From owner-freebsd-hackers Thu Dec 13 20:16:18 2001 Delivered-To: freebsd-hackers@freebsd.org Received: from citusc17.usc.edu (citusc17.usc.edu [128.125.38.177]) by hub.freebsd.org (Postfix) with ESMTP id 202D837B41B for ; Thu, 13 Dec 2001 20:16:15 -0800 (PST) Received: (from kris@localhost) by citusc17.usc.edu (8.11.6/8.11.4) id fBE4FwL84459; Thu, 13 Dec 2001 20:15:58 -0800 (PST) (envelope-from kris) Date: Thu, 13 Dec 2001 20:15:58 -0800 From: Kris Kennaway To: KAISER Laszlo Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: SSL_connect fails Message-ID: <20011213201558.B84382@citusc17.usc.edu> References: <20011209184143.H12621@ovinet.hu> <20011210104529.A8829@ovinet.hu> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="qMm9M+Fa2AknHoGS" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20011210104529.A8829@ovinet.hu>; from titanic@ovinet.hu on Mon, Dec 10, 2001 at 10:45:30AM +0100 Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --qMm9M+Fa2AknHoGS Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Dec 10, 2001 at 10:45:30AM +0100, KAISER Laszlo wrote: > On Sun, Dec 09, 2001 at 06:41:43PM +0100, KAISER Laszlo wrote: > > I'm doing a port of a little OpenSSL program to FreeBSD from linux, but= the > > code which works fine on linux fails on FreeBSD at SSL_connect(). > > This function allways returns with -1 and SSL_errno is 1. >=20 > To answer myself; >=20 > The problem was trivial. OpenSSL couldn't seed random generator for corre= ct > entropy without /dev/urandom or without a specified file, therefore i had= to > create a temporary file which consists of enough random numbers (1024). T= his > was problem on solaris port, too, but on BSD it caused by chroot > environment. OpenSSL got the filename consists of entropy from an > environment value named RANDFILE. >=20 > Some notice: > I think an API hasn't consists of exit() calls and if i send a NULL > pointer to an API call, it couldn't SEGFAULT. OpenSSL does. I think it is > not a feature, or if it is, i'like to turn off. :/ Complain to the OpenSSL developers, not us. Kris --qMm9M+Fa2AknHoGS Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE8GXz8Wry0BWjoQKURApKIAKCgkJzf4coH/DLrSQPjbA9X+MdbHwCdH8ly 3hJf0K95v5eO641BB8eHXYA= =08xF -----END PGP SIGNATURE----- --qMm9M+Fa2AknHoGS-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message