The errata list is a list of errors and their corrections that were found after the product was released. If the error was corrected in a later version or reprint the date of the correction will be displayed in the column titled "Date Corrected".
The following errata were submitted by our customers and approved as valid errors by the author or editor.
| Version |
Location |
Description |
Submitted By |
Date Submitted |
Date Corrected |
| Printed |
Page 10
On the second line of the fourth paragraph, "... she can sign it with her public key."; |
"public" should be "private".
|
Anonymous |
|
|
| Printed |
Page 29
2nd paragraph |
The second word in the second sentence should be "supports".
|
Anonymous |
|
|
| Printed |
Page 39
In the last para of the RSA section. |
The sentence "In general, we do not recommend that you use this command at all for
signing data."
NOW READS:
"In general, we do not recommend that you use this command at all for encrypting
data."
|
Anonymous |
|
Jun 01, 2006 |
| Printed |
Page 40-41
In the paragraph spanning the two pages; "... trust can be established if the certificate |
that issued a certificate...", The first instance of "certificate" should read "Certification Authority".
|
Anonymous |
|
|
| Printed |
Page 54
1st paragraph |
"just that is hasn't been revoked"
should be
"just that it hasn't been revoked"
|
Anonymous |
|
|
| Printed |
Page 56
In the fourth full paragraph on the page, every instance of "certificate" NOW |
|
Anonymous |
|
Jun 01, 2006 |
| Printed |
Page 57
In the first paragraph under the section "Code-Signing Certificates", the last word of |
the third sentence NOW READS "private key" instead of "certificate."
|
Anonymous |
|
Jun 01, 2006 |
| Printed |
Page 65
In Example 3-5, the command output shown |
"Generating a 1024 bit RSA private key"
NOW READS:
"Generating a 2048 bit RSA private key"
|
Anonymous |
|
Jun 01, 2006 |
| Printed |
Page 75
In the first sentence in the section "Static Locking Callbacks", the word provide is misspelled. |
|
Anonymous |
|
|
| Printed |
Page 76
In Example 4-1, the 11th line |
#elif _POSIX_THREADS
NOW READS:
#elif defined(_POSIX_THREADS)
|
Anonymous |
|
Jun 01, 2006 |
| Printed |
Page 76
In Example 4-1, the 25th line |
static MUTEX_TYPE mutex_buf[] = NULL;
NOW READS:
static MUTEX_TYPE *mutex_buf = NULL;
|
Anonymous |
|
Jun 01, 2006 |
| Printed |
Page 80
In Example 4-2, the 30th line |
MUTEX_CLEANUP(l->mutexp);
NOW READS:
MUTEX_CLEANUP(l->mutex);
|
Anonymous |
|
Jun 01, 2006 |
| Printed |
Page 92
2nd paragraph, 2nd sentence |
|
Anonymous |
|
|
| Printed |
Page 97
In the Random Number Generation section, documentation of RAND_bytes and RAND_pseudo_bytes was omitted. |
These are API functions for programmers to use when they need random numbers from OpenSSL. The following
are the declarations for these functions.
int RAND_bytes(unsigned char *buf, int num);
int RAND_pseudo_bytes(unsigned char *buf, int num);
The first of these functions writes num bytes of cryptographically strong random bytes into the memory at
buf. The second function does precisely the same thing except that the random bytes provided are not
necessarily unpredictable. The latter function is not suitable for cryptographic needs (it is no more
secure than functions like rand).
For more information on these functions, see the man page for RAND_bytes here.
|
Anonymous |
|
|
| Printed |
Page 113
4th paragraph |
The second sentence in the fourth paragraph on page 113 start with "There a total of
four files:". I assume there is the word "are" missing which would yield the correct
sentence "There are a total of four files:".
|
Anonymous |
|
|
| Printed |
Page 115
In the function init_OpenSSL, SSL_init_library() should be SSL_library_init() |
|
Anonymous |
|
|
| Printed |
Page 117
In Example 5-4, the 5th line |
int done, err, nread;
NOW READS:
int err, nread;
|
Anonymous |
|
Jun 01, 2006 |
| Printed |
Page 127
In Example 5-6, the 88th line |
THREAD_create(tid, server_thread, ssl);
NOW READS:
THREAD_CREATE(tid, server_thread, ssl);
|
Anonymous |
|
Jun 01, 2006 |
| Printed |
Page 136
Function post_connection_check, line 61 |
In the Win32 environment, the function strcasecmp does not exist. I inserted the
following lines above this function to fix this problem.
#ifdef WIN32
int strcasecmp(const char *left, const char *right)
{
int iter;
char leftc, rightc;
leftc = rightc = 0;
for ( iter = 0; left[iter] && right[iter] && leftc == rightc ; iter++ )
{
if ( left[iter] > 96 && left[iter] < 123 )
leftc = left[iter] & 95;
else
leftc = left[iter];
if ( right[iter] > 96 && right[iter] < 123 )
rightc = right[iter] & 95;
else
rightc = right[iter];
}
if ( leftc > rightc )
return 1;
if ( leftc < rightc )
return -1;
return 0;
}
#endif
AUTHOR: Apparently it's true, at least for some windows versions.
The function name is simply changed, though.
Here's a much simpler fix (which would go at the top of the source
listing):
#ifdef _WIN32
#define strcasecmp(x,y) stricmp(x,y)
#endif
|
Anonymous |
|
|
| Printed |
Page 138
|
In Example 5-9, line 3 should read:
#define CAFILE "rootcert.pem"
|
Anonymous |
|
|
| Printed |
Page 140
|
In Example 5-10, line 3 should read:
#define CAFILE "rootcert.pem"
|
Anonymous |
|
|
| Printed |
Page 141
In Example 5-10, the 66th line should be |
ERR_remove_state(0);
rather than:
ERR_remove_state(0)
|
Anonymous |
|
|
| Printed |
Page 141
In Example 5-10, the 101th line should be |
THREAD_CREATE(tid, server_thread, ssl);
rather than:
THREAD_create(tid, server_thread, ssl);
|
Anonymous |
|
|
| Printed |
Page 147
|
In Example 5-11, line 4 should read:
#define CAFILE "rootcert.pem"
|
Anonymous |
|
|
| Printed |
Page 148
|
In Example 5-12, line 48 should read:
#define CAFILE "rootcert.pem"
|
Anonymous |
|
|
| Printed |
Page 160
On lines 35 and 36 of Example 5-16, function name NOW READS |
"set_nonblocking rather than "set_non-blocking".
|
Anonymous |
|
Jun 01, 2006 |
| Printed |
Page 175
All AES modes use 128-bit blocks. Remove all references to variable block sizes. Rijndael, which became |
AES, supports variable block lengths, but the AES specification fixes the block size.
|
Anonymous |
|
|
| Printed |
Page 198
6th line from bottom |
unsigned char *process_file(FILE *f, insigned int *olen) should read
unsigned char *process_file(FILE *f, unsigned int *olen)
|
Anonymous |
|
|
| Printed |
Page 288
In Example 10-6 on line 77 (third line of code from bottom of the page), the parentheses do not match up. |
The line should rather be:
if (X509_REQ_verify(req, pkey) != 1)
|
Anonymous |
|
|
| Printed |
Page 289
In Example 10-6 on line 129 (third line of code from bottom of the page), the parentheses do not match |
up. The line should rather be:
if (X509_set_pubkey(cert, pkey) != 1)
|
Anonymous |
|
|
