Re: Is OpenSSL 0.9.7-beta3 compatible with 0.9.6.2?
On Sat, Oct 12, 2002, Kumar, Mayank wrote: > Hi Stephen, > > For my OCSP implementation, I've taken the new OCSP components from > 0.9.7-beta3 and have integrated it with 0.9.6.2. Have not tested it but I > anticipate number of problems due to incorrect ASN encoding/decoding, mainly > due to some of the attributes being EXPLICIT, IMPLICIT, OPTIONAL and CHOICE > etc. > > Porting macros like ASN_SEQUENCE etc in 0.9.6.2 also doesn't seem to be > easy. Can you suggest me some reading material or some guidelines for > correct ASN encoding/decoding in 0.9.6.2 release? > You don't just have to port the macros you have to port almost all the ASN1 changes which are in asn1t.h and tasn_*.c followed by just about every new ASN1 module. It would be easier to convert the new OCSP ASN1 module to 0.9.6 format however that too is a lot of work. There isn't much documentation on that though. One possibility is to take the old ASN1 code from the OCSP patch and try to adapt that. Steve. -- Dr. Stephen Henson [EMAIL PROTECTED] OpenSSL Project http://www.openssl.org/~steve/ __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: Is OpenSSL 0.9.7-beta3 compatible with 0.9.6.2?
Title: RE: Is OpenSSL 0.9.7-beta3 compatible with 0.9.6.2? Hi Stephen, For my OCSP implementation, I've taken the new OCSP components from 0.9.7-beta3 and have integrated it with 0.9.6.2. Have not tested it but I anticipate number of problems due to incorrect ASN encoding/decoding, mainly due to some of the attributes being EXPLICIT, IMPLICIT, OPTIONAL and CHOICE etc. Porting macros like ASN_SEQUENCE etc in 0.9.6.2 also doesn't seem to be easy. Can you suggest me some reading material or some guidelines for correct ASN encoding/decoding in 0.9.6.2 release? Regards, -Mayank. -Original Message- From: Dr. Stephen Henson [mailto:[EMAIL PROTECTED]] Sent: Sunday, October 06, 2002 5:00 AM To: [EMAIL PROTECTED] Subject: Re: Is OpenSSL 0.9.7-beta3 compatible with 0.9.6.2? On Sat, Oct 05, 2002, Kumar, Mayank wrote: > Hi, > > I've been using OpenSSL code as part of a very stable module for SSL > purposes. Now I want to include OpenSSL OCSP client library also into my > already stable and tested code. But OCSP in only available in 0.9.7-beta3 > version. > > Can someone tell if I can integrate only the OCSP libaby related code into > my already module. Or I need to upgrade fully to 0.9.7-beta3 in order to > make use ot OCSP library. > The new OCSP code in 0.9.7 makes use of the rewritten ASN1 library, which isn't in 0.9.6 so this would be a lot of effort. Steve. -- Dr. Stephen Henson [EMAIL PROTECTED] OpenSSL Project http://www.openssl.org/~steve/ __ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
OpenSSL configuration, OpenLDAP integration
Can anybody give me links for, 1. Step by step guidance for configuring OpenSSL. 2. Step by step guidance for integration of OpenSSAL with OpenLDAP Thanks & Regards Pravin Joshi __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
SSL_MODE_AUTO_RETRY
Hi there, I'm writing a server app and setting mode SSL_MODE_AUTO_RETRY on the SSL_CTX. Has anybody else used this? Are there any issues with using this? My understanding is that by setting this, I can basically call SSL_read() and SSL_write() as if I normally call read() and write(). Is this correct? Or is there more to it than that? If it really is that easy, why would you not do this? Thanks, Ed __ Do you Yahoo!? Faith Hill - Exclusive Performances, Videos & More http://faith.yahoo.com __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]