reSIProcate

Mailing Lists

Source Code

Google Search:



< Previous by Date Date Index Next by Date >
< Previous in Thread Thread Index  

RE: [reSIProcate] A few bugs in resiprocate

Thanks for your comments!  I've responded inline....

> -----Original Message-----
> From: resiprocate-devel-bounces@xxxxxxxxxxxxxxxxxxx
[mailto:resiprocate-
> devel-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Xue Yong Zhi
> Sent: Wednesday, August 17, 2005 3:07 PM
> To: resiprocate-devel@xxxxxxxxxxxxxxxxxxx
> Subject: [reSIProcate] A few bugs in resiprocate
> 
> I checked resiprocate's source code and find a few issues (most are
> windows
> and openssl related):
> 
> 1. TLSConnection.cxx is not includeed in the VS projects(at least not
in
> resiprocate_7_1.vcproj). An user will have trouble to build it with
> USE_SSL
> defined.

[Scott]  What version are you using?  This file is present in the
projects in the SVN head.

> 2. By default, the windows build uses static CRT, but in Threadif.cxx
> there
> is a CreateThread call. They do not play nicely together, see MSDN:
> A thread that uses functions from the static C run-time libraries
should
> use
> the _beginthreadex and _endthreadex C run-time functions for thread
> management rather than CreateThread and ExitThread. Failure to do so
> results
> in small memory leaks when ExitThread is called. Note that this is not
a
> problem with the C run-time in a DLL.

[Scott] I'm considering changing the default to Multithreaded DLL, so
that should eliminate this issue.

> 3. Openssl's random generator is not intialized on windows. See
> Random.cxx.
> We can simply do:
> 
> ::RAND_screen ();
> 
> It's not perfect(see http://www.openssl.org/support/faq.html#USER1),
but
> better than nothing(otherwise some openssl API may fail).

[Scott] I added this to the SVN head - thanks!
 
> 4. Openssl are not used thread safe.
> 
> See http://www.openssl.org/support/faq.html#PROG1

[Scott] All TLS transport (SSL Connection) activity happens from the
same thread - so I don't think this is an issue.

> 5. Seems resiprocate uses non-bloking socket (TlsTransport inherites
from
> TcpBaseTransport and there is makeSocketNonBlocking call in
> TcpBaseTransport's ctor)? If so, there are quiet a few problem in the
> implementation.
> 
> For example, SSL_Pending is not called before SSL_Read and SSL_Write.

[Scott] I'll leave this one for the transport exports to comment on.