=3/28/2013 11:47:11 AM=
http://www.orangeparkcpa.com/att/vks.xdil?bpppv 3/28/2013 11:47:11 AM nafe12
SSL_VERIFY_PEER
Just wondering - if SSL_VERIFY_PEER is set on a connection, if the verification locations have not been loaded (SSL_CTX_load_verify_locations has not been set) - does the connection fail? Or continue as unverified? Also, is it possible to set the verify_location as somewhere remote (i.e. some URL) rather than some local path. Thanks __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Checking Anon Ciphers
What's the best way to check whether an anonymous cipher is being used in an active session. Currently, we're doing a string search for ADH in ssl-session-cipher-name, which is not ideal. Thanks __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
eNULL/NULL ciphers -- actually a cipher?
I realise that the eNULL/NULL ciphers add no encryption, but do they just transmit the data as is, or is there some steganography used? Thanks __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Null (or default) certificates?
Is it possible to have null, untrusted, or shared certificates, to simplify deployment for apps that don't care about SSL? Basically I have an infrastructure that uses OpenSSL for comms. As it is protocol based, it's important that everything runs the same code (I.e. I don't want different ports for non-SSL comms, and the SSL sockets require different blocking mechanisms otherwise deadlocks). However, some applications using the infrastructure won't care about TLS. To ease development/deployment for those, I don't want them to have to define certificates, CAs, etc etc for nothing. Rather, is there anyway I can package the code such that there is a default (insecure certificate/CA) that they can use which will work with other SSL clients (though insecurely); or they can specify their own for real security? Essentially, just want some sort of default SSL certificate that is accepted, can be used to establish a connection just as any other, but doesn't actually provide security. Advice welcome!! thanks! __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Null (or default) certificates?
Thanks Victor for your detailed reply. I'm still to fully understand the specifics. However, one question: On all servers that don't require client certificates (can't ask for client certs when using an anonymous ciphersuite) enable anonymous ciphers, Is it possible to both - in the sense you can check the peer's certificate IF they're using one. In my world - those who care about security will want to validate client certs (if possible). Though they still might want to communicate with those without certs. Therefore is it possible to do something like: try and negotiate a secure connection: if client does not present a cert: drop back and use an anon cipher (but take note of this, and flag somewhere that this client isn't super secure) (i.e. it can still communicate using the anon cypher, but it wants to know when this happens) OK so for the clients/servers that 'dont care' - they can just use the anon cypher from the start. Thanks again, N __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Null (or default) certificates?
Dear Victor, Thanks again for your help. A bit of background - I'm using SSL in a peer-to-peer scenario, so each *process* - for want of a better word - (from a TLS perspective) will act as a TLS client, if they initiate a connection to another, and/or a TLS Server if they receive a connection request. In many instances, both. In our current implementation, we assume every process has a certificate associated with it, and thus, from a TLS perspective, clients will validate server certificates, and servers will request and validate client certificates for each connection. (That is, each peer will check the validate the cert of the other). We want to introduce 'processes' that don't have certificates to be able to interact with other components in the system. Can I see if I understand correctly. Essentially I should ensure that each process in the system has (at least) the anonymous (aNull) cipher in their list. Those with certificates should also include a cipher that involves certificates in list. In that way, if a process without a cert tries to connect to any other process -- the anon cipher will be negotiated + used. However, if the two processes both have certificates (and a common cipher that involves certificates in their list), the connection will be negotiated using the cipher involving the certificates. (I suppose there is some priority perhaps configurable to selecting the cipher that is negotiated??) After the connection is established, a process can then determine what cipher was used, and how to proceed (e.g. if negotiated with certificates, then we can validate the peer's cert, etc; if not, then we can trust a certain peer 'less' than we would others, etc). Is that a correct interpretation? Thanks again, N - Original Message - From: Viktor Dukhovni openssl-us...@dukhovni.org To: openssl-users@openssl.org openssl-users@openssl.org Cc: Sent: Friday, 1 February 2013, 15:22 Subject: Re: Null (or default) certificates? On Fri, Feb 01, 2013 at 01:46:46PM +, Nathan Smyth wrote: Is it possible to have null, untrusted, or shared certificates, to simplify deployment for apps that don't care about SSL? Absolutely. On all servers that don't require client certificates (can't ask for client certs when using an anonymous ciphersuite) enable anonymous ciphers, using an appropriate configuration parameter that invokes SSL_CTX_set_cipher_list(). A sensible cipher list for OpenSSL 1.x is: aNULL:-aNULL:ALL:!EXPORT:!LOW:!SSLv2:@STRENGTH This applies even to servers that have certificates. Some check-list encumbered humanoid robots will tell you that enabling anonymous ciphers on servers is bad. Don't listen to them, they don't know what they're talking about. See below. On servers where certificate deployment is impractical, or none of whose clients will verify any deployed certificate even if it is good, don't assign a private key or certificate. With anonymous ciphers enabled, you don't need to specify any certs or keys. Only clients that don't check peer certificates will be able to connect to such servers. On clients that don't check peer certificates, also enable anonymous ciphers with the same cipherlist. Here, the check-list encumbered humanoid robots will have a valid point to make, such clients are vulnerable to MITM attacks, you'll have to sign-off on that risk. Such clients will be able to connect to servers that have no certificates at all, and will also choose anonymous ciphers with servers that have certificates they don't care to inspect. As for the check-list humanoids, try to explain to them that a server is *more* secure when it enables and prefers aNULL ciphers, in fact the server should tell OpenSSL to order the cipherlist based on the server's preference, choosing aNULL whenever possible: - If a client is willing to negotiate aNULL, that client is always vulnerable to MITM attacks, the server can't stop them, since the MITM will always offer aNULL ciphers. - By also negotiating aNULL (at highest preference) the server can detect that the client is MITM-vulnerable, and log this, and perhaps even offer reduced service. - By hiding the problem under the rug and not offering aNULL a server is blissfully unware of the client's misconfiguration and potentially makes sensitive resources available to MITM vulnerable clients with no audit-trail. Therefore, get into the habit of enabling aNULL ciphers on servers, and negotiating them whenever possible. On clients, whenever possible and authentication is not implemented by other means (say GSSAPI mutual authentication with channel bindings, ) by all means disable aNULL ciphers and verify the server certificate trust chain as well as the server identity (protocol appropriate subjectAltName or else CN). A server with no certificates at all, will only be able to complete handshakes with aNULL enabled clients. If you give such a server
Reusing a session? Example?
I have some (non-web) applications which open a number of SSL connections between each other. At the moment, a new SSL connection (session) is established on each connect. It seems I can benefit from SSL session reuse. I was wondering if anyone has any example code (or can just describe the procedure) of how to implement session reuse. I had a quick look through the docs, which (I think) suggests that I set flags for the server and have the client present the session ID. But I haven't been able to get this to work, nor am I sure of how this fits within the SSL_connect()/_accept() calls. Any advice (for a dummie like me) greatly appreciated. Thanks N __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Reusing a session? Example?
Thanks - I'll have a look. Though I'm running exclusively on OSX :( From: Stéphane Charette stephanechare...@gmail.com To: openssl-users@openssl.org Sent: Sunday, 22 April 2012, 20:19 Subject: Re: Reusing a session? Example? I joined the OpenSSL mailing list a couple of weeks ago with the same question. I didn't get a reply at the time, so I'm not sure if I did it correctly. The solution I discovered works on Windows and Linux, but doesn't work on Mac, iPhone, or iPad. Here is the sample code I wrote to show how to do session re-use on Linux and Windows: http://charette.no-ip.com:81/asio-openssl/ Stéphane Charette On Sun, Apr 22, 2012 at 10:40, Nathan Smyth naf...@ymail.com wrote: I have some (non-web) applications which open a number of SSL connections between each other. At the moment, a new SSL connection (session) is established on each connect. It seems I can benefit from SSL session reuse. I was wondering if anyone has any example code (or can just describe the procedure) of how to implement session reuse. I had a quick look through the docs, which (I think) suggests that I set flags for the server and have the client present the session ID. But I haven't been able to get this to work, nor am I sure of how this fits within the SSL_connect()/_accept() calls. Any advice (for a dummie like me) greatly appreciated. Thanks N __ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
Remote access to my CA
Hi all, I created a CA on my local machine (using CA.sh), which I used to develop some socket-based applications. The apps access the CA using SSL_CTX_load_verify_locations, with the (local) path of the CA. I'm now distributing the applications to other machines, and was wondering how I can allow other machines to use my (existing, local) CA. Do I just need to transfer some files to the remote machines? (is that smart?) Or is there some existing service I can use to pass the data through a socket on demand? I suppose there must be ways to tie this into a webserver, but I have no desire to run one. Any advice appreciated. Thanks!! __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Remote access to my CA
If the apps only need to be able to verify certificates issued by that CA, then all they need is a copy of the CA's certificate and to know that that certificate should be used as a trust root. (And, perhaps, access to a CRL or something if you want to be able to revoke certificates before they expire.) This is the normal way that a small CA operates. Thanks for that. So in summary - each of the 'remote' machines should have a copy of the CAs cert, and periodically pull down the CRL... ? __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
How to 'test' if SSL is working??
Hi there, I have a dumb question. How can I tell whether SSL is actually protecting a tcp connection - is there anyway from outside the application. I assume I should look for something in Netstat? I have quite a complicated application, with lots of sockets open between various components. Some (on the same machine) shouldn't be SSL protected, others should be. I think I've got it implemented OK, but I'd like to make sure --- you know, so it's not just a failed SSL handshake which drops back to unprotected reads/writes. Any tips most welcome (I'm on Mac OSX) Thanks __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Accept failing - SysCall error - advice?
Thanks, Dave, for your reply. Very helpful. If this server is getting connections from the client above, and that client mistakenly handles WANT_READ by closing or even exiting/aborting, the server gets either TCP abort or unexpected TCP shutdown (aka EOF), which causes this error. Errno didn't return much. But this sounds reasonable. Playing with the blocking settings on the fd seems to help. Assume that it could be similar for the SSL_ACCEPT? (though WANT_WRITE, perhaps?) Interestingly, in a situation where two apps open a number of SSL connections between each other (over time) I get a deadlock - where a client blocks on the SSL_Connect, and the server on the general (socketIO) accept. Any hints? You are but invisibly; SSL_set_fd() creates a socket-BIO internally. That's fine You can actually use socket-BIO, and/or accept-BIO and connect-BIO, to do plain TCP connections directly, To clarify, that's what I'm dong now, right? __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Accept failing - SysCall error - advice?
Hi there, I'm having trouble getting the SSL Connect/Accepts to work. For the client, SSL_Connect returns -1. Raising SSL Error = 2, SSL_ERROR_WANT_READ For the server, SSL_ACCEPT returns 0 (or -1 if non blocking), raising SSL Error 5 = SSL_ERROR_SYSCALL. ERR_ERROR_STRING() prints:0005:lib(0):func(0):DH Does anyone have any advice on things to try to help debug this? I'm not using BIOs, but instead using SSL_set_fd(). This is because the application uses many sockets, but only sometimes uses SSL. Thanks!! __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Accept failing - SysCall error - advice?
The code itself is simple: Basically, just establish the socket connection. Then: SSL_set_fd(ssl, sock); ret = SSL_accept(ssl); (or SSL_Connect for the client) if (ret= 0) { print errors } else OK - Original Message - From: Nathan Smyth naf...@ymail.com To: openssl-users@openssl.org openssl-users@openssl.org Cc: Sent: Tuesday, 10 April 2012, 14:24 Subject: Accept failing - SysCall error - advice? Hi there, I'm having trouble getting the SSL Connect/Accepts to work. For the client, SSL_Connect returns -1. Raising SSL Error = 2, SSL_ERROR_WANT_READ For the server, SSL_ACCEPT returns 0 (or -1 if non blocking), raising SSL Error 5 = SSL_ERROR_SYSCALL. ERR_ERROR_STRING() prints:0005:lib(0):func(0):DH Does anyone have any advice on things to try to help debug this? I'm not using BIOs, but instead using SSL_set_fd(). This is because the application uses many sockets, but only sometimes uses SSL. Thanks!! __ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Deadlock - SSL_Connect()
Just seeking advice/things to consider for deadlock (or 'wait') on a SSL_Connect(). Unfortunately it stalls here, so there's no return code. The project establishes a number of SSL conns between various application instances. It's in C++, where standard socket libs are used to establish the connection, SSL added via SSL_Set_Fd and then SSL_connect()/accept(). Normal sockets (i.e. without SSL) are used for local inter-proc comms - maybe this is relevant? I've been stuck for a while - and advice as to common areas/mistakes/considerations are most appreciated. Thanks! __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Deadlock - SSL_Connect()
Yes, strangely this doesn't help. Actually, what I do is set the socket to non-blocking AFTER the SSL handshake, which I thought should work... Could there be some issue with numerous SSL connections between the same parties? Or maybe it's some threading issue - perhaps SSL has some special considerations? From: Gayathri Sundar suraj...@gmail.com To: openssl-users@openssl.org Sent: Monday, 16 January 2012, 16:21 Subject: Re: Deadlock - SSL_Connect() did you try making use of non blocking fd? it cannot deadlock in if you use that. Thanks --Gayathri On Mon, Jan 16, 2012 at 10:17 AM, Nathan Smyth naf...@ymail.com wrote: Just seeking advice/things to consider for deadlock (or 'wait') on a SSL_Connect(). Unfortunately it stalls here, so there's no return code. The project establishes a number of SSL conns between various application instances. It's in C++, where standard socket libs are used to establish the connection, SSL added via SSL_Set_Fd and then SSL_connect()/accept(). Normal sockets (i.e. without SSL) are used for local inter-proc comms - maybe this is relevant? I've been stuck for a while - and advice as to common areas/mistakes/considerations are most appreciated. Thanks! __ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: socket functions on fds
Pay special attention to the fact that sometimes an OpenSSL call to send or recv will ask you to wait (select) for it's own direction to be ready, sometimes for the other direction to be ready, depending on internal OpenSSL states. Selects before the SSL_read/writes? Any chance of a link to an example, or even some specific search terms? Thanks!! __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: socket functions on fds
Or perhaps, more specifically, any examples to address the following. As I seem to be getting deadlocks :( Per the OpenSSL FAQ: http://www.openssl.org/support/faq.html#PROG10 A pitfall to avoid: Don't assume that SSL_read() will just read from the underlying transport or that SSL_write() will just write to it -- it is also possible that SSL_write() cannot do any useful work until there is data to read, or that SSL_read() cannot do anything until it is possible to send data. One reason for this is that the peer may request a new TLS/SSL handshake at any time during the protocol, requiring a bi-directional message exchange; both SSL_read() and SSL_write() will try to continue any pending handshake. Thanks! - Original Message - From: Nathan Smyth naf...@ymail.com To: openssl-users@openssl.org openssl-users@openssl.org Cc: Sent: Sunday, 8 January 2012, 22:45 Subject: Re: socket functions on fds Pay special attention to the fact that sometimes an OpenSSL call to send or recv will ask you to wait (select) for it's own direction to be ready, sometimes for the other direction to be ready, depending on internal OpenSSL states. Selects before the SSL_read/writes? Any chance of a link to an example, or even some specific search terms? Thanks!! __ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
socket functions on fds
Quick question. Can you use the standard socket functions (i.e. poll/select) on a fd for a ssl connection? I know you need to use the ssl_read/writes and other functions etc to actually 'do stuff', but do the std socket state checking functions work on a socket that has SSL initiated? Thanks!! N __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Using File Descriptors? C++
Hi there, I was wondering if has any examples (either pasted or links) on using file descriptors (i.e. standard socket type operations) with OpenSSL. I tried some basic code, but the things I'm doing don't seem to work (e.g. I don't know how to build up a new SSL object given an existing fd on a SSL conn): (establish BIO, bind to socket) if(BIO_do_accept(bio) = 0) {err..} out = BIO_pop(bio); if (!(ssl = SSL_new(ctx))) { err..} SSL_set_bio(ssl, out, out); if (SSL_accept(ssl)=0) { ... } at this point: SSL_write(ssl, this works\n, 11); --- properly sends the text to the client... but if I try to 'rebuild' a connection from the fd, e.g. something like this: int sockfd = SSL_get_fd(ssl); SSL *ssl2 = SSL_new(ctx); SSL_set_fd(ssl2,sockfd); SSL_write(ssl2, this doesn't\n, 14); it doesn't... (I tried doing things like SSL_set_bio(ssl2, out, out); and SSL_accept(ssl2))... If anyone has any ideas they're most appreciated. Also the reason for this code is that I'm trying to work out how to use fds with OpenSSL. Essentially I've inherited an app that uses sockets for both inter-process communication (local comms) and network comms. I've been tasked with putting TLS on the network connections. But lots of the code involves (extended) select()s or poll()s on the socket fds, so it would be great and far less of a rewrite if I could also interact with OpenSSL connections using the socket fds and then 'building up' the objects around them. Thanks for your help! N
Using File Descriptors? C++
Hi there, I was wondering if has any examples (either pasted or links) on using file descriptors (i.e. standard socket type operations) with OpenSSL. I tried some basic code, but the things I'm doing don't seem to work (e.g. I don't know how to build up a new SSL object given an existing fd on a SSL conn): (establish BIO, bind to socket) if(BIO_do_accept(bio) = 0) {err..} out = BIO_pop(bio); if (!(ssl = SSL_new(ctx))) { err..} SSL_set_bio(ssl, out, out); if (SSL_accept(ssl)=0) { ... } at this point: SSL_write(ssl, this works\n, 11); --- properly sends the text to the client... but if I try to 'rebuild' a connection from the fd, e.g. something like this: int sockfd = SSL_get_fd(ssl); SSL *ssl2 = SSL_new(ctx); SSL_set_fd(ssl2,sockfd); SSL_write(ssl2, this doesn't\n, 14); it doesn't... (I tried doing things like SSL_set_bio(ssl2, out, out); and SSL_accept(ssl2))... If anyone has any ideas they're most appreciated. Also the reason for this code is that I'm trying to work out how to use fds with OpenSSL. Essentially I've inherited an app that uses sockets for both inter-process communication (local comms) and network comms. I've been tasked with putting TLS on the network connections. But lots of the code involves (extended) select()s or poll()s on the socket fds, so it would be great and far less of a rewrite if I could also interact with OpenSSL connections using the socket fds and then 'building up' the objects around them. Thanks for your help! N