X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=FAQ;h=d337d90ff09a3194d6ed8b7a3c38b0df3b22e59f;hp=cff1f69399459cafc770fbb70c35087836bb377a;hb=0fcb905b0dc55ea219e7d4ab2e52bc6dd15e18ba;hpb=1c17d91c53ba73c907e0559d2bb80122dc7a8284 diff --git a/FAQ b/FAQ index cff1f69399..d337d90ff0 100644 --- a/FAQ +++ b/FAQ @@ -67,6 +67,8 @@ OpenSSL - Frequently Asked Questions * Why doesn't my server application receive a client certificate? * Why does compilation fail due to an undefined symbol NID_uniqueIdentifier? * I think I've detected a memory leak, is this a bug? +* Why does Valgrind complain about the use of uninitialized data? +* Why doesn't a memory BIO work when a file does? =============================================================================== @@ -75,7 +77,7 @@ OpenSSL - Frequently Asked Questions * Which is the current version of OpenSSL? The current version is available from . -OpenSSL 0.9.8a was released on October 11th, 2005. +OpenSSL 0.9.8g was released on October 19th, 2007. In addition to the current stable release, you can also access daily snapshots of the OpenSSL development version at B->C so that A signs, B and B signs C. Suppose +Consider a certificate chain A->B->C so that A signs B and B signs C. Suppose certificate C contains AKID. The purpose of this extension is to identify the authority certificate B. This @@ -699,8 +701,11 @@ libraries. If your platform is not one of these, consult the INSTALL file. Multi-threaded applications must provide two callback functions to -OpenSSL. This is described in the threads(3) manpage. - +OpenSSL by calling CRYPTO_set_locking_callback() and +CRYPTO_set_id_callback(). (For OpenSSL 0.9.9 or later, the new +function CRYPTO_set_idptr_callback() may be used in place of +CRYPTO_set_id_callback().) This is described in the threads(3) +manpage. * I've compiled a program under Windows and it crashes: why? @@ -913,5 +918,36 @@ thread-safe): ERR_free_strings(), EVP_cleanup() and CRYPTO_cleanup_all_ex_data(). +* Why does Valgrind complain about the use of uninitialized data? + +When OpenSSL's PRNG routines are called to generate random numbers the supplied +buffer contents are mixed into the entropy pool: so it technically does not +matter whether the buffer is initialized at this point or not. Valgrind (and +other test tools) will complain about this. When using Valgrind, make sure the +OpenSSL library has been compiled with the PURIFY macro defined (-DPURIFY) +to get rid of these warnings. + + +* Why doesn't a memory BIO work when a file does? + +This can occur in several cases for example reading an S/MIME email message. +The reason is that a memory BIO can do one of two things when all the data +has been read from it. + +The default behaviour is to indicate that no more data is available and that +the call should be retried, this is to allow the application to fill up the BIO +again if necessary. + +Alternatively it can indicate that no more data is available and that EOF has +been reached. + +If a memory BIO is to behave in the same way as a file this second behaviour +is needed. This must be done by calling: + + BIO_set_mem_eof_return(bio, 0); + +See the manual pages for more details. + + ===============================================================================