Steve:
First,thanks a lot, i need your help.
I have written a ssl proxy to improve security, and now i have
some problem:
1.I can only get site certification from IIS (apache build in modssl is ok)
using X509_STORE_CTX_get_chain() in my verify_call
which is a callback fun
From: Richard Levitte - VMS Whacker <[EMAIL PROTECTED]>
levitte> arm> link /nologo /subsystem:console /machine:I386 /opt:ref
levitte> arm> /NODEFAULTLIB:MSV
levitte> arm> CRT.lib /out:out32\ssltest.exe @C:\DOCUME~1\arm\CONFIG~1\Temp\nmz01708.
levitte> arm> libeay32.lib(evp_key.obj) : erro
From: Antonio Ruiz Martínez <[EMAIL PROTECTED]>
arm> I've set the /Nodefaultlib but I get the next error:
arm>
arm> link /nologo /subsystem:console /machine:I386 /opt:ref
arm> /NODEFAULTLIB:MSV
arm> CRT.lib /out:out32\ssltest.exe @C:\DOCUME~1\arm\CONFIG~1\Temp\nmz01708.
arm> libeay32
At 01:20 AM 5/8/01 +0200, Lutz wrote:
>On Mon, May 07, 2001 at 04:25:10PM -0400, Tom Biggs wrote:
> > Say an application uses SSL_write() to write out (on a non-blocking socket)
> > a large buffer, which contains more bytes than an underlying SSL record
> can
> > carry.
> > What is the behavior i
For serving a 46179-byte plain-text file
in the following SSL session:
Protocol : TLSv1
Cipher: EDH-RSA-DES-CBC3-SHA
(Server public key is 1024 bit)
1. Before sending a "GET / HTTP/1.0" request, I got:
SSL handshake has read 1225 bytes (i.e. 2.7% overhead),
and writte
Lutz Jaenicke <[EMAIL PROTECTED]> writes:
> On Mon, May 07, 2001 at 04:25:10PM -0400, Tom Biggs wrote:
> > Say an application uses SSL_write() to write out (on a non-blocking socket)
> > a large buffer, which contains more bytes than an underlying SSL record can
> > carry.
> > What is the behavi
On Mon, May 07, 2001 at 01:19:36PM -0400, [EMAIL PROTECTED] wrote:
> > Moved to openssl-users.
>
> I wish you hadn't done that, because I was not subscribed to openssl-users.
> I'm subscribed now, but I hope I haven't missed any messages related to this
> between Saturday and today.
openssl-dev
During the "make test" portion of my install I received the following error.
It is not very descriptive! Any help would be greatly appreciated. Here it
is:
Generate and verify a certificate request
generating certificate request
rsa
There should be a 2 sequences of .'s and some +'s.
There should
On Mon, May 07, 2001 at 04:25:10PM -0400, Tom Biggs wrote:
> Say an application uses SSL_write() to write out (on a non-blocking socket)
> a large buffer, which contains more bytes than an underlying SSL record can
> carry.
> What is the behavior if, for example, one SSL record is successfully wr
You should buy Eric Rescorla's Book
"Designing and Building Secure Systems"
There are some code examples that show exactly what you are interested in.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Tom Biggs
Sent: Monday, May 07, 2001 1:25 PM
To: [EMAIL
Say an application uses SSL_write() to write out (on a non-blocking socket)
a large buffer, which contains more bytes than an underlying SSL record can
carry.
What is the behavior if, for example, one SSL record is successfully written,
but EWOULDBLOCK is returned when OpenSSL tries to write th
It says how to do it right in the comments, namely the block of comments
that ends with
* MD5 example:
*
* #define DATA_ORDER_IS_LITTLE_ENDIAN
*
* #define HASH_LONG MD5_LONG
* #define HASH_LONG_LOG2 MD5_LONG_LOG2
* #define HASH_CTX MD5_CTX
* #define HASH_CBLOCK MD5_CBLOCK
* #define H
Hello,
I am trying to write an application Server and another Client with SSL.
When I try to connect in the server, client this emitting the error message
(after to call SSL_connect)
error:14075FF:SSL routines:SSL23_CONNECT:unknown state
And the Server show message:
246:error:140780E5:SSL rout
Hi , I am new to openSSL. I am looking at the code in md32_common.h file
which has a single method HASH_UPDATE(..) for MD5 and SHA-1 etc. I tried to
figure out how does the program knows which digest to use at run time but
failed? any help would be highly appreciated.
Thanks,
Imran.
> Moved to openssl-users.
I wish you hadn't done that, because I was not subscribed to openssl-users.
I'm subscribed now, but I hope I haven't missed any messages related to this
between Saturday and today.
> On Fri, May 04, 2001 at 06:53:19PM -0400, Harrington, Thomas wrote:
> > I'm trying to
I did try SSLv2_method() and it works fine. However, I want my application
to handle
all servers (SSLv2 only included). By the way, the server I use to test is
Apache-ssl.
-Original Message-
From: Greg Stark [mailto:[EMAIL PROTECTED]]
Sent: Monday, May 07, 2001 12:36 PM
To: [EMAIL PROTEC
FW: Re: SSLv2_method and SSLv23_methodDid you try SSLv2_method()?
Greg Stark
[EMAIL PROTECTED]
- Original Message -
From: Hieu Nguyen
To: '[EMAIL PROTECTED]'
Sent: Monday, May 07, 2001 12:01 PM
Subject: FW: Re: SSLv2_method and SSLv23_method
Hieu Nguyen <[EMAIL PROTECTED]> writes:
> [1 ]
> I want to use SSLv23_method to create SSL_CTX for my client program. I
> worked OK if the server supports SSLv3 or TLS 1.0.
> However, if the server only supports SSLv2 (as one of our current server)
> it seems that my program only negotiates SSLv3
Title: FW: Re: SSLv2_method and SSLv23_method
I want to use SSLv23_method to create SSL_CTX for my client program. I worked OK if the server supports SSLv3 or TLS 1.0.
However, if the server only supports SSLv2 (as one of our current server) it seems that my program only negotiates SSLv3 and
Hello!
Marc Sherman wrote:
> Your project is trying to link with multiple versions of the c runtime
> library. As the compiler is suggesting, try using the /NODEFAULTLIB:library
> in your linker options. I believe LIBCMT.lib is the multi-threaded static
> verison of the c runtime, so try "/NODEF
Hi,
I'm using openssl-0.9.6a and I have to implement PPP EAP TLS Authentication
Protocol (as per rfc 2716). I looked into the openssl support for ssl / tls
and came to know that all the exported functions of ssleay32.dll are based
upon a socket connection. But I'm looking for something like memo
Your project is trying to link with multiple versions of the c runtime
library. As the compiler is suggesting, try using the /NODEFAULTLIB:library
in your linker options. I believe LIBCMT.lib is the multi-threaded static
verison of the c runtime, so try "/NODEFAULTLIB:MSVCRT.lib". (I think
MSVCRT.
Vincent,
Take a look at some of these archived threads:
(http://www.mail-archive.com/openssl-users@openssl.org/msg12948.html),
(http://www.mail-archive.com/openssl-users@openssl.org/msg09399.html) and
see if they address your needs.
Greg Stark
[EMAIL PROTECTED]
=
It would only be a guess, but perhaps you are not handling the IV correctly,
and/or you are not handling the blocksize padding correctly. Maybe you are
only properly initializing the first four bytes of an 8 byte key? Maybe
Greg Stark
[EMAIL PROTECTED]
=
Hi all,
I apologize for that (perhaps) easy questions:
I tried to understand the simply example in
~openssl_0.9.3/demos/ssl/serv.cpp. There are some questions:
a) There is no call to "SSL_library_init() which should be done. (I read in
the man page "ssl(3)".)
b) The undocumentated function "SS
Sorry. Ignore this message. Only a test.
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EM
Hello!
I've solved the problem of my last message with /MT and revome /WX.
But
now I get the next problem
cl /Fotmp32\hmactest.obj -Iinc32 -Itmp32 /MT /W3 /G5 /Ox /O2
/Ob2 /Gs0 /
GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN
-DDSO_WI
N32 -DBN_ASM -DMD5_A
Hello!
I'm trying to compile the snapshot 20010506 but i get the next
error:
cl /Fotmp32\rsa_asn1.obj -Iinc32 -Itmp32 /MD /W3 /G5 /Ox /O2
/Ob2 /Gs0
/GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN
-DDSO_W
IN32 -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM /Fdou
On 03-May-2001, Ferdinando Ricchiuti wrote:
> The best way to sign text in Netscape is signText().
>
> I think that the problem is a wrong format used to deal with the Email
> field.
>
> As an last chance try this:
>
> [EMAIL PROTECTED]/CN=name, O=organization, C=MY
>
> becouse I see thi
You have to use the CONNECT protocol.
Connect to the proxy first and then send the following string
CONNECT host:port HTTP/1.0\r\n
Check the rfc for more info
- Original Message -
From: "george" <[EMAIL PROTECTED]>
Date: Monday, May 7, 2001 5:42 am
Subject: proxy tunneling howto
> Hello,
30 matches
Mail list logo
