,
you still need WinSock and socket()/accept() calls. See the BIO_new_socket man page.
Regards,
Fred Crable
> -Original Message-
> From: Darren McDonald [mailto:[EMAIL PROTECTED]
> Sent: Thursday, January 22, 2004 9:38 AM
> To: [EMAIL PROTECTED]
> Subject: Re: normal vs
I've found these examples very helpful in getting started & doing the basics.
http://www.rtfm.com/openssl-examples/
Regards,
Fred
> -Original Message-
> From: rushikesh joshi [mailto:[EMAIL PROTECTED]
> Sent: Monday, January 12, 2004 7:15 AM
> To: [EMAIL PROTECTED]
> Subject: Re: SOME BAC
just for kicks and
it compiled w/o any complaints and w/o defining the NO_KRB5!? Perhaps I'll recompile
openssl on the target RedHat Enterprise 2.4. Thanks again for the help.
Regards,
Fred Crable
> -Original Message-
> From: Jeff Fulmer [mailto:[EMAIL PROTECTED]
> Sent
#x27;t compile unless /usr/kerberos/include
> is added to
> -I. I got around this by compiling without kerkeros support:
>
> -DOPENSSL_NO_KRB5
>
> Cheers,
> Jeff
>
> On Thu, Jan 08, 2004 at 12:19:45PM -0600, Fred Crable wrote:
> > I may be a little off-topic, but
Actually I've got it down to one final symbol using -lkrb5 -lk5crypto and -lkdb5.
/usr/kerberos/lib/libkrb5.a(kdb5_err.o)(.text+0x1b): In function
`initialize_kdb5_error_table':
: undefined reference to `_et_list'
> -Original Message-
> From: Fred Crable
> Se
m_seed'
/usr/kerberos/lib/libkrb5.a(init_ctx.o)(.text+0x3d4): In function
`krb5_set_default_in_tkt_ktypes':
: undefined reference to `valid_enctype'
Thank You,
Fred Crable
> -Original Message-
> From: Jeff Fulmer [mailto:[EMAIL PROTECTED]
> Sent: Thursday, January
It may seem like a long shot, but do you have any "CGI" scripts which allow a binary
file transfer. It looks like you may have a CGI script running as root and getting
exploited that way. Verify all the "script" entries in your Apache configuration.
Regards,
Fred Crable
-
elp. If you think of anything else, let me know. :)
-Anthony
Fred Crable wrote:
> FYI - Here's my shutdown w/o any leaks... Hope this helps... make sure to check the
> SSL_shutdown completes, free the context & ssl pointers ;)
>
> void http::disco(){
> int shu
ose(m_fd);
m_fd= -1;
ERR_free_strings();
ERR_remove_state(0);
EVP_cleanup();
CRYPTO_cleanup_all_ex_data();
}
-Original Message-
From: Fred Crable
Sent: Friday, December 12, 2003 10:55 AM
To: '[EMAIL PROTECTED]'
Subject: RE: OpenSSL 0.9.7a - Small (585 byte) memo
n shutdown():
ERR_free_strings();
for_each(_threadIdCache.begin(), _threadIdCache.end(),
ERR_remove_state);
We actually maintain a cache of all threads that access the plugin and
remove the error state for them.
Unless we have to do an ERR_remove_state(0) as well?
-Anthony
Fred Cr
You are missing calls to:
ERR_free_strings();
ERR_remove_state(0);
-Original Message-
From: Anthony Neal [mailto:[EMAIL PROTECTED]
Sent: Friday, December 12, 2003 9:32 AM
To: [EMAIL PROTECTED]
Subject: OpenSSL 0.9.7a - Small (585 byte) memory leak
Hi there,
One of our proje
I figured it out... The times on the two boxes were a little out-a-wack by 10
minutes...
FYI to everybody doing their own Certs, make sure the Time is the same across the
board clients/servers.
Also, it appears that all cert time comparisions are in GMT, is this correct?
Thanks,
Fred Crable
ng w/
case X509_V_ERR_CERT_NOT_YET_VALID:
msg="certificate is not yet valid the certificate is not yet valid: the
notBefore"
" date is after the current time.";
Thanks,
Fred Crable
thing works! W/O a leak!
Thanks,
Fred Crable
-Original Message-
From: Fred Crable
Sent: Monday, November 17, 2003 1:08 PM
To: '[EMAIL PROTECTED]'
Subject: SSL Setting session is leaking memory
I'm trying to follow all the examples & cache my client session. If I unc
ot;re-storing" the sslSession (because it's not zero) then what else could be
leaking?
Thanks in advance,
Fred Crable
static SSL_SESSION *sslSession=0;
connectFunction(){
/* bio stuff etc */
/* Comment leaky code --- Section 1 of 2
*
*
if(sslSession){
// Re-Connect
t remember where I pulled the code from originally:()
http://www.rtfm.com/openssl-examples/
Check out the setup done to verify the certs and create the context.
Fred Crable
Voyence
-Original Message-----
From: Fred Crable
Sent: Tuesday, July 08, 2003 12:20 PM
To: [EMAIL PROTECTED]
Subject:
du.au/~ftp/Crypto/ssl.html
Fred Crable
-Original Message-
From: pankaj Goel [mailto:[EMAIL PROTECTED]
Sent: Tuesday, July 08, 2003 11:31 AM
To: [EMAIL PROTECTED]
Subject: Using SSL formed session
Hello,
I am trying to implement PEAP into freeradius. I have
formed a SSL tunnel using opens
thing goes for read. It shouldn't be too hard to find
the std::read/write calls if you compile w/the -g flag. You could even
set a breakpoint in a simple program to try it (break write ;)
Fred Crable
-Original Message-
From: Shashank Khanvilkar [mailto:[EMAIL PROTECTED]
Sent: Monday,
FYI -- You can also use "nm" to dump out all the symbols defined in a
library.
Fred Crable
Voyence
-Original Message-
From: Dr. Stephen Henson [mailto:[EMAIL PROTECTED]
Sent: Monday, June 30, 2003 6:34 AM
To: [EMAIL PROTECTED]
Subject: Re: about libcrypto.o and libssl.o
On M
Bah, doesn't sound like fun and you did say simple :)..
Check out the i2d_X509_REQ and other der to internal functions. You can
read in a request in der format & use it as a "base" to play around
with.
After that, you're on your own w/the request internals ;)
>
>
Sorry Fred, but you did not
You could script it as below::
#!/bin/bash
openssl genrsa -out server.key 2048
HOST=`hostname`
openssl req -new -key server.key -out server.crs << EORQ > /dev/null 2>
/dev/null
US
Texas
Richardson
Voyence
Product
${HOST}
[EMAIL PROTECTED]
EORQ
cat server.key server.crs > newreq.pem
CA.sh -sign
Thanks for the clarification. I read that and said to myself,
"well how the h*%l is that supposed to work, LOL."
Regards,
Fred Crable
-Original Message-
From: Lutz Jaenicke [mailto:[EMAIL PROTECTED]
Sent: Thursday, June 26, 2003 9:00 AM
To: [EMAIL PROTECTED]
Subject: Re: Pr
It looks like a verification failure, whatever that means! Sounds like
an infinite loop from the man pages. Try fflush() on your stdio to
catch those printf()'s :)
Quote from: http://www.hmug.org/man/3/SSL_CTX_set_verify.html
The return value of verify_callback controls the strategy
23 matches
Mail list logo
