Re: SSL attack scenario
Wikipedia is right in principle, but doesn't cover the case of TCP hijacking. By reliable delivery guarantee, it means the transport layer, once the data has left the application layer (i.e when is placed on the wire). Of course no guarantees are offerred for the application layer, where the application is free to send anything it wants. It would require a lot of effort, but a transparent proxy, can rewrite IP source headers, sequence numbers, ACKs and if it has followed all algos and key exchanges, even regenerate those. HMAC is nothing more than a glorified CRC encoded with some secret exchanged at the start. If anyone captures that secret can regenerate all MACs. Transparent proxies and gateways are always a concern in security, BR, Nikos - Original Message - From: "Andrey Koltsov" To: Sent: Monday, May 18, 2009 8:59 AM Subject: Re: SSL attack scenario JoΓ£o TΓ΅vora ΠΏΠΈΡ�ΠµΡ‚: What this article says is this: if you *received* data from TCP connection it will be "without duplication or losing data". It doesn't say: if you *send* data it will be received correctly by other host. It's impossible to garantee. -- Andrey Koltsov __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: SSL_write retruns with SSL_ERROR_WANT_WRITE on a non-blocking socket. Do I need to re-insert the same data when socket is ready.
Well, the manual clearly states about looping the SSL_write call. You can say what you want about it, but i have verified it in practice. Also it doesn't say anything about sched_yield, that's something you have to figure out on your own. You can either loop endlessly around the SSL_write call, burning up CPU cycles, or relinguish CPU to something more useful. I will not even try to suggest to you which is more efficient. Nikos - Original Message - From: "David Schwartz" To: Sent: Tuesday, May 12, 2009 2:03 PM Subject: RE: SSL_write retruns with SSL_ERROR_WANT_WRITE on a non-blocking socket. Do I need to re-insert the same data when socket is ready. Nikos Balkanas wrote: >> To make it clearer. Select or poll will return as soon as the socket >> is >> writable. However, SSL still needs to negotiate keys and >> encryption with the >> peer before you can exchange any data. This is handled >> transparently for you >> in each SSL_write call. Therefore SSL replies to you "Yes the socket >> is >> writeable, but I am not done yet with the handshake". > That would be SSL_ERROR_WANT_READ. If you get SSL_ERROR_WANT_WRITE, > that > means OpenSSL found that the socket was not wriable. No. SSL doesn't decide that. It is done at a lower level. It is decided by poll or select. Huh? SSL knows whether it was trying to read from the socket or write to the socket when it encountered a 'WOULDBLOCK' error. If nothing changes (and nothing can change unless you call into OpenSSL) it will repeat that same operation the next time you call. So it is OpenSSL that will tell you which direction it needs. It will not return a 'WANT_WRITE' error unless a write returned a 'WOULDBLOCK' error. The socket is writable the minute it unblocks (without errors other than SSL_*). And can be either SSL_WRITE or SSL_read. Read the manual. Huh? I've read this about five times and I can't figure out what you're trying to say. >> When you get SSL_ERROR_WANT_WRITE none of your data is written to the >> socket. > There is no such guarantee. OpenSSL may have written some, all, > or none of > your data to the socket. All that you know is: Yes, there is. By poll. If you get an error, your data is not written. Again, huh? The 'poll' function will tell you if the socket is writable or not, but if you call SSL_write and get a 'WANT_WRITE' return value, you have no way of knowing what OpenSSL may or may not have sent over the socket. The API is specifically designed so that you don't need to know. For example, suppose you go to send 148 bytes with a call to SSL_write. This forms an encrypted block of, say, 256 bytes. OpenSSL calls SSL_write and sends 180 of those bytes. This may or may not allow the other end to decrypt any of them (and it probably won't allow it to checksum any of them). What should SSL_write return? (It cannot return 148, because if it does, you won't call SSL_write again even if the socket becomes writable). So it *must* return WANT_WRITE even though it sort of wrote some of the data. > 1) OpenSSL needs the socket to be writable to make further progress in > this > direction. > > 2) You must provide the same data to OpenSSL the next time you call > SSL_write. Not necessarily, if you are using moving_buffers. You are mistaken. Moving buffers is about the buffers moving. It does not change the requirements about the contents of the buffers. If you call SSL_write to send 148 bytes of data and it winds up sending, say, 128 of the 256 bytes this encrypt to, OpenSSL will have to return WANT_WRITE. If you try to send anything other than those same 148 bytes of data (and possibly some after it), things will break. This is fundamental to the way the API is designed. UNIX does not provide an 'all or nothing' write function so OpenSSL can't either. >> You need to put it in a loop and call select or poll >> again. If you >> want to be efficient and not do many loops, put a sched_yield(); >> inside your >> loop. > That would be pointless. The 'select' or 'poll' function > permits efficient > blocking and beneficial context switches. Adding a sched_yield only > adds > context switches where they are not necessary and blows out the caches. Not in the case of SSL. Once poll unblocks SSL still needs the socket to do its stuff. If you try to write or read, the minute poll unblocks you, will be in trouble. You have to wait, in a loop, sometimes 50 loops. To be more CPU efficient, you can use sched_yield(), but it is up to you. I have no idea what you're talking about, but this makes *NO* sense. You most certainly should try to write or read the instant poll unblocks. There
Re: SSL_write retruns with SSL_ERROR_WANT_WRITE on a non-blocking socket. Do I need to re-insert the same data when socket is ready.
See inlined answers. Next time don't truncate the thread. To make it clearer. Select or poll will return as soon as the socket is writable. However, SSL still needs to negotiate keys and encryption with the peer before you can exchange any data. This is handled transparently for you in each SSL_write call. Therefore SSL replies to you "Yes the socket is writeable, but I am not done yet with the handshake". That would be SSL_ERROR_WANT_READ. If you get SSL_ERROR_WANT_WRITE, that means OpenSSL found that the socket was not wriable. No. SSL doesn't decide that. It is done at a lower level. It is decided by poll or select. The socket is writable the minute it unblocks (without errors other than SSL_*). And can be either SSL_WRITE or SSL_read. Read the manual. When you get SSL_ERROR_WANT_WRITE none of your data is written to the socket. There is no such guarantee. OpenSSL may have written some, all, or none of your data to the socket. All that you know is: Yes, there is. By poll. If you get an error, your data is not written. 1) OpenSSL needs the socket to be writable to make further progress in this direction. 2) You must provide the same data to OpenSSL the next time you call SSL_write. Not necessarily, if you are using moving_buffers. However, it is entirely legal within the specification for all the data to appear on the other end of the connection. (Though in practice, this won't happen.) You need to put it in a loop and call select or poll again. If you want to be efficient and not do many loops, put a sched_yield(); inside your loop. That would be pointless. The 'select' or 'poll' function permits efficient blocking and beneficial context switches. Adding a sched_yield only adds context switches where they are not necessary and blows out the caches. Not in the case of SSL. Once poll unblocks SSL still needs the socket to do its stuff. If you try to write or read, the minute poll unblocks you, will be in trouble. You have to wait, in a loop, sometimes 50 loops. To be more CPU efficient, you can use sched_yield(), but it is up to you. It's all in the manual. Read it. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: SSL_write retruns with SSL_ERROR_WANT_WRITE on a non-blocking socket. Do I need to re-insert the same data when socket is ready.
Hi, To make it clearer. Select or poll will return as soon as the socket is writable. However, SSL still needs to negotiate keys and encryption with the peer before you can exchange any data. This is handled transparently for you in each SSL_write call. Therefore SSL replies to you "Yes the socket is writeable, but I am not done yet with the handshake". When you get SSL_ERROR_WANT_WRITE none of your data is written to the socket. You need to put it in a loop and call select or poll again. If you want to be efficient and not do many loops, put a sched_yield(); inside your loop. BR, Nikos - Original Message - From: "David Schwartz" To: Sent: Monday, May 11, 2009 8:53 PM Subject: RE: SSL_write retruns with SSL_ERROR_WANT_WRITE on a non-blocking socket. Do I need to re-insert the same data when socket is ready. The short answer to the question in your subject is "yes", you have made a contract with OpenSSL to do so, so you sould fulfill that contract. Non-Blocking socket. called SSL_write with data (say 'abc123') and socket 'h'. Then 'SSL_get_error' found error code SSL_ERROR_WANT_WRITE. That means that the SSL_write function cannot make forward progress until the socket becomes writable. You have made a contract to send 'abc123' as the next six bytes of data, and you cannot change that. after some time call to 'select' detected that socket 'h' is writable. (Does it mean that data 'abc123' was written successfully ?) The question is ambiguous. But since you made a contract to send the data 'abc123', you are still required to send it, whether or not OpenSSL actually needs to get that data from you. (It might need the data, or it might ignore the next six bytes since it knows they're 'abc123', that's not your business.) Then I have to insert more data (say 'def567'). So before inserting this data should I re-insert 'abc123' data too ? Assuming you set MOVING_WRITE_BUFFER (which you should), you can send any data you want, but you must repeat the send of 'abc123' (possibly with additional data at the same time). Because the return value of SSL_write was not a positive integer, no data was logically consumed between the application and OpenSSL. So you must re-send the same data, whether or not OpenSSL actually needs it. (Otherwise, there would be no way to know what data needed to be sent and what didn't without a more complex interface.) DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Openssl Memory leak
70 KB is nothing nowadays. Besides each thread has its memory requirements, and memory is supposed to increase the more threads you use. Even if the threads reduce (lower load) memory may not go all the way back, because of global structures that have grown due to the load. But after several cycles, memory should stabilize when releasing threads. Best way is to put it through valgrind, but I expect that this is already been done by the developers in the group. BR, Nikos - Original Message - From: Fabian Bergmark To: openssl-users@openssl.org Sent: Thursday, May 07, 2009 4:49 PM Subject: Re: Openssl Memory leak After some investigation I've figured out that the memory leak isn't caused by running Openssl in threads. However, after about 200 connections, may vary, the used memory increases with around 70 kb. Is this normal? I guessed it's allocated by the openssl library 2009/5/6 Fabian Bergmark Okey. Now i got no more memory leaks when I put the SSL code in main. However, if i try to put the exact same code in a thread the memory leak is back. Here is the essential code I'm using; void lcserver::start() { SSL_library_init(); SSL_load_error_strings(); method = SSLv23_server_method(); ctx = SSL_CTX_new(method); Some windows socket code... while(acceptsocket = accept(listensocket,(sockaddr*)&sin,&len)) { struct clientinfo *client; client = new struct clientinfo(acceptsocket,sin.sin_addr.s_addr,clientid++,this,rooms[0]->getthis(),ctx); client->M1(); } } void clientinfo::M1() { CreateThread(0,0,(LPTHREAD_START_ROUTINE)M2,(LPVOID)this,0,0); } void clientinfo::M2(LPVOID param) { clientinfo* Call = (clientinfo*)param; Call->listenfor(); delete Call; return; } void clientinfo::listenfor() { SSL_set_bio(ssl,bio,bio); SSL_accept(ssl); while(SSL_shutdown(ssl) == 0) ; SSL_free(ssl); ERR_remove_state(0); } Just running this code which shouldn't leave any allocated memory, about 12 kb ram is still allocated. 2009/5/5 Nikos Balkanas Hi, Check the return value of SSL_shutdown(ssl). Sometimes it needs up to 4 iterations to complete due to internal state machine. It completes when the value != 0. Hope it helps. BR, Nikos - Original Message - From: Fabian Bergmark To: openssl-users@openssl.org Sent: Tuesday, May 05, 2009 9:13 PM Subject: Openssl Memory leak Hi I am currently writing a Chat application using the Openssl library for encryption. It's a multi-thread application and every client is managed by a different thread. However, ever since I implemented Openssl there seams to be a memory leak of around 10 kb. My openssl-code code is looking like following: SSL_set_bio(ssl,bio,bio); SSL_accept(ssl); SSL_shutdown(ssl); SSL_free(ssl); where bio and ssl is class objects where BIO is set like bio = BIO_new_socket(s,BIO_NOCLOSE) The increased memory does not occur before SSL_accept(ssl). The first time a client connect about a 100 kb is allocated, which I suppose is due to some initialising function. For each new client about 0-20 kb are still allocated after SSL_shutdown(ssl); SSL_free(ssl); is issued. Is there some cleanup functions im forgetting? I am using windows btw.
Re: Openssl Memory leak
Hi, Check the return value of SSL_shutdown(ssl). Sometimes it needs up to 4 iterations to complete due to internal state machine. It completes when the value != 0. Hope it helps. BR, Nikos - Original Message - From: Fabian Bergmark To: openssl-users@openssl.org Sent: Tuesday, May 05, 2009 9:13 PM Subject: Openssl Memory leak Hi I am currently writing a Chat application using the Openssl library for encryption. It's a multi-thread application and every client is managed by a different thread. However, ever since I implemented Openssl there seams to be a memory leak of around 10 kb. My openssl-code code is looking like following: SSL_set_bio(ssl,bio,bio); SSL_accept(ssl); SSL_shutdown(ssl); SSL_free(ssl); where bio and ssl is class objects where BIO is set like bio = BIO_new_socket(s,BIO_NOCLOSE) The increased memory does not occur before SSL_accept(ssl). The first time a client connect about a 100 kb is allocated, which I suppose is due to some initialising function. For each new client about 0-20 kb are still allocated after SSL_shutdown(ssl); SSL_free(ssl); is issued. Is there some cleanup functions im forgetting? I am using windows btw.
Re: I want you to do my homework for me.
Hi, Isn't the abusive language and attitude used by Miguel good reason to ban him/her from this group? Although it was taken as humorous in the beginning, it seems that a lot of users were put off by his message. BR, Nikos - Original Message - From: Robert Butler To: openssl-users@openssl.org Sent: Monday, May 04, 2009 4:01 PM Subject: Re: I want you to do my homework for me. Hi Alan, I do apologize for the outburst in the mailing list over the weekend. But he's succeeded in pushing my buttons. I do recommend though, that you read over the entirety of the thread / message in question, and not just my response to "Miguel." He has been making warrant-less threats, accusations, and demands since early Saturday. I tried being polite out of respect for the mailing list. That being said, I resent greatly labeling of me in the way that he has, and merely wished to be overly blunt to demonstrate that I could have posted far worse, far earlier, however had exhibited restraint due to the fact that this -is- a public mailing list. Though, what I'd posted was more from frustration than anything else. Once again, I apologize for -my- behavior. - Robert On Mon, 2009-05-04 at 10:16 +0100, a.l.m.bu...@lboro.ac.uk wrote: Hi, > No. I was trying to be polite, excuse me? This is a general open public mailing list for OpenSSL. this sort of abusive language has no place here - its read by a mixture of professional, non-professional, adults, children, researchers, computer users etc. foul language has its place in other, more appropriate locations. please take some responsibility and be responsible I can see no purpose of this silly thread other than to disrupt an otherwise useful and normal mailing list. alan __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: I want you to do my homework for me.
Yes, mistress. Immediately. - Original Message - From: "Miguel Ghobangieno" To: Sent: Sunday, May 03, 2009 10:14 AM Subject: Re: I want you to do my homework for me. Libssl should be rewritten in java on ruby upon rails (the bottom rail, which is now on top). This is not a suggestion. It is a demand. You _MUST_ comply. --- On Sat, 5/2/09, Frans de Boer wrote: From: Frans de Boer Subject: Re: I want you to do my homework for me. To: openssl-users@openssl.org Date: Saturday, May 2, 2009, 9:43 PM On Sat, 2009-05-02 at 07:19 -0700, Miguel Ghobangieno wrote: > I'd like to do some crypto homework. It entails rebuilding the openssl > library on windows 8 (C###). I'd like you to deatail the _EXACT_ > procedure for rebuilding/recoding/synergising the openssl library in > windows 8's C###. You have to do this because I told you to, requested > it of you, demanded it of you. > > Accusations such as "think of the code" or "learn openssl by reading > the code" etc will be forwarded to the Equal Empolyment Oppourtunity > Commission. > > Furthermore I am aware that you opensource coders are all a buch of > mysoginist sexists; for the most part you are all _men_. The EEOC is > going to hear of THAT aswell. > > Period. > Slash > Normally I do not react, but this message must be written by a child, looking by the many spelling errors. So who can take this person seriously? 'It' clearly has no clue about the real world. Or is it an attempt to gobble up bandwidth on the Internet? In which case it succeeded moderately. Frans. __ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Bind Jamming Port
Hi, Sounds like you are not closing the port when exiting. If you do a netstat what state do you see ? CLOSE_WAIT? BR, Nikos - Original Message - From: Michael Lawson (mshindo) To: openssl-users@openssl.org Sent: Thursday, April 16, 2009 2:04 PM Subject: Bind Jamming Port Hey Guys, I have an application that creates using the openssl libraries under linux a encrypted server. This works perfectly apart from one small bug, whenever I close the application, either deliberately or though an unexpected error the port becomes locked(I get bind errors if I try and start the server again) for a time period, sometime spanning up to 10 minutes. Is there something I am missing or something I can do to stop this from happening? -- Michael
Re: apache http server not connecting to correct open ssl --urgent help needed
I see your problem: Do the following with your correct LD_LIBRARY_PATH: echo $LD_LIBRARY_PATH ldd and post results Nikos - Original Message - From: "Srinivas Jonnalagadda" To: ; Cc: Sent: Friday, April 03, 2009 7:09 PM Subject: Re: apache http server not connecting to correct open ssl --urgent help needed hi nikos, Thanks fo rthe information. i tried you idea but still when i restart i get the following message. any more information is highly appreciated. My LDPATH has been set to the following: LD_LIBRARY_PATH="/usr/local/openssl098i/lib:/apps/opt/apache2/lib:$LD_LIBRARY_PATH" export LD_LIBRARY_PATH [Fri Apr 03 12:00:38 2009] [warn] Init: Session Cache is not configured [hint: SSLSessionCache] [Fri Apr 03 12:00:38 2009] [notice] Digest: generating secret for digest authentication ... [Fri Apr 03 12:00:38 2009] [notice] Digest: done [Fri Apr 03 12:00:41 2009] [notice] Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8b configured -- resuming normal operations Thanks, srinivas Jonnalagadda -Original Message- From: Nikos Balkanas Sent: Apr 3, 2009 7:11 AM To: openssl-users@openssl.org Cc: openssl-...@openssl.org Subject: Re: apache http server not connecting to correct open ssl --urgent help needed Hi, I imagine you are using a Solaris 10 machine. You also need to load different versions of the same library. You need to set the correct LD_LIBRARY_PATH. For 2.0.55 include in the LD_LIBARY_PATH your 0.9.8b libraries (libssl, libcrypto). For the 2.0.63 include your 0.9.8i libraries path (/usr/local/openssl098i/lib). Best way is to create 2 scripts (start55, start63) that set up your LD_LIBRARY_PATH correctly. BR, Nikos - Original Message - From: "The Doctor" To: Cc: Sent: Friday, April 03, 2009 1:01 AM Subject: Re: apache http server not connecting to correct open ssl --urgent help needed On Thu, Apr 02, 2009 at 05:20:30PM -0400, Srinivas Jonnalagadda wrote: Hi, I have openssl 0.9.8b installed with apache http server 2.0.55 on sloariz machine. when i installed i used the /usr/local/ssl as prefix and i did not use shared threads option. I was able to install successfully. On the same machine i installed openssl 0.9.8i in /usr/local/openssl098i directory and used the shared threads option. i installed apache http 2.0.63 on the same machine and when i installed i gave prefix as /usr/local/openssl098i. my intention was tht when i start apache http 2.0.63 i should use /usr/local/openssl098i and when is start apache http server 2.0.55 i should use /usr/local/ssl. My problem now is when i start both are connecting to openssl 0.9.8b. Please tell me how to connect to both. You need to make slight modifications to the Apache code! Instead of STACK you need to specify STACK_OF( ). Thanks, Srinivas Jonnalagadda __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org -- Member - Liberal International This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca God, Queen and country! Beware Anti-Christ rising! Never Satan President Republic! Point to http://tv.cityonahillproductions.com/ __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: apache http server not connecting to correct open ssl --urgent help needed
Hi, I imagine you are using a Solaris 10 machine. You also need to load different versions of the same library. You need to set the correct LD_LIBRARY_PATH. For 2.0.55 include in the LD_LIBARY_PATH your 0.9.8b libraries (libssl, libcrypto). For the 2.0.63 include your 0.9.8i libraries path (/usr/local/openssl098i/lib). Best way is to create 2 scripts (start55, start63) that set up your LD_LIBRARY_PATH correctly. BR, Nikos - Original Message - From: "The Doctor" To: Cc: Sent: Friday, April 03, 2009 1:01 AM Subject: Re: apache http server not connecting to correct open ssl --urgent help needed On Thu, Apr 02, 2009 at 05:20:30PM -0400, Srinivas Jonnalagadda wrote: Hi, I have openssl 0.9.8b installed with apache http server 2.0.55 on sloariz machine. when i installed i used the /usr/local/ssl as prefix and i did not use shared threads option. I was able to install successfully. On the same machine i installed openssl 0.9.8i in /usr/local/openssl098i directory and used the shared threads option. i installed apache http 2.0.63 on the same machine and when i installed i gave prefix as /usr/local/openssl098i. my intention was tht when i start apache http 2.0.63 i should use /usr/local/openssl098i and when is start apache http server 2.0.55 i should use /usr/local/ssl. My problem now is when i start both are connecting to openssl 0.9.8b. Please tell me how to connect to both. You need to make slight modifications to the Apache code! Instead of STACK you need to specify STACK_OF( ). Thanks, Srinivas Jonnalagadda __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org -- Member - Liberal International This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca God, Queen and country! Beware Anti-Christ rising! Never Satan President Republic! Point to http://tv.cityonahillproductions.com/ __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: SSL_write problem
Hi, Thanx for the quick response. Unfortunately the same problem persists: void conn_init_ssl(void) { SSL_library_init(); SSL_load_error_strings(); global_ssl_context = SSL_CTX_new(SSLv23_client_method()); SSL_CTX_set_mode(global_ssl_context,. SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER | SSL_MODE_AUTO_RETRY); } Any ideas? What should the underlying socket be blocking/not blocking? Can I have at the same time non-blocking read and blocking write? BR, Nikos - Original Message - From: "Kyle Hamilton" To: Sent: Tuesday, March 31, 2009 3:13 AM Subject: Re: SSL_write problem SSL_CTX_set_mode(ssl, SSL_MODE_AUTO_RETRY); 2009/3/30 Nikos Balkanas : Hi, I would like to ideally use non-blocking SSL_read and blocking SSL_write. Is this possible with BIO_set_nbio? What should the underlying socket be in that case? If this is not possible, as I suspect, i have the problem that the non-blocking SSL_write with select, will stallΒ afterΒ first SSL_error of SSL_ERROR_WANT_READ || SSL_ERROR_WANT_WRITE without ever writing the data: while(((select(fd + 1, NULL, &rset, NULL, &alarm)) > 0) && FD_ISSET(fd, &rset)) { Β Β Β Β Β res = SSL_write(ssl, input, len); Β Β Β Β Β if (res == -1) Β Β Β Β Β { Β Β Β Β Β Β Β Β Β Β Β Β Β Β SSL_error = SSL_get_error(ssl, res); Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β printf("SSL_error = %d\n", SSL_error); Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β if (SSL_error != SSL_ERROR_WANT_READ && SSL_error != SSL_ERROR_WANT_WRITE) Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β return(-1); Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β else FD_CLR(fd, &rset); Β Β Β Β Β Β } Β Β Β Β Β Β else return(res); } My only solution so far has been to use the non-blocking SSL_write as a blocking one, but it is terribly inefficient, looping as many as 50 timesΒ before writing the data: while((ret = SSL_write(ssl, request->data, request->len)) < 0) { Β Β Β Β Β Β Β SSL_error = SSL_get_error(ssl, ret); Β Β Β Β Β Β Β Β if (SSL_error != SSL_ERROR_WANT_READ && SSL_error != SSL_ERROR_WANT_WRITE) Β Β Β Β Β Β Β Β Β Β Β Β Β Β break; Β Β Β Β Β Β Β Β thr_yield(); } Any ideas? TIA, Nikos :I®r¶Γ¥²�¦1��¥²z¥²€Άy²�®Ά�z– __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
SSL_write problem
Hi, I would like to ideally use non-blocking SSL_read and blocking SSL_write. Is this possible with BIO_set_nbio? What should the underlying socket be in that case? If this is not possible, as I suspect, i have the problem that the non-blocking SSL_write with select, will stall after first SSL_error of SSL_ERROR_WANT_READ || SSL_ERROR_WANT_WRITE without ever writing the data: while(((select(fd + 1, NULL, &rset, NULL, &alarm)) > 0) && FD_ISSET(fd, &rset)) { res = SSL_write(ssl, input, len); if (res == -1) { SSL_error = SSL_get_error(ssl, res); printf("SSL_error = %d\n", SSL_error); if (SSL_error != SSL_ERROR_WANT_READ && SSL_error != SSL_ERROR_WANT_WRITE) return(-1); else FD_CLR(fd, &rset); } else return(res); } My only solution so far has been to use the non-blocking SSL_write as a blocking one, but it is terribly inefficient, looping as many as 50 times before writing the data: while((ret = SSL_write(ssl, request->data, request->len)) < 0) { SSL_error = SSL_get_error(ssl, ret); if (SSL_error != SSL_ERROR_WANT_READ && SSL_error != SSL_ERROR_WANT_WRITE) break; thr_yield(); } Any ideas? TIA, Nikos
Re: Linking with mingw on Windows
Hi, RSA_new is defined in libcrypto. It is obviously not defined in libeay32. You can check it with "nm libeay32.a | grep RSA_new". Then you should probably get a good copy of libcrypto. BR, Nikos - Original Message - From: Kenneth Goldman To: openssl-users@openssl.org Sent: Monday, March 09, 2009 8:26 PM Subject: Linking with mingw on Windows What's the linker format when using [gcc / mingw] on Windows? I am not using cygwin! I assume I should use the libraries in .../OpenSSL/lib/MinGW, but maybe not. I've tried -leay32 -L"C:/program files/openssl/lib/mingw/libeay32.a" and even copying libeay32.a to libcrypto.a and -lcrypto I've linked in ssleay32.a as well. It's seeing the library file, because I get a file not found error if I spell the library name incorrectly. But it's not finding the functions. For all cases, I get errors of the form: c:107: undefined reference to `RSA_new' for all openssl function calls. -- Ken Goldman kg...@watson.ibm.com 914-784-7646 (863-7646)
DES_CBC_40 question
Hi, I have implemented DES_CBC encryption/decryption. I would like now to include also support for DES_CBC_40. Code is in C and I am using the des_ncbc_encrypt function. I imagine the same function can be used for the 40 bit version. What changes are needed to do this? Is there a place with the relevant documentation? Thanx, Nikos __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: des_ncbc_encrypt question
Dear Bill, Thank you very much for your quick reponse, on Sunday night! Indeed I had read this part, but couldn't make much of it. It took me a while to rewrite the code, but eventually everything looks fine! BR, Nikos - Original Message - From: "Bill Colvin" To: Sent: Sunday, March 08, 2009 9:11 PM Subject: RE: des_ncbc_encrypt question I suggest you carefully read the following function description paying close attention to length. DES_ncbc_encrypt() encrypts/decrypts using the cipher-block-chaining (CBC) mode of DES. If the encrypt argument is non-zero, the routine cipher-block-chain encrypts the cleartext data pointed to by the input argument into the ciphertext pointed to by the output argument, using the key schedule provided by the schedule argument, and initialization vector provided by the ivec argument. If the length argument is not an integral multiple of eight bytes, the last block is copied to a temporary area and zero filled. The output is always an integral multiple of eight bytes. Bill -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Nikos Balkanas Sent: March 8, 2009 1:20 PM To: openssl-users@openssl.org Subject: des_ncbc_encrypt question Hi, I am using des_ncbc_encrypt to encrypt/decrypt packages in a server/client architecture (CBC mode). When I test encryption/decryption from within the server I get everything decrypted OK, except the last 4 bytes. However, this is enough for the client to reject the packet. I am using the following code: uchar * output; des_key_schedule des_ks; des_cblock des_key, des_iv; memcpy(des_iv, iv, sizeof(des_iv)); memcpy(des_key, server_write_enc_key, sizeof(des_key)); des_set_odd_parity(&des_key); if (des_set_key_checked(&des_key, des_ks)) { error(0, "wtls_des: Unable to set key schedule"); return(NULL); } output = (uchar *)gw_malloc((len + 1)* sizeof(uchar)); des_ncbc_encrypt(data, output, len, des_ks, &des_iv, crypt); where crypt takes the values DES_ENCRYPT or DES_DECRYPT. (gdb) p data + 1640 $11 = ( unsigned char *) 0x75f700 "*ξΥΰl:=8Ο…\n\236\236Ο€\006\006\006\006\006\006\006" (gdb) p output + 1640 $15 = (uchar *) 0x75e6f0 "YyΞ�6Ξ°οΏ½'\216―LΞ�kΟ†\033\232’)«Ε\233" Decrypting output through another call to the same function (everything gets reinitialized) I get: (gdb) p data + 1640 $22 = (unsigned char *) 0x760710 "YyΞ�6Ξ°οΏ½'\216―LΞ�kΟ†\033\232’)«Ε\233" (OK) (gdb) p output + 1640 $24 = (uchar *) 0x75c6d0 "*ξΥΰl:=8Ο…\n\236\236Ο€\006\006\006(VΟ‡R" (??) Everything is fine except for the trailing "(VΟ‡R". Any ideas or pointers of what is wrong, would be greatly appreciated. Thanx, Nikos Balkanas __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org :I®r¶Γ¥²�¦1��¥²z¥²€Άy²�®Ά�z– __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
des_ncbc_encrypt question
Hi, I am using des_ncbc_encrypt to encrypt/decrypt packages in a server/client architecture (CBC mode). When I test encryption/decryption from within the server I get everything decrypted OK, except the last 4 bytes. However, this is enough for the client to reject the packet. I am using the following code: uchar * output; des_key_schedule des_ks; des_cblock des_key, des_iv; memcpy(des_iv, iv, sizeof(des_iv)); memcpy(des_key, server_write_enc_key, sizeof(des_key)); des_set_odd_parity(&des_key); if (des_set_key_checked(&des_key, des_ks)) { error(0, "wtls_des: Unable to set key schedule"); return(NULL); } output = (uchar *)gw_malloc((len + 1)* sizeof(uchar)); des_ncbc_encrypt(data, output, len, des_ks, &des_iv, crypt); where crypt takes the values DES_ENCRYPT or DES_DECRYPT. (gdb) p data + 1640 $11 = ( unsigned char *) 0x75f700 "*ξΥΰl:=8υ\n\236\236π\006\006\006\006\006\006\006" (gdb) p output + 1640 $15 = (uchar *) 0x75e6f0 "YyΚ6ΰ�'\216―LΊkφ\033\232’)«Ε\233" Decrypting output through another call to the same function (everything gets reinitialized) I get: (gdb) p data + 1640 $22 = (unsigned char *) 0x760710 "YyΚ6ΰ�'\216―LΊkφ\033\232’)«Ε\233" (OK) (gdb) p output + 1640 $24 = (uchar *) 0x75c6d0 "*ξΥΰl:=8υ\n\236\236π\006\006\006(VχR" (??) Everything is fine except for the trailing "(VχR". Any ideas or pointers of what is wrong, would be greatly appreciated. Thanx, Nikos Balkanas __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org