regards,
Prabhu. S
Hi Vishal,
If the error is in SSL_connect(), try analysing the return value of the
method by using the SSL_get_error(). It provides insight to the failures in
handshake.
Regards,
Prabhu. S
On 6/15/07, Vishal V <[EMAIL PROTECTED]> wrote:
Dear Zack,
Thanks for your inputs but I thi
Vishal,
The client needs to have the appropriate CA certificate to verify the server
certificate.
Load the CA cert to the context object using
SSL_CTX_load_verify_locations() .
Regards,
Prabhu. S
On 6/15/07, Lutz Jaenicke <[EMAIL PROTECTED]> wrote:
Vishal V wrote:
>
> Dear Lu
immediately crashes with failed handshakes.
The way the client handles cleanup is same for both the cases.
Simultaneous connections are achieved by creating threads , one thread for
every connections.
But the CTX and SSL objects are all different for each threads.
Regards,
Prabhu. S
:169
#9 0x403b06ac in SSL_connect (s=0x63e384c8) at ssl_lib.c:850
Does it indicate a OpenSSL problem?..I have dug the application code and so
far appears it appears to be clean.
Thanks,
Prabhu. S
On 7/25/07, Dr. Stephen Henson <[EMAIL PROTECTED]> wrote:
On Wed, Jul 25, 2007, Prabhu S
(str=0x9dc98360) at mem.c:378
#7 0x405e84f5 in ERR_clear_error () at err.c:722
#8 0x403999ad in ssl3_connect (s=0xa0d6aa58) at s3_clnt.c:169
#9 0x403b06ac in SSL_connect (s=0xa0d6aa58) at ssl_lib.c:850
About 600 threads keep connecting to server in a cyclic manner.
Thanks,
Prabhu. S
On 7/27/07
have leak. Its a thin client without
much heap allocation. Should BIO_free needs to be called after every
connection? I suppose SSL_free() takes care, isn't?
Thanks,
Prabhu. S
problem
in stress test.
Any suggestions?
Regards,
Prabhu. S
n was reused?
Thanks&Regards,
Prabhu. S
On 8/16/07, Prabhu S <[EMAIL PROTECTED]> wrote:
>
> Hi,
>
> I obtain the following error leak summary with Valgrind for a single SSL
> connect with the server
>
> ==20626== 3,689 (200 direct, 3,489 indirect) bytes in 1 blocks
Got it;
int SSL_session_reused(SSL *ssl); helps in finding if the session was
being reused.
Thanks,
Prabhu. S
On 8/19/07, Prabhu S <[EMAIL PROTECTED]> wrote:
>
> Hi,
>
> I tried with minimal client code to check if there is a similar leak.
> There wasn't.
> In my a
SSL_CTX* object. All object will be using the same set of
certificates from one common location. However I see that almost every time
some threads report SSL_CTX_use_certificate_chain_file() returning zero.
Have anyone come across such behaviour.
Any suggestions?
Thanks,
Prabhu. S
cout << "Coudn't load Client PEM Certificate file:"
< error::lib(0):func(0):reason(0)
Thanks,
Prabhu. S
On 8/30/07, Marek Marcola <[EMAIL PROTECTED]> wrote:
>
> Hello,
> > I am trying to use SSL_CTX_use_certificate_chain_file to load a
> >
same case can be found at
http://www.mail-archive.com/[EMAIL PROTECTED]/msg21031.html.
I use the linux kernel 2.6
Is using pthread_self() OK. Or is there any better way which would yeild
correct thread IDs in
CRYPTO_thread_id()?
Regards,
Prabhu. S
On 8/1/07, Prabhu S <[EMAIL PROTECTED]>
the issue?..The segmentation fault occurs
for greater no of clients only >900.
Please suggest.
Thanks,
Prabhu . S
issue.
How do we use CRYPTO_set_idptr_callback()? OpenSSL document reads - " There
is still the issue of platforms where pthread_self() returns something other
than an integer. It is for cases like this that
CRYPTO_set_idptr_callback() comes
in handy"
Regards,
Prabhu. S
Hi Gayathri,
I couldn't entirely grasp what you had mentioned. l didn't find sha1 in
lsmod command output.
If you could describe briefly the issue you had experienced that would be
very much helpful.
Thanks & Regards,
Prabhu. S
On 10/15/07, Gayathri S <[EMAIL PROTECTED]>
capability.
One thread for each client made sense in that case.
And the stack size is set to 1 MB.
pthread_attr_setstacksize(&attr, 1024*1000)
I should check if setting this less would have any other impact.
Thanks & Regards,
Prabhu. S
On 10/15/07, David Schwartz <[EMAIL PROTEC
gards,
Prabhu. S
On 10/17/07, David Schwartz <[EMAIL PROTECTED]> wrote:
>
>
> > > This is really one of those "don't do that then" things.
> > > Thread-per-connection is well-known to break down at about 750
> > > connections.
>
> > Just
ion immediately dumped.
Regards,
Prabhu. S
On 10/18/07, Gayathri S <[EMAIL PROTECTED]> wrote:
>
>
> The stack trace showing a null sha1 transform kindof caught my attention
> here, I wouldnt go by the the GDB call trace coz its obviously a memory
> leak and the gdb stack could
ssl_lib.c:850
On 10/18/07, Prabhu S <[EMAIL PROTECTED]> wrote:
>
> David,
>
> The OpenSSL version that I use is openssl-0.9.8e. Your guess about methods
> being called is right. It appears to be stack corruption.
>
> Gayathri,
>
> I don't suspect the gdb.
ted ,app
crashes and rightly so.
}
c->h0=INIT_DATA_h0;
c->h1=INIT_DATA_h1;
c->h2=INIT_DATA_h2;
c->h3=INIT_DATA_h3;
c->h4=INIT_DATA_h4;
c->Nl=0;
c->Nh=0;
c->num=0;
return 1;
}
Thanks,
Prabhu. S
On 10/18/07, Prabhu S <[EMAIL
Hi,
My application tries to make multiple SSL connections to a server in a
persistent TCP Connection. The client will establish for once a TCP
connection and later on attempt n number of SSL connections in the same TCP
connection.
In a particular case where the client times out ['select' is use
memory constraints the issue here that OPENSSL_malloc
returns NULL when 1000 threads are active?
Thanks,
Prabhu. S
On Oct 20, 2007 12:27 AM, Prabhu S <[EMAIL PROTECTED]> wrote:
> SHA_CTX *c is getting corrupted. GDB indicated ctx=0x0 in init(). However
> it was not the case.
&
how we can have the extensions in the validity period.
Thanks,
Prabhu. S
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Au
Hi,
Do "SSL_library_init()" .
Prabhu. S
On 1/23/08, gopinath ethiraja <[EMAIL PROTECTED]> wrote:
>
> I tried to establish client server connection . but when i tried to
> set up the ssl context using SSL_CTX_new(SSLv23_client_method())
> method this returns only
fds are non blocking.
Is the method shown above of trying to achieve multiple SSL session in
persistent connection appropriate?
Why are clients closing the connections abruptly?
Thanks,
Prabhu. S
ient makes
hundreds of unique SSL sessions successfully in persistent connection. It
is under stress of ~800 clients , that I run into issues.
Also, the bi-directional alerts do not happen always under high
stress..could this be the reason? a possible session data mix up?
Thanks,
Prabhu. S
On T
between
> SSL and TCP is just plain crazy.
Multiple sessions are tried in a single TCP connect to reduce the
overhead of TCP handshake and termination if the client wishes to do
multiple 'new' SSL connects to server.
Thanks,
Prabhu. S
>
>
> DS
>
>
> __
stress. I
have not come across concurreny issues yet.
Thanks,
Prabhu. S
On Thu, Feb 21, 2008 at 2:15 PM, Jurko Gospodnetić <
[EMAIL PROTECTED]> wrote:
> Hi Prabhu.
>
> Have you checked that your're not running into any concurrency problems?
>
> Best regards
c.
Thanks,
Prabhu. S
On Thu, Feb 21, 2008 at 7:07 PM, jimmy bahuleyan <[EMAIL PROTECTED]>
wrote:
> Prabhu S wrote:
> >
> >
> > On 2/20/08, *David Schwartz* <[EMAIL PROTECTED]
> > <mailto:[EMAIL PROTECTED]>> wrote:
> >
> >
> > > B
Yes, Jurko. By callback functions I meant CRYPTO_set_locking_callback() and
CRYPTO_set_id_callback().
2008/2/21 Jurko Gospodnetić <[EMAIL PROTECTED]>:
> Hi Prabhu.
>
> > For each client the SSL_CTX object is unique. And when the application
> > starts, callback functions are set for multi thr
sh to communicate
like that.
Thanks,
Prabhu. S
On Thu, Feb 21, 2008 at 8:34 PM, jimmy bahuleyan <[EMAIL PROTECTED]>
wrote:
> Prabhu S wrote:
> > Hi Jimmy,
> >
> >
> > I think some details of my system would explain better.
> >
> > When the clien
threads ?
Thanks,
Prabhu. S
On Fri, Feb 22, 2008 at 3:32 AM, Saju Paul <[EMAIL PROTECTED]> wrote:
> TCP Connection: (4 bytes)
> SYN
> SYN/ACK
> ACK
>
> TCP TearDown: (3 bytes)
> FIN/ACK
> ACK
>
> 7 bytes were considered overhead and optimized on a channel that need
*SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
*(or SSL_OP_ALL), data exchange with CBC ciphers are successful.
What is happening here? Can someone please explain the theory behind
*SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
*option?
Thanks,
Prabhu. S
this frame (corrupt stack?)
Is it due to calling methods like SSL_shutdown() in cases where
SSL_handshake process was terminated abruptly.
Thanks,
Prabhu. S
Hi,
I have a SSL server application in which the certificate file is rsa.der
and key file rsakey.dat.
What is the *.dat format? How does it differ from pem and der formats?
How do we generate one with OpenSSL?
Thanks & Regards,
Prabhu
Hi,
The certificate was purchased.I am trying to import OpenSSL certificates
into the server application which runs on vxworks OS. Is there a specific
way to generate a dat format key file or just renaming a pem or der key file
to *.dat would help?
Thanks and Regards,
Prabhu
On 3/29/07, Gayath
39 matches
Mail list logo