ECDSA support for Android
Hello, I am attempting to activate EC support on Android 2.2.1. (openssl 0.9.8.m) I have successfully removed the OPENSSL_NO_EC, OPENSSL_NO_ECDSA, and OPENSSL_NO_ECDH from the proper makefiles and Included all EC files from openssl/ec, openssl/ecdsa, and opensll/ecdh. Everything compiles and links just fine. Has anyone else attempted this before, I have found very little reference material online. My application is having some errors with ECDSA and all prior uses of RSA succeed as expected. Thanks in advance, Adam The information contained in this electronic mail transmission may be privileged and confidential, and therefore, protected from disclosure. If you have received this communication in error, please notify us immediately by replying to this message and deleting it from your computer without copying or disclosing it.
Re: strong TLS connections
On 10/27/2011 2:14 AM, Kristen J. Webb wrote: On 10/8/11 1:16 AM, Michael Sierchio wrote: On Fri, Oct 7, 2011 at 7:40 PM, Kristen J. Webbkw...@teradactyl.com wrote: My understanding is that a TLS connection with a server cert only identifies the server to the client. This leads to a MiTM attack, where the mitm can impersonate the client because the server has not verified the client. Your understanding is flawed - while in the scenario you mention there is no binding of a client identity to a public key, SSLv3/TLS are not vulnerable to MITM - no third party can manipulate the stream without being detected. Yes, thank you. Upon further investigation I find that not using client certs means that the server cannot prove the identity of the client. So I think that the attack I am looking at is more of a client impersonation, where a rouge client pretends to be the real client. All it takes (I think) is for the rouge client to have enough information about the server (e.g. our application installed) and be able to present itself to the server as the client under attack. Since the server cannot distinguish, then the rouge client could use our application to manipulate the server. It seems that the only way to help prevent this is to use client certificates to prove the identity of the client. The problem I am having with this is that managing certs for a few servers is easy, while managing it for 1000's of clients is not. I'm looking for the way around this and still keep things secure, but maybe there is not? There are two possible solutions to this problem: A. Once the client has verified the identity of the server and checked that a strong enough encryption has been chosen (not something like the old 40 bit stuff, but there are others that are no longer considered safe), it can use the encrypted channel to prove itself using any old method, such as a plaintext password (randomly generated for each non-human client). This is how many Internet sites use TLS with https. B. With appropriate attributes, the same certificate could be used as both server and client certificate. However you must be careful not to do this with a public key algorithm that is not secure in that scenario, others on this list can tell you which ones are safe and which ones not. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
SSL session ID vs session ticket
Hello! When upgrading to version 0.9.8r my system stopped supporting session resumption. It looks like session tickets are the reason for this. I was using some external session cache to support session resumption on a cluster of servers where it should be possible that each server in the cluster can resume the SSL connection. With the upgrade to version 0.9.8r this stopped working__ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: strong TLS connections
On Wed October 26 2011, Kristen J. Webb wrote: Having an app that can use certs, it appears, is nothing compared with how to deploy it and manage those certs ;) A general truism not specific to certs. Recognizing (or implementing) a need for trust is one thing; Determining (or establishing) what is to be trusted is quite another. Consider: Your roof leaks. Its easy to find a contractor who claims they will fix it. Its an entirely different matter to find one you can __trust__ to do the job correctly and to your satisfaction. Mike __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: SSL session ID vs session ticket
On Thu, Oct 27, 2011 at 8:09 AM, Matthias Meixner matthias.meix...@verifone.com wrote: Hello! When upgrading to version 0.9.8r my system stopped supporting session resumption. It looks like session tickets are the reason for this. I was using some external session cache to support session resumption on a cluster of servers where it should be possible that each server in the cluster can resume the SSL connection. With the upgrade to version 0.9.8r this stopped working http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: OpenSSL 1.0.1 example with SRP
The best I can tell, the snapshot is broken. At this point, I wouldn't be surprised. Update: I made some (major) changes to my example code based on the SRP code in ssltest.c. Mainly, I implemented and used all the SRP callback functions. Previously, I was setting the userId and password parameters explicitly thinking I shouldn't need the callbacks. Now I get past the previous error and move on to this error on the server: SSL_accept failed, error=SSL_ERROR_SSL Details: error:0D06703E:asn1 encoding routines:a2i_ASN1_STRING:asn1 length mismatch ssl_asn1.c at 641 On the client all I get is this: SSL_connect failed, error=SSL_ERROR_SYSCALL SSL_connect, errno=0, Error 0 This looks like the server is not liking something in a TLS extension used by SRP. Any clues on how to get past this one? Norm - Original Message - From: Jeffrey Walton noloa...@gmail.com To: openssl-users@openssl.org Sent: Wednesday, October 26, 2011 11:46:32 PM Subject: Re: OpenSSL 1.0.1 example with SRP On Wed, Oct 26, 2011 at 10:28 PM, Norm Green no...@vmware.com wrote: Is there no one that can help me get a simple SRP test case working? Or should I conclude SRP is broken in OpenSSL 1.0.1? From the output below, it appears the client and server support no less than 9 ciphers in common. Why then do I get the no shared cipher error? I rebuilt the library with -DCIPHER_DEBUG and now get the following output from the handshake: The best I can tell, the snapshot is broken. Jeff === System === uname -a Linux studio 2.6.32-34-generic #77-Ubuntu SMP Tue Sep 13 19:39:17 UTC 2011 x86_64 GNU/Linux === Server === openssl-1.0.1-stable-SNAP-20111027$ ./apps/openssl s_server -cipher SRP -nocert -tls1 -accept 57784 -debug WARNING: can't open config file: /usr/local/ssl/openssl.cnf Using default temp DH parameters Using default temp ECDH parameters ACCEPT === Client === openssl-1.0.1-stable-SNAP-20111027$ ./apps/openssl s_client -srpuser SystemUser -srppass stdin -tls1 -cipher SRP -connect studio:57784 -debug WARNING: can't open config file: /usr/local/ssl/openssl.cnf *** hang *** === GDB === ps -a ... gdb attach 29478 GNU gdb (GDB) 7.3.1 ... attach: No such file or directory. Attaching to process 29478 ... Loaded symbols for /lib/libc.so.6 Reading symbols from /lib64/ld-linux-x86-64.so.2...(no debugging symbols found)...done. Loaded symbols for /lib64/ld-linux-x86-64.so.2 0x7f3be499a4a0 in read () from /lib/libc.so.6 (gdb) where #0 0x7f3be499a4a0 in read () from /lib/libc.so.6 #1 0x7f3be4935348 in _IO_file_underflow () from /lib/libc.so.6 #2 0x7f3be4936eee in _IO_default_uflow () from /lib/libc.so.6 #3 0x7f3be492b43e in _IO_getline_info () from /lib/libc.so.6 #4 0x7f3be492a329 in fgets () from /lib/libc.so.6 #5 0x004d31b5 in file_gets () #6 0x004d09f9 in BIO_gets () #7 0x00438072 in app_get_pass () #8 0x00438325 in app_passwd () #9 0x0042859d in s_client_main () #10 0x00402d50 in do_cmd () #11 0x004036ff in main () (gdb) __ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: OpenSSL 1.0.1 example with SRP
On Thu, Oct 27, 2011, Norm Green wrote: The best I can tell, the snapshot is broken. At this point, I wouldn't be surprised. Update: I made some (major) changes to my example code based on the SRP code in ssltest.c. Mainly, I implemented and used all the SRP callback functions. Previously, I was setting the userId and password parameters explicitly thinking I shouldn't need the callbacks. Now I get past the previous error and move on to this error on the server: SSL_accept failed, error=SSL_ERROR_SSL Details: error:0D06703E:asn1 encoding routines:a2i_ASN1_STRING:asn1 length mismatch ssl_asn1.c at 641 That was fixed a few days ago by this: http://cvs.openssl.org/chngview?cn=21600 Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: OpenSSL 1.0.1 example with SRP
That did the trick! My example code now sets up an SSL client/server connection using SRP. Thanks very much Steve and all others who helped. Norm - Original Message - From: Dr. Stephen Henson st...@openssl.org To: openssl-users@openssl.org Sent: Thursday, October 27, 2011 7:44:35 AM Subject: Re: OpenSSL 1.0.1 example with SRP On Thu, Oct 27, 2011, Norm Green wrote: The best I can tell, the snapshot is broken. At this point, I wouldn't be surprised. Update: I made some (major) changes to my example code based on the SRP code in ssltest.c. Mainly, I implemented and used all the SRP callback functions. Previously, I was setting the userId and password parameters explicitly thinking I shouldn't need the callbacks. Now I get past the previous error and move on to this error on the server: SSL_accept failed, error=SSL_ERROR_SSL Details: error:0D06703E:asn1 encoding routines:a2i_ASN1_STRING:asn1 length mismatch ssl_asn1.c at 641 That was fixed a few days ago by this: http://cvs.openssl.org/chngview?cn=21600 Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: SSL session ID vs session ticket
Am 27.10.2011 14:09, schrieb Matthias Meixner: Hello! When upgrading to version 0.9.8r my system stopped supporting session resumption. It looks like session tickets are the reason for this. I was using some external session cache to support session resumption on a cluster of servers where it should be possible that each server in the cluster can resume the SSL connection. With the upgrade to version 0.9.8r this stopped working Try using something like SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TICKET); Ciao, Richard __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: SSL session ID vs session ticket
On Thu, Oct 27, 2011, Richard Knning wrote: Am 27.10.2011 14:09, schrieb Matthias Meixner: Hello! When upgrading to version 0.9.8r my system stopped supporting session resumption. It looks like session tickets are the reason for this. I was using some external session cache to support session resumption on a cluster of servers where it should be possible that each server in the cluster can resume the SSL connection. With the upgrade to version 0.9.8r this stopped working Try using something like SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TICKET); Yes that's the easiest option. Alternatively find a way for the servers to share the same ticket encryption and HMAC keys. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
writing an SSH server
Hi all,
I'm new to C++ and libssl, but nevertheless trying to write an SSH
server. I have gone through tutorials and believe I have a working
server that initializes and SSL context, binds and listens on a TCP
socket, and accepts a connection. Using a debugger I see that if I
try to ssh myserver -p myport, the process hangs on the call to
SSL_accept. I figure this is because the ssh client needs to do
something before calling SSL_connect. I don't need authentication, I
just want to use ssh kind of like a secure telnet. Here's my code,
any advice is appreciated:
bool SecureServer::Start ()
{
SSL_CTX *ctx = SSL_CTX_new(SSLv23_server_method());
if (SSL_CTX_use_certificate_file(ctx, conf/ssl/server.crt,
SSL_FILETYPE_PEM) = 0)
{
Error(failed to load server cert);
return false;
}
if (SSL_CTX_use_PrivateKey_file(ctx, conf/ssl/server.key,
SSL_FILETYPE_PEM) = 0)
{
Error(failed to load server private key);
return false;
}
SSL *ssl = SSL_new(ctx);
SocketType listen_sock = socket(AF_INET, SOCK_STREAM, 0);
if (listen_sock = 0)
{
Error(failed creating socket);
return false;
}
sockaddr_in sa_serv, sa_cli;
sa_serv.sin_family = AF_INET;
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons(2002); /* Server Port number */
if (bind(listen_sock, (struct sockaddr*) ((sa_serv)), sizeof(sa_serv)) 0)
{
Error(bind failed);
return false;
}
/* Receive a TCP connection. */
if (listen(listen_sock, 5) 0)
{
Error(listen failed);
return false;
}
socklen_t clientLen = sizeof(sa_cli);
SocketType sock = accept(listen_sock, (struct sockaddr*)
((sa_cli)), clientLen);
printf(Connection from %x, port %x\n, sa_cli.sin_addr.s_addr,
sa_cli.sin_port);
SSL_set_fd(ssl, sock);
if (SSL_accept(ssl) = 0)
{
Error(SSL handshake failed);
return false;
}
char *message = Hello SSL;
if (SSL_write(ssl, message, sizeof(message)) = 0)
{
Error(error on ssl write);
}
return true;
}
Thanks,
Dave
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
RE: Issue with Connection Reset
From: owner-openssl-us...@openssl.org On Behalf Of Ratin, Yuliya S. Sent: Wednesday, 26 October, 2011 09:55 Connection to SQL Server 2008 R2 database (cluster install) We're seeing the connection reset while testing from multiple sources and applications - it seems like the server is not responding with an SSL certificate during the handshake, here's the output from OpenSSL's s_client (error 104 indicates a connection reset): Aside: 104 is reset only on Linux, other OSes are different. OpenSSL s_client -host 10.0.5.31 -port 1433 -prexit CONNECTED(0003) write:errno=104 --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 0 bytes and written 118 bytes snip It's not that the server is omitting the cert specifically, the server (or perhaps something in between) is resetting BEFORE the handshake gets to the message(s) that would carry the cert, and also several other things. Are you sure the server is ready for SSL? I don't use this SQLSvr option, but from the description in the MSDN it sounds like it does clear and SSL alternatively over the same port. That means it must start in clear and have some explicit command to switch to SSL. Many protocols do this, e.g. SMTP, FTP, often using command STARTTLS. OpenSSL s_client supports several of these (see the help, or man page) but not SQLSvr. (In contrast, HTTPS uses a different port, 443 instead of 80, and starts right in.) If the server is expecting SQLSvr-type packet (in clear), and it gets SSL ClientHello instead, it will have to reject it, and might well do so by a connection reset. If you can find the start-SSL command (or perhaps sequence) in documentation or from a network trace, you could modify s_client to do it, or write a stripped-down version which just does the SQLSvr-specific start-SSL then SSL_connect, with suitable callbacks/tracing. This may be some work. For the java, I'd expect com.microsoft.sqlserver.jdbc.* to handle this correctly, assuming it's honestly named. If the/a client is on a different machine than the server, I'd look at a network trace. If a client is on or near Windows I like www.wireshark.org but there are others. You also say the server is in a cluster. I don't know if that involves some redirector between client and server; if so, that could be the source of the reset rather than the actual server. If you can use a non-cluster server instead, and see if/how that differs, it might help. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: writing an SSH server
I believe the last function, the write, is missing a return false
with the error message?
Writing servers is VERY difficult to make 100% reliable, good
logging, etc. I have many years experience and still avoid it when I
can. You need to understand blocking and non-blocking calls, your
network, etc.
If you are on Unix -- use inetd if your volume is not too high. By
too high I have productions systems with 10,000 connections
continually with averaging 1,000 new connections per second. On
inetd under AIX.
In the old days of slow hardware people complained about the
performance because it does have to create a new process.
However your code becomes simple -- read/write to stdin/stdout. No
need to open, accept, poll, close, or otherwise deal with sockets.
Which then brings up stunnel ... and another performance barrier I
supposed by throwing in another program. However -- I have easily
used it for credit cards, UPS, USPS, Fedex, 10s of companies more
obscure, Web interfaces, secure telnet, HTTPS, etc.
On a modern machine you are unlikely, unless really resource
strained, to care about the over head -- and you would have no
programming to do at all. If stunnel is too limited, I'd still
consider inetd.
NOTE -- pretty much all code you write to work under inetd can later
be transferred to a standalone server program. So you are wasting
little time trying it. I actually have a generic server program I
start with whenever I need a server (it's in C) that runs either
under inetd or standalone. In practice I always use inetd -- it is
dead reliable and if it is not working, Unix is not working.
I am sure someone will disagree based on resource/performance
reasons. You will have to judge that ... and like I said, trying it
in inetd is not wasted time.
If you are on Windows ignore this :-)
Eric
E
At 01:48 PM 10/27/2011, David Durham wrote:
Hi all,
I'm new to C++ and libssl, but nevertheless trying to write an SSH
server. I have gone through tutorials and believe I have a working
server that initializes and SSL context, binds and listens on a TCP
socket, and accepts a connection. Using a debugger I see that if I
try to ssh myserver -p myport, the process hangs on the call to
SSL_accept. I figure this is because the ssh client needs to do
something before calling SSL_connect. I don't need authentication, I
just want to use ssh kind of like a secure telnet. Here's my code,
any advice is appreciated:
bool SecureServer::Start ()
{
SSL_CTX *ctx = SSL_CTX_new(SSLv23_server_method());
if (SSL_CTX_use_certificate_file(ctx, conf/ssl/server.crt,
SSL_FILETYPE_PEM) = 0)
{
Error(failed to load server cert);
return false;
}
if (SSL_CTX_use_PrivateKey_file(ctx, conf/ssl/server.key,
SSL_FILETYPE_PEM) = 0)
{
Error(failed to load server private key);
return false;
}
SSL *ssl = SSL_new(ctx);
SocketType listen_sock = socket(AF_INET, SOCK_STREAM, 0);
if (listen_sock = 0)
{
Error(failed creating socket);
return false;
}
sockaddr_in sa_serv, sa_cli;
sa_serv.sin_family = AF_INET;
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons(2002); /* Server Port number */
if (bind(listen_sock, (struct sockaddr*) ((sa_serv)),
sizeof(sa_serv)) 0)
{
Error(bind failed);
return false;
}
/* Receive a TCP connection. */
if (listen(listen_sock, 5) 0)
{
Error(listen failed);
return false;
}
socklen_t clientLen = sizeof(sa_cli);
SocketType sock = accept(listen_sock, (struct sockaddr*)
((sa_cli)), clientLen);
printf(Connection from %x, port %x\n, sa_cli.sin_addr.s_addr,
sa_cli.sin_port);
SSL_set_fd(ssl, sock);
if (SSL_accept(ssl) = 0)
{
Error(SSL handshake failed);
return false;
}
char *message = Hello SSL;
if (SSL_write(ssl, message, sizeof(message)) = 0)
{
Error(error on ssl write);
}
return true;
}
Thanks,
Dave
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
Eric S. Eberhard
(928) 567-3727 Voice
(928) 567-6122 Fax
(928) 301-7537 Cell
Vertical Integrated Computer Systems, LLC
Metropolis Support, LLC
For Metropolis support and VICS MBA Supporthttp://www.vicsmba.com
For pictures: http://www.vicsmba.com/ourpics/index.html
(You can see why we love this state :-) )
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
Re: writing an SSH server
On Thu, Oct 27, 2011 at 4:09 PM, Eric S. Eberhard fl...@vicsmba.com wrote: I believe the last function, the write, is missing a return false with the error message? Doesn't matter though, it's not an issue. Thanks. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: writing an SSH server
From: owner-openssl-us...@openssl.org On Behalf Of David Durham Sent: Thursday, 27 October, 2011 16:48 I'm new to C++ and libssl, but nevertheless trying to write an SSH server. I have gone through tutorials and believe I have a working server that initializes and SSL context, binds and listens on a TCP socket, and accepts a connection. Using a debugger I see that if I try to ssh myserver -p myport, the process hangs on the call to SSL_accept. I figure this is because the ssh client needs to do something before calling SSL_connect. I don't need authentication, I just want to use ssh kind of like a secure telnet. snip SSH and SSL are different protocols, even though there is only one letter difference in the acronym. See RFCs 4250-6. The underlying *crypto* primitives are mostly the same, and the widely-used openssh implementation uses the libcrypto part of OpenSSL, but the protocol part of openssh is entirely different from the libssl part of OpenSSL (including SSL_accept). AFAIK SSH always formally authenticates the server, although in practice this is usually done by accepting the server's key the first time manually, which people are supposed to think about but don't, and thereafter checking it is the same. Similarly I believe it always formally authenticates the client, but that can be e.g. anybody/dontcare. If you just want confidentiality with truly no authentication, SSL/TLS (and OpenSSL) can do that with the anonymous-DH and anonymous-ECDH suites. I assume you understand and accept the vulnerabilities you are creating by not authenticating. Also: You didn't show your Error() routine (method?). I hope it displays the OpenSSL error stack in some suitable way; that information is very often vital in debugging errors. And: char *message = Hello SSL; if (SSL_write(ssl, message, sizeof(message)) = 0) is a very basic (but all too common) C bug. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: writing an SSH server
I end up using SSL because, weirdly, credit card companies and shipping companies (I do business software), and so forth, all use SSL -- almost always HTTPS -- and I don't have a call for a protocol. It would be REALLY cool if you could make a wrapper on stunnel to handle the H protocol portion as I could certainly use it. As you pointed out there are two things -- the protocol and the encryption, there was third I was trying to address and that is the whole problem of running your own server under Unix ... that you can skip. When then open source code breaks out the connection from the protocol is another matter ... they may be mixing them. I actually was just trying to suggest there might be easier ways (and maybe I am wrong) -- I try to help new people and I usually come up with odd solutions that is theory many people say are slow when in practice make no difference. And, I am not sure, but below that routine may be an actual Unix accept and then you have those issues of blocking and non-blocking that become a pain and are not required. Anyway you can easily ignore me or if you need anything, glad to help. If you make an SSH server that runs in inetd I'd love to have it, and if you extend stunnel to do this (I think that would work) then you could add to the stunnel project which is cool (I have added very minor things to many open source programs, even libxml2 and so forth). Also, if you need anything on old-fashioned C, I do breath that :-) E At 02:55 PM 10/27/2011, you wrote: From: owner-openssl-us...@openssl.org On Behalf Of David Durham Sent: Thursday, 27 October, 2011 16:48 I'm new to C++ and libssl, but nevertheless trying to write an SSH server. I have gone through tutorials and believe I have a working server that initializes and SSL context, binds and listens on a TCP socket, and accepts a connection. Using a debugger I see that if I try to ssh myserver -p myport, the process hangs on the call to SSL_accept. I figure this is because the ssh client needs to do something before calling SSL_connect. I don't need authentication, I just want to use ssh kind of like a secure telnet. snip SSH and SSL are different protocols, even though there is only one letter difference in the acronym. See RFCs 4250-6. The underlying *crypto* primitives are mostly the same, and the widely-used openssh implementation uses the libcrypto part of OpenSSL, but the protocol part of openssh is entirely different from the libssl part of OpenSSL (including SSL_accept). AFAIK SSH always formally authenticates the server, although in practice this is usually done by accepting the server's key the first time manually, which people are supposed to think about but don't, and thereafter checking it is the same. Similarly I believe it always formally authenticates the client, but that can be e.g. anybody/dontcare. If you just want confidentiality with truly no authentication, SSL/TLS (and OpenSSL) can do that with the anonymous-DH and anonymous-ECDH suites. I assume you understand and accept the vulnerabilities you are creating by not authenticating. Also: You didn't show your Error() routine (method?). I hope it displays the OpenSSL error stack in some suitable way; that information is very often vital in debugging errors. And: char *message = Hello SSL; if (SSL_write(ssl, message, sizeof(message)) = 0) is a very basic (but all too common) C bug. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org Eric S. Eberhard (928) 567-3727 Voice (928) 567-6122 Fax (928) 301-7537 Cell Vertical Integrated Computer Systems, LLC Metropolis Support, LLC For Metropolis support and VICS MBA Supporthttp://www.vicsmba.com For pictures: http://www.vicsmba.com/ourpics/index.html (You can see why we love this state :-) ) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
