Freeing the x509 struct.
Do we need to free the X509 structure returned by d2i_X509() and PEM_read_X509() functions after using it? Sakthi S G Confidentiality Notice The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain confidential or privileged information. If you are not the intended recipient, please notify the sender at Wipro or [EMAIL PROTECTED] immediately and destroy all copies of this message and any attachments. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Freeing the x509 struct.
[EMAIL PROTECTED] wrote: Do we need to free the X509 structure returned by d2i_X509() and PEM_read_X509() functions after using it? yes Nils __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Web browser certificate
Hi All, 1.)How can I make the request of an Internet Explorer web browser security certificate more user proof. I am using Apache 1.3.27 with modssl and openssl compiled? My webserver is running on RedHat ES 3, but all my clients are MS workstations? My objective is that a user must be able to request a certificate via the webbrowser. I am not a php or equivalent programmer, so I need a ready made or example of such a solution. 2.)What is the preferred way to convert a signed certificate to MS IE format? Regards Enrique The information transmitted hereby is confidential and may be legally privileged. If not the intended recipient, you may not read, use or disseminate that information. Although our communications are believed to be free of any virus or defect , it is the responsibility of the recipient to ensure that they are virus free and no responsibility is accepted for any loss or damage arising from receipt or use thereof. The KWV Group, its subsidiaries or associates do not accept liability for any personal views expressed in this message. KWV does not enter into contracts via e-mail, and personnel are not authorized to do so. KWV contracts must take form of paper-based versions signed in person. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: TLS wrong version number problem, the correct lib for openssl ?
It's solved (finally...) Apparently to test openssl s_server / s_client connection, I have to specify option -ssl3 in both the server and the client, otherwise (if it's only specified at the server site), it will throw you wrong version number error. The TLS issue with PAM_LDAP + OPENLDAP is solved as well, I need to apply /dev/random patch for solaris 8...I guess that's why it failed to connect using SSLv3. Thanks for your help, Richard. I installed ssldump in solaris, it really helps me in figuring things out ! cheers, lara --- Richard Koenning [EMAIL PROTECTED] wrote: Lara Adianto wrote: What's the correct libraries for openssl ? Is this okay: [EMAIL PROTECTED] local]# ldd /usr/bin/openssl libdl.so.2 = /lib/libdl.so.2 (0x4001b000) libc.so.6 = /lib/i686/libc.so.6 (0x4001f000) /lib/ld-linux.so.2 = /lib/ld-linux.so.2 (0x4000) no libcrypto and libssl ? The ldd ouput on an linux box here with an old linux version looks alike. I tried to build openssl on this machine with shared libraries, but this wasn't successful. On a box with a newer linux version ldd shows libcrypto and libssl and there are shared libs libssl.so.0 and libcrypto.so.0. So your ldd output seems to be ok for openssl build with static libs. Ciao, Richard -- Dr. Richard W. Könning Fujitsu Siemens Computers GmbH __ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] = La vie, voyez-vous, ca n'est jamais si bon ni si mauvais qu'on croit - Guy de Maupassant - __ Do you Yahoo!? Vote for the stars of Yahoo!'s next ad campaign! http://advision.webevents.yahoo.com/yahoo/votelifeengine/ __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
SSL WANT READ ERROR
Hi, I am a brand new user of OpenSSL. I have installed version 0.9.7d on my Win 2000 Server. My compiler is Visual Studio .NET for C++. When I try to perform a SSL_write() I get an error SSL_WANT_READ_ERROR. Please tell me how to rectify this. Thanks. Madhuri Rambhatla Lead Systems Programmer Venue 1 Inc 954 797 9883
Re: newbie Q.
Thanks It's openssl x509 -in clinetapp.pem -outform DER -out clientall.crt Quoting Joe smith [EMAIL PROTECTED]: I think this is it: openssl x509 -in clientapp.pem -out clientapp.crt But please confirm. Joe Ian Miller [EMAIL PROTECTED] wrote: How do I convert my sitecert.pem to a sitecert.crt what are the comands for it. Thanks in advanced. __ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] - Do you Yahoo!? Yahoo! Mail Address AutoComplete - You start. We finish. -- Ian Miller Sr. Systems Engineer University of Chicago [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: SSL WANT READ ERROR
Madhuri Rambhatla wrote: I am a brand new user of OpenSSL. I have installed version 0.9.7d on my Win 2000 Server. My compiler is Visual Studio .NET for C++. When I try to perform a SSL_write(.) I get an error SSL_WANT_READ_ERROR. Please tell me how to rectify this. See for example http://www.openssl.org/docs/ssl/SSL_write.html# Ciao, Richard -- Dr. Richard W. Könning Fujitsu Siemens Computers GmbH __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Problems compiling a little and simple probe
hello, I'm intested to learn to use openSSL library can make my applications.
I start with a little and simple probe, but I couldn't compile it.
My probe has three four files:
- Common_sslLib.h:
#ifndef __COMMON_SSLLIB__
#define __COMMON_SSLLIB__
#include stdio.h
#include stdlib.h
#include openssl/bio.h
#include openssl/err.h
#include openssl/rand.h
#include openssl/ssl.h
#define SERVHOST localhost
#define SERVPORT 26711
void openSSLInit();
void handleError( void *, char *);
#endif
- common_sslLib.c
#include common_sslLib.h
//initialize openssl library
void openSSLInit()
{
SSL_library_init();
SSL_load_error_strings(); //load human-readable iformation about error codes.
//action_to_seed_PRNG();
}
//manager erros function
void handleError( void *obj, char *msg )
{
if( obj == NULL )
{
printf( ¡ ERROR: %s !\n, msg );
exit(-1);
}
}
- client.c
//proper libraries declaration
#include common_sslLib.h
int main( int argc, char **argv )
{
//variables declaration
BIO *bioSocket;
//end declaration variables
openSSLInit();
//establish connection
bioSocket = BIO_new_connect( SERVHOST : SERVPORT );
handleError( bioSocket, BIO_new_connect failed );
if( BIO_do_connect( bioSocket ) = 0 )
{
printf( ¡ERROR: BIO_do_connect failed, unreachable host ! );
exit(-1);
}
while( 1 );
return 0;
}
- server.c
//proper libraries declaration
#include common_sslLib.h
int main( int argc, char **argv )
{
//variables declaration
BIO *sockAccept;
//end variables
openSSLInit();
//create server socket (BIO is a class that contain a socket)
sockAccept = SSL_new_accept( SERVPORT );
handleError( sockAccept, SSL_new_accept failed, server socket was not created );
//bind the server socket
if( SSL_do_accept( sockAccept ) = 0 )
handleError( NULL, SSL_do_accept failed, the address could not bind to
socket );
//put the socket to accept the petitions
if( SSL_do_accept( sockAccept ) = 0 )
handleError( NULL, SSL_do_accept failed. Error accepting connection );
}
My problem is, when I compile the common_sslLib and client, I don't have any problem
but when I compile the server I have some problems of the openssl server that it uses.
I compile then through of this way:
$export OPENSSL_LIB_DIR=/usr/include/openssl/
$gcc -I$OPENSSL_LIB_DIR -c common_sslLib.c
$gcc -I$OPENSSL_LIB_DIR -lssl -o client client.c common_sslLib.o
$ gcc -I$OPENSSL_LIB_DIR -lssl -o server server.c common_sslLib.o
/tmp/cc7Ff8Ri.o(.text+0x1e): En la función `main':
: referencia a `SSL_new_accept' sin definir
/tmp/cc7Ff8Ri.o(.text+0x42): En la función `main':
: referencia a `SSL_do_accept' sin definir
/tmp/cc7Ff8Ri.o(.text+0x66): En la función `main':
: referencia a `SSL_do_accept' sin definir
collect2: ld devolvió el estado de salida 1
$
In the folder /usr/include/openssl there are these files:
aes.h conf.h err.h obj_mac.h rc4.htls1.h
asn1.h crypto.h evp.h ocsp.h ripemd.h tmdiff.h
asn1_mac.h des.h hmac.h opensslconf.h rsa.htxt_db.h
asn1t.h des_old.h krb5_asn.h opensslv.h safestack.h ui_compat.h
bio.h dh.h kssl.h ossl_typ.h sha.hui.h
blowfish.h dsa.h lhash.h pem2.h ssl23.h x509.h
bn.hdso.h md2.h pem.h ssl2.h x509v3.h
buffer.hebcdic.h md4.h pkcs12.h ssl3.h x509_vfy.h
cast.h ec.h md5.h pkcs7.hssl.h
comp.h engine.h mdc2.h rand.h stack.h
conf_api.h e_os2.hobjects.h rc2.h symhacks.h
Thanks.
Este mensaje ha sido analizado y protegido por la tecnologia antivirus
www.trendmicro.es
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
