-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
dear honorable doctor member and all Fu C
when using ssl V2 it is possible to run code in a few lines I quote
#define CHK_NULL(x) do { if ((x)==NULL) exit (1); } while(0)
#define CHK_ERR(err,s) if ((err)==-1) { perror(s);
exit(1); }
#define CHK_SSL(err) if ((err)==-1) {
ERR_print_errors_fp(stderr); exit(2); }
ssl = SSL_new(ctx);
CHK_NULL(ssl);
SSL_set_fd (ssl, sockfd);
err = SSL_connect(ssl);
CHK_SSL(err);
//send data
void send_line(SSL* ssl,char* cmd)
{
int err;
err = SSL_write (ssl, cmd, strlen(cmd));
CHK_SSL(err);
}
//receive data
void recv_line(SSL* ssl)
{
char rbuf[1500] = {0};
int err;
err = SSL_read (ssl, rbuf, sizeof(rbuf) - 1);
CHK_SSL(err);
printf("%s\n", rbuf);
}
So you can run a client in a few dozen lines
when using ssl really one is obliged to give all the sequences is it
possible to remove some of the code
exemple my code
https://github.com/fakessh/openprojectssl/blob/master/smtp_openssl.c
- - open c socket
- - init ssl library -> ssl_librabry_init()
- - to establish ssl context -> sslContext = SSL_CTX_new(
SSLv3_client_method() )
- - to assign and manage CERTs ## can not use
-> x509store = SSL_CTX_get_cert_store( sslContext )
-> X509_STORE_add_cert(x509store, x509CACert)
-> ...
- - to use a CERTs -> SSL_CTX_use_certificate( sslContext, x509Cert )
##can not use
- - to use RSA key -> SSL_CTX_use_RSAPrivateKey( slContext,
rsaPrivPRIVKEY ) ##can not use
- - to check CERTs -> SSL_CTX_check_private_key( sslContext ) ##can not
use
- - to establish SSL HANDLE -> sslHandle = SSL_new( sslContext )
- - to asign c socket to the handler -> SSL_set_fd( sslHandle, socket)
- - and finally, to establish the ssl connection -> SSL_connect( sslHandle )
it would be possible to create a connection in a few lines what would
be the example to make it simple to see from home as easy as with SSL v2
A simplified example would be useful to me
sincerely
- --
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC2626742
gpg --keyserver pgp.mit.edu --recv-key C2626742
http://urlshort.eu fakessh @
http://gplus.to/sshfake
http://gplus.to/sshswilting
http://gplus.to/john.swilting
https://lists.fakessh.eu/mailman/
This list is moderated by me, but all applications will be accepted
provided they receive a note of presentation
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk/iehkACgkQNgqL0sJiZ0KXxQCfe/6VqPUwBVL913J/+h4J11dA
TjUAoNq7bRDNhqxNH1M9YPs34JposP+E
=huno
-----END PGP SIGNATURE-----
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
