> To begin with, when the client calls SSL_connect(), it is guaranteed that
> the server is waiting / looping in SSL_accept(). So I believe there is no
> chance that SSL_connect() will read any plaintext data.
Do you have any rational basis for this belief? Consider:
1) The client calls SSL_conn
On Fri, Dec 14, 2007 at 11:06:58AM +0100, Lutz Jaenicke wrote:
> > else if (ret < 0) {
> > switch(SSL_get_error((SSL *)s, ret)) {
> > case SSL_ERROR_WANT_READ:
> > case SSL_ERROR_WANT_WRITE:
> > break;
> > default:
> >
To begin with, when the client calls SSL_connect(), it is guaranteed that
the server is waiting / looping in SSL_accept(). So I believe there is no
chance that SSL_connect() will read any plaintext data.
In my scenario, the ERR_reason_error_string(ERR_get_error()) tells me that
there was a problem
First, if you pasted your original code into the email, then you have
several typos.
Second, two of the lines generate warnings on compilation about
incompatible pointer types - these are significant. The lines are:
num_byte = BN_dec2bn(dh_struct->p,str_p);
num_byte = BN_dec2bn(dh_struct->g,
> I have a client that attempts to open a secured session with the server.
> After calling SSL_connect(), on failure, the client would free the SSL
object,
> and read the response on normal tcp socket.
> On the other hand, the server calls SSL_accept(), and on failure, would
free
> the SSL objec
> dh_struct = DH_new();
> dh_struct->p = BN_new();
> dh_struct->g = BN_new();
> dh_struct->priv_key = BN_new();
> dh_struct->pub_key = BN_new();
> num_byte = BN_dec2bn(dh_struct->p,str_p); // Here it seems that not
execute anything about
Something is very wrong in your code. BN_new returns a '
Hello everyone,
I have a client that attempts to open a secured session with the server. After
calling SSL_connect(), on failure, the client would free the SSL object, and
read the response on normal tcp socket.
On the other hand, the server calls SSL_accept(), and on failure, would free
the S
> The decrypt program:
>
> unsigned char *DecryptTest(unsigned char *in, int inl, unsigned
> char *key, unsigned char *iv, int * outl)
> {
> int ret;
> EVP_CIPHER_CTX ctx;
> EVP_CIPHER_CTX_init(&ctx);
>
> ret = EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), 0, key, iv);
> if(!ret)
Yes, indeed. When processing the moderation queue I accidantly hit the
"approved" button instead of "delete".
Sorry,
Lutz
Vittorio Giovara wrote:
> too much god and too much money in the same email...
> not working...
>
> http://www.lindqvist.com/en/esther-koffi-a-do-gooder-scammer
>
> 2007/1
Wietse Venema wrote:
> Victor Duchovni:
>
>> When a user requests SSL protocol debug logging from Postfix, we use
>> essentially boilerplate code from SSL_CTX_set_info_callback(3):
>>
>
> And then they see so much crap that it freaks them out, and not
> just the buffer-empty conditions.
>
>
Victor Duchovni wrote:
> When a user requests SSL protocol debug logging from Postfix, we use
> essentially boilerplate code from SSL_CTX_set_info_callback(3):
>
>... initialiation ...
>if (where & SSL_CB_LOOP)
> {
> BIO_printf(bio_err,"%s:%s\n",str,SSL_sta
From: [EMAIL PROTECTED]: [EMAIL PROTECTED]: Doubt about the use and
initialization of DH structDate: Fri, 14 Dec 2007 10:23:19 +
Hello,I have a problem with DH struct in my source code C.
Here a small list of my code:
#include
#include
#include
#include
#include
DH *dh_struct;
Hi,
I test AES CBC mode with below test case(from RFC 3602 section 4). I meet some
questions which are strange for me.
(I use openssl-0.9.8g, under WidowsXP, VC6++),
1 EVP_EncryptFinal_ex() shall be called after calling EVP_EncryptUpdate(), or
not if the block is just 16 bytes long
2 when I d
Hi,
I download openssl-0.9.8g from openssl.org website.
I want to build it using cygwin, so I run command "config" and command
"make" in cygwin.
libssl.a and libcrypt.a all be created.
But, this two lib can not work. Because I need armcc as compiler, not
gcc.
How can I do? I think tha
Victor Duchovni:
>
> When a user requests SSL protocol debug logging from Postfix, we use
> essentially boilerplate code from SSL_CTX_set_info_callback(3):
And then they see so much crap that it freaks them out, and not
just the buffer-empty conditions.
It's like when people installed tcp wrappe
15 matches
Mail list logo
