I don't specifically know the behavior of the code, so I have no means of
answering your question directly.
That said, it would certainly work if you stored a copy of the certificate
during your VerifyCallback(), and compared with the version you copied out
yourself. You might wish to balance thi
hello to everyone,
i am got all my wcecompat libs(wcecompat.lib and wcecompatex.lib) For
OSVERION=WCE600 ,PLAFORM=VC-CE and TARGETCPU=ARMV4I.
now i am compiling my openssl-0.9.8i i got lots of errors then i solve most
of them but i am stuck in one error and i can not solve it. so please help
me
thanks for the precisions
leaving SSLv3 active is ok if he is the only one to connect, as well as for
ciphers
but a rogue client can still force downgrade for both cipher and protocol...
for the cipher list I did clearly not choose the more efficient way to do this
however I think it is still p
On Fri, May 23, 2014 at 06:11:05PM +0200, nicolas@free.fr wrote:
> use at the very least TLSv1 (and preferably TLSv1_2) protocol if you want
> to use SSLv23_server_method(), don't forget to disable SSLv2 and 3 protocols
> (and maybe TLSv1) with the command
>
> SSL_CTX_set_options(ctx, SSL_OP_
Hi,
not really answering the initial question, but these could be some good advices
:
first of all, upgrade your library to the latest version (1.0.1g I think), the
one you're using seems a bit old and download is free ;-p
second, you should avoid SSLv2, it is not secure anymore, and since a
There's no such thing as a "secure" TCP conversation, or any other
communication channel, except in the context of a threat model - and even then
security only applies in relative terms, to things like risk probabililties and
costs. Security is not an absolute condition.
Thus there's no way to
Am 23.05.2014 14:16, schrieb Subrata Dasgupta:
Hello Sir / Madam,
I am very much new to openssl programming. I want to make a TCP
connection secure using openssl. I do not want to use any certificate
or keys.. Is it possible to make a TCP connection secure without using
certificate or keys??
Hello Sir / Madam,
I am very much new to openssl programming. I want to make a TCP connection
secure using openssl. I do not want to use any certificate or keys.. Is it
possible to make a TCP connection secure without using certificate or keys?? I
am using openssl-0.9.7a.
To make a TCP connect
The same question in much more specific terms:
int VerifyCallback(X509_STORE_CTX *store_ctx, void *arg)
Is the certificate stored in store_ctx the *new* one that the peer sends
in case of *renegotiation*?
Is the certificate stored in the SSL struct (obtained via
SSL_get_peer_certificate()) t
