* How can I contact the OpenSSL developers?
* Do I need patent licenses to use OpenSSL?
* Is OpenSSL thread-safe?
+* Can I use OpenSSL's SSL library with non-blocking I/O?
* Why do I get a "PRNG not seeded" error message?
* Why does the linker complain about undefined symbols?
* Where can I get a compiled version of OpenSSL?
* Why does the OpenSSL test fail with "bc: 1 no implemented"?
* Why does the OpenSSL compilation fail on Alpha True64 Unix?
* Why does the OpenSSL compilation fail with "ar: command not found"?
+* Why does the OpenSSL compilation fail on Win32 with VC++?
+* Why aren't tools like 'autoconf' and 'libtool' used?
* Which is the current version of OpenSSL?
The current version is available from <URL: http://www.openssl.org>.
-OpenSSL 0.9.5a was released on April 1st, 2000.
+OpenSSL 0.9.6 was released on September 24th, 2000.
In addition to the current stable release, you can also access daily
snapshots of the OpenSSL development version at <URL:
OpenSSL. This is described in the threads(3) manpage.
+* Can I use OpenSSL's SSL library with non-blocking I/O?
+
+Yes; make sure to read the SSL_get_error(3) manual page!
+
+A pitfall to avoid: Don't assume that SSL_read() will just read from
+the underlying transport or that SSL_write() will just write to it --
+it is also possible that SSL_write() cannot do any useful work until
+there is data to read, or that SSL_read() cannot do anything until it
+is possible to send data. One reason for this is that the peer may
+request a new TLS/SSL handshake at any time during the protocol,
+requiring a bi-directional message exchange; both SSL_read() and
+SSL_write() will try to continue any pending handshake.
+
+
* Why do I get a "PRNG not seeded" error message?
Cryptographic software needs a source of unpredictable data to work
adds a /dev/random device and make sure it gets used, usually through
$RANDFILE. There are probably similar patches for the other Solaris
versions. However, be warned that /dev/random is usually a blocking
-device, which may have som effects on OpenSSL.
+device, which may have some effects on OpenSSL.
* Why does the linker complain about undefined symbols?
int len;
len = i2d_PKCS7(p7, NULL);
-buf = OPENSSL_Malloc(len); /* or Malloc, error checking omitted */
+buf = OPENSSL_malloc(len); /* or Malloc, error checking omitted */
p = buf;
i2d_PKCS7(p7, &p);
'/usr/ccs/bin' is permanently in your $PATH, for example through your
'.profile' (again, assuming you use a sh-compatible shell).
+
+* Why does the OpenSSL compilation fail on Win32 with VC++?
+
+Sometimes, you may get reports from VC++ command line (cl) that it
+can't find standard include files like stdio.h and other weirdnesses.
+One possible cause is that the environment isn't correctly set up.
+To solve that problem, one should run VCVARS32.BAT which is found in
+the 'bin' subdirectory of the VC++ installation directory (somewhere
+under 'Program Files'). This needs to be done prior to running NMAKE,
+and the changes are only valid for the current DOS session.
+
+
+* Why aren't tools like 'autoconf' and 'libtool' used?
+
+autoconf is a nice tool, but is unfortunately very Unix-centric.
+Although one can come up with solution to have ports keep in track,
+there's also some work needed for that, and can be quite painful at
+times. If there was a 'autoconf'-like tool that generated perl
+scripts or something similarly general, it would probably be used
+in OpenSSL much earlier.
+
+libtool has repeatadly been reported by some members of the OpenSSL
+development and others to be a pain to use. So far, those in the
+development team who have said anything about this have expressed
+a wish to avoid libtool for that reason.
+