I always try to do an SSL_read every time I give a new packet to
OpenSSL library,
It's true that I only try it once per packet I give.
Maybe I should try SSL_pending after this read, to ensure that aren't more data.
Normally SSL_pending return 0, even before trying to read.
When I call to SSL_rea
This license is only for binary distribution, and not for my source
distribution, I suppose.
On Sat, Aug 30, 2008 at 1:01 AM, Kyle Hamilton <[EMAIL PROTECTED]> wrote:
> Also, regarding the googlecode home page for your project: you need to
> also explicitly mention the people who wrote SSLeay (fro
...which I just realized I forgot to include in my original message to
you. My apologies. :(
-Kyle H
On Fri, Aug 29, 2008 at 4:02 PM, Kyle Hamilton <[EMAIL PROTECTED]> wrote:
> You are forgetting the '-export' commandline parameter.
>
> -Kyle H
>
> On Fri, Aug 29, 2008 at 10:48 AM, Bart Wahlgren
You are forgetting the '-export' commandline parameter.
-Kyle H
On Fri, Aug 29, 2008 at 10:48 AM, Bart Wahlgren
<[EMAIL PROTECTED]> wrote:
> Thanks for the help but I'm having some issues. Windows does require the file
> to be in .pfx format. Here is command that I'm entering to generate the .pf
Also, regarding the googlecode home page for your project: you need to
also explicitly mention the people who wrote SSLeay (from which
OpenSSL is derived), not just the OpenSSL project. The details are in
the LICENSE file in the OpenSSL package. :)
"This product includes software developed by the
If SSL_read or SSL_write return SSL_WANT_READ or SSL_WANT_WRITE, just
at some point call them again. It means either that insufficient data
has actually come in to decrypt the next SSL packet, or that there's a
request for a renegotiation, or whathaveyou. The SSL_read and
SSL_write functions will
Ok that makes sense. kinda goes with what I had been thinking, So i just add
the null character at the end of the bio before I use BIO_get_mem_data(out,
&enc_msg);
now just how to do that .
ssl bio write
mike Luich
On Fri, Aug 29, 2008 at 1:35 PM, David Schwartz <[EMAIL PROTECTED]>wrote:
>
>
Hi,
I'm using OpenSSL to create a VPN software based on the DTLS
implementation of it.
The source is available here: http://vpmn.googlecode.com/svn/trunk/src/
My application is currently using pthreads and I use a mutex for every
SSL object, locking it before every SSL_* function call.
There are
Thanks for the help but I'm having some issues. Windows does require the file
to be in .pfx format. Here is command that I'm entering to generate the .pfx
file. The filenames came from the httpd-ssl.conf file.
openssl pkcs12 -in _.ourdomain.com.crt -inkey server.key -name "GoDaddy-signed
serve
> Hmm then perhaps I'm expecting the wong thing to be coming
> out. I'm using PKCS7_encrypt followed by SMIME_write_PKCS7.
> So the data is base64 encoded and in S/MIME Format.
> I just want to get this in a format that I can return as a
> string that's null terminated. So the app can use it as
Hmm then perhaps I'm expecting the wong thing to be coming out. I'm using
PKCS7_encrypt followed by SMIME_write_PKCS7. So the data is base64 encoded
and in S/MIME Format.
I just want to get this in a format that I can return as a string that's
null terminated. So the app can use it as a string.
M
> My company currently has a wildcard SSL certificate purchased from
> Go Daddy. It's installed on a Linux Apache web server we are going
> to deploy a Windows web server to support a different application.
> Go Daddy has told me that we can use the certificate on more than
> one server concurrent
> Hello everyone, here's what's driving me nuts.
> I'm sure i'm missing something simple, but why isn't the
> encrypted message coming out of
> " BIO_get_mem_data(out, &enc_msg); " Null terminated ?
> Mike Luich
Why should it be? It's not a string, it's a block of arbitrary data.
Besides, what
> Thanks, Kyle for the reply.
>
> Does anyone have a definitive answer for this one? It could be a
> massive
> amount of work for me to rewrite the code if I have to switch to using
> a single thread for read/write operations.
Just to clarify, you can use two threads. You can use one for read an
On Fri August 29 2008 11:35, Michael Luich wrote:
> Hello everyone, here's what's driving me nuts. I'm sure i'm missing
> something simple, but why isn't the encrypted message coming out of "
> BIO_get_mem_data(out, &enc_msg); " Null terminated ?
>
Because null is a valid encrypted value of a by
Hello everyone, here's what's driving me nuts. I'm sure i'm missing
something simple, but why isn't the encrypted message coming out of "
BIO_get_mem_data(out, &enc_msg); " Null terminated ?
Full code below.
Mike Luich
fprintf (stderr, "ENTER: %s in %s, line %d.\n",
__
Mark wrote:
Presumably you can use multiple threads for reading and writing as long
as you
ensure that they are not both calling an SSL function at the same time?
Function ???
The important aspect is the principal object/handle you are passing the
function. For most of the API that an appli
When I created my private key I never specified an alias.
I used:
openssl genrsa -des3 -out domain.com.key 1024
Then my CSR was created with:
openssl req -new -config openssl.cnf -key domain.com.key -out domain.com.csr
I sent to Verisign and received my certificate.
The problem is that Verisig
Hello Everyone,
I am new to RSA/SHA1 & need some help from your side !
We have a client application on windows & I am in process to port that on
Mac. I am facing some problems with the RSA/SHA1 authentication on Mac.
Windows logic:
On windows side we have a client key file "cspkb.dat" which we a
Thanks, Kyle for the reply.
Does anyone have a definitive answer for this one? It could be a
massive
amount of work for me to rewrite the code if I have to switch to using
a single thread for read/write operations.
> -Original Message-
> Mark: I don't know if the structure is managed in
The file crypto/threads/mttest.c in the source distribution, according
to the man page for CRYPTO_set_locking_callback, shows examples for
Solaris, Irix, and Win32. I don't know what platform you're on, but
the Solaris example might help you more than anything else.
Mark: I don't know if the stru
hi ..
I have read these lines..
"Multi-threaded applications must provide two callback functions to
OpenSSL by calling CRYPTO_set_locking_callback() and
CRYPTO_set_id_callback(), for all versions of OpenSSL up to and
including 0.9.8[abc...]. As of version 0.9.9, CRYPTO_set_id_callback()
and assoc
In your httpd.conf, you have a SSLCertificateKeyFile option set. This
refers to your private key file. It's probably in PEM format, and
should be able to be imported directly into Windows's certificate
store.
If it can't be, you need to create a PKCS#12 (aka PFX) file. To do
this, you do (the b
Presumably you can use multiple threads for reading and writing as long
as you
ensure that they are not both calling an SSL function at the same time?
This is what I do.
Mark
> -Original Message-
>
> You cannot use different threads for reading and writing. OpenSSL is
> thread-safe wi
You cannot use different threads for reading and writing. OpenSSL is
thread-safe with the limitation that an SSL session cannot be used
across multiple threads. (It may possibly work for one, but multiple
clients call into the library at different and odd times.)
http://www.openssl.org/support/f
Hello everyone,
I am still facing the same segmentation error in multithreaded server
using openssl APIs.
Everything is correct for single client ... but when multiple clients
are used it gives segmentation problem
In my application there are different threads for read and write.
Could anyone ple
Hello,
I have a problem with two SUN Solaris 10 server. Both server are identical
(config files, versions...) and an Apache web server with openssl is running on
each of them. Now I have a problem with ssl certificates: On the first server
there is no problem running a https site, but on the
My company currently has a wildcard SSL certificate purchased from Go Daddy.
It's installed on a Linux Apache web server we are going to deploy a Windows
web server to support a different application. Go Daddy has told me that we
can use the certificate on more than one server concurrently. To do t
28 matches
Mail list logo
