Using openssl to connect to an exchange server

Thu, 17 Jun 2010 06:09:07 -0700 

Hi list

I have the following problem:

I've written a software using wxWidgets (http://www.wxwidgets.org). This 
framework allows
me to write OS independent software and has also C++ classes for using TCP 
communication.
Based on source code from the internet I'm using BIO_read/BIO_write functions 
to enable
the communication with the server.

Now my problem:

The handshake is working if the server uses a RSA encrypted certificate but as 
soon the
server uses an AES encrypted certificate the handshake is not completed. I'm 
using the
callback_info() to check what happens.

If I connect to a server having RSA certificates the SSL_CB_LOOP reports:

wxSSL, LOOP: SSL_connect:before/connect initialization
wxSSL, LOOP: SSL_connect:SSLv2/v3 write client hello A
wxSSL, LOOP: SSL_connect:SSLv3 read server hello A
wxSSL, LOOP: SSL_connect:SSLv3 read server certificate A
wxSSL, LOOP: SSL_connect:SSLv3 read server done A
wxSSL, LOOP: SSL_connect:SSLv3 write client key exchange A
wxSSL, LOOP: SSL_connect:SSLv3 write change cipher spec A
wxSSL, LOOP: SSL_connect:SSLv3 write finished A
wxSSL, LOOP: SSL_connect:SSLv3 flush data
wxSSL, LOOP: SSL_connect:SSLv3 read finished A

But if I connect to a server having AES certificates the SSL_CB_LOOP reports:

wxSSL, LOOP: SSL_connect:before/connect initialization
wxSSL, LOOP: SSL_connect:SSLv2/v3 write client hello A
wxSSL, LOOP: SSL_connect:SSLv3 read server hello A
wxSSL, LOOP: SSL_connect:SSLv3 read server certificate A
wxSSL, LOOP: SSL_connect:SSLv3 read server done A
wxSSL, LOOP: SSL_connect:SSLv3 write client key exchange A
wxSSL, LOOP: SSL_connect:SSLv3 write change cipher spec A
wxSSL, LOOP: SSL_connect:SSLv3 write finished A

What I can see in the callback_info() is that as soon as "SSL_connect::SSLv3 flush 
data" occurs
it's done within the SSL_CB_EXIT (not within the SSL_CB_LOOP).

Has anybody an idea or can give me some hints?

Kind regards
Rolf (aka spieler67)
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to