Re: Net ssleay on Active Perl

2008-02-22 Thread Sisyphus 


- Original Message - 
From: "Norm Bumbieris" <[EMAIL PROTECTED]>

To: 
Sent: Saturday, February 23, 2008 4:42 PM
Subject: Net ssleay on Active Perl





Dear Users

I am presently trying to insert Net ssleay V1.32 into Active Perl V5.8.0
build 805 for Windows XP SP2. I downloaded the relevant zip file, however,
I
am having real problems getting it to compile and install. It appears that
there is somewhere out there a module for Active Perls PPM however I have
been unable to find a repository with it and a location if known would be
greatly appreciated.

I have already managed to successfully download and compile openssl
V0.9.8G.



You can get Net-SSLeay-1.32 from the uwinnipeg rep:
ppm install http://theoryx5.uwinnipeg.ca/ppms/Net-SSLeay.ppd

I'm not sure whether that will work with the openssl that you have compiled.
(During the 'ppm install' you'll be prompted to install a pre-built openssl,
which you might need to do if you want that ppm to work.)

I built Net-SSLeay against 0.9.8g a few days ago. To get it to build, I
discarded the Makefile.PL that shipped with the Net-SSLeay-1.32 source and
used this one instead:


use ExtUtils::MakeMaker;

WriteMakefile(
 PREREQ_PM => {
  'Sub::Uplevel' => '0',
  'Test::Exception' => '0',
  'Array::Compare' => '0',
  'Tree::DAG_Node' => '0',
  'Test::Warn' => '0',
  'MIME::Base64' =>0,
  },
 NAME => 'Net::SSLeay',
 INC => '-IC:/_32/msys/local/ssl/include',
 LIBS => 
['-LC:/_32/msys/local/ssl/lib -lssl -lcrypto -LC:/_32/msys/local/lib -lz'],

 VERSION_FROM => 'lib/Net/SSLeay.pm',
);


If you amend the INC setting to point to the location of your openssl 
includes, and amend the LIBS settings to reflect the name and location of 
the import/static libraries on your box, then it will probably work for you. 
I had actually built a static openssl lib using MinGW, but I think things 
will be (generically) the same with your perl and openssl.


You can ignore the -LC:/_32/msys/local/lib -lz' unless you built your 
openssl with zlib compression support. Even then, if you built a dynamic 
openssl (dll) you can probably still ignore it. (If you get linking errors 
relating to 'compress' and 'deflate' then you'll know you need to link to 
libz.lib.)


If you want to go that way (instead of the ppm route), but have trouble 
getting that Makefile.PL to work, feel free to get back to us.


Cheers,
Rob 


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]

Re: NET::SSLeay

2002-08-17 Thread Lutz Jaenicke 

On Fri, Aug 16, 2002 at 04:41:59PM -0400, Joel wrote:
> rpm -q openssl-devel
> openssl-devel-0.9.5a-2
...
> + /usr/bin/perl Makefile.PL /usr
> That's is newer than what this module was tested with (0.9.3a). You
> should
> consider checking if there is a newer release of this module
> available. Everything will probably work OK, though.
> + make OPTIMIZE=-O2 -m486 -fno-strength-reduce PREFIX=/usr
> In file included from /usr/include/openssl/pem.h:66,
>  from /usr/include/openssl/ssl.h:147,
>  from SSLeay.xs:55:
> /usr/include/openssl/evp.h:97: openssl/idea.h: No such file or directory

You seem to be using Redhat. Redhat's openssl-packages have some algorithms
removed for legal (patent) reasons.

Best regards,
Lutz
-- 
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Net::SSLeay .. https-proxy-sniff.pl .. How can I snoop an MSIE browser session.

2002-03-15 Thread POP account for superquote.co.uk 

thanks, looks like it might help.

- Original Message -
From: GOLDING,CHARLTON (Non-HP-Corvallis,ex1) <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, March 15, 2002 12:45 AM
Subject: RE: Net::SSLeay .. https-proxy-sniff.pl .. How can I snoop an MSIE
browser session.


> WinPcap came in handy for me at one stage, you might find some tools here:
>
>
> http://security.oreilly.com/news/securingnt2_1200.html
>
>
> Chet
>
> -Original Message-
> From: Martin Witzel [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, March 13, 2002 2:59 AM
> To: [EMAIL PROTECTED]
> Subject: Re: Net::SSLeay .. https-proxy-sniff.pl .. How can I snoop an
MSIE
> browser session.
>
>
> Check out ettercap ( ettercap.sourceforge.net  )
> No personal experience, though.
>
> Regards, Martin
>
> __
> OpenSSL Project http://www.openssl.org
> User Support Mailing List[EMAIL PROTECTED]
> Automated List Manager   [EMAIL PROTECTED]
> __
> OpenSSL Project http://www.openssl.org
> User Support Mailing List[EMAIL PROTECTED]
> Automated List Manager   [EMAIL PROTECTED]
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

RE: Net::SSLeay .. https-proxy-sniff.pl .. How can I snoop an MSIE browser session.

2002-03-14 Thread GOLDING,CHARLTON (Non-HP-Corvallis,ex1) 

WinPcap came in handy for me at one stage, you might find some tools here:

 
http://security.oreilly.com/news/securingnt2_1200.html


Chet

-Original Message-
From: Martin Witzel [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, March 13, 2002 2:59 AM
To: [EMAIL PROTECTED]
Subject: Re: Net::SSLeay .. https-proxy-sniff.pl .. How can I snoop an MSIE
browser session.


Check out ettercap ( ettercap.sourceforge.net  )
No personal experience, though.

Regards, Martin

__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Net::SSLeay .. https-proxy-sniff.pl .. How can I snoop an MSIE browsersession.

2002-03-13 Thread Martin Witzel 


Check out ettercap ( ettercap.sourceforge.net  )
No personal experience, though.

Regards, Martin

__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Net::SSLeay .. https-proxy-sniff.pl .. How can I snoop an MSIE browser session.

2002-03-13 Thread Sean O'Riordain 

For all sniffing, I use ethereal (.com), free and very useful - recently 
helped me setup an ipsec connection - pointing out that the two ends 
were proposing different crypto sets.  While I haven't used it for 
debugging ssl, I'd be quite sure there is useful information to be gleaned.

Sean O'Riordain

POP account for superquote.co.uk wrote:
> Hi,
> 
> I'm using the most excellent https-proxy-sniff from the perl module
> Net::SSLeay.
> 
> It works fine to sniff a secure transaction from a linux client on the local
> host ( to a remote server ), but fails when I try to sniff a transaction
> from MSIE on a windows client on the local ( private ) network.
> 
> Anybody got any ideas ? Anybody succeeded at this before ?
> 
> Cheers
> Simon Clewer

__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Net::SSLeay - Openssl make test - 5 test failed

2000-12-04 Thread Jackie Chan 

How do you know that your OPenSSL installation was succsesful?

-blue0ne
http://www.digitz.org



On Mon, 4 Dec 2000, Volker Duerr wrote:

> Hi everybody,
> I have got a problem with openssl and the Perl module Net:SSLeay. After
> installing openssl (installation seemed o.k), I tried to install
> Net:SSLeay, but the make test failed. I am runing a i686 linux,
> kernel-2.2.16, gcc 2.95.2, perl 5.005_03 and glibc-2.1. I tried a
> installation with Net::SSLeay 1.04 and 0.9.3a and 1.05 and 0.9.5a. Later
> I changed Net:SSLeay and openssl.
> 
> Make test generates always the following errors:
> Spawning a test server port 1212, pid=6478
> Your vendor hast not defined SSLeay macro sslcat at examples/sslcat.pl
> line 14
> ***not ok 3
> 
> Your vendor has not defined SSLeay macro randomize at
> examples/minicli.pl line 8
> ***not ok 4
> 
> connect: Connection refused (Verbindungsaufbau abgelehnt) at
> examples/callback line 28
> ***not ok 5
> 
> Sending 1 MB over localhost, may take a while (and some VM)
> connect: connection refused at example/bulk.pl line 18
> *** not ok 6
> 
> Sending 1 MB over pipes, may take a while
> Your vendor has not defined SSLeay macro set_server_and_key at
> examples/stdio_bulk.pl line 16
> **not ok 7
> 
> I don't know what I have to do to avoid these errors. I would appreciate
> any hint or information to solve this problems.
> __
> OpenSSL Project http://www.openssl.org
> User Support Mailing List[EMAIL PROTECTED]
> Automated List Manager   [EMAIL PROTECTED]
> 

__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Net::SSLeay/Net::LDAPS problem

2000-10-11 Thread Richard Levitte - VMS Whacker 

From: Edwin Chiu <[EMAIL PROTECTED]>

Edwin.Chiu> It's a common problem with SSLeay and OpenSSL, it assumes
Edwin.Chiu> a finite file. So just do this:
Edwin.Chiu> 
Edwin.Chiu> head -100 /dev/urandom > $HOME/.random

That's trusting there will be 100 \n's in a finite and relatively
short time, isn't it?  :-)

-- 
Richard Levitte   \ Spannvägen 38, II \ [EMAIL PROTECTED]
Chairman@Stacken   \ S-168 35  BROMMA  \ T: +46-8-26 52 47
Redakteur@Stacken   \  SWEDEN   \ or +46-709-50 36 10
Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/
Software Engineer, Celo Communications: http://www.celocom.com/

Unsolicited commercial email is subject to an archival fee of $400.
See  for more info.
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Net::SSLeay/Net::LDAPS problem

2000-10-11 Thread Edwin Chiu 

It's a common problem with SSLeay and OpenSSL, it assumes a finite file. So
just do this:

head -100 /dev/urandom > $HOME/.random

And use that to seed the PRNG... or some systems have a
/var/run/random-seed, which only gets
updated at boot time and readable only by root

Edwin

Jie Gao wrote:

> Sorry I forgot to say this is on Sparc/Solaris 7.
>
> On Wed, 11 Oct 2000, Jie Gao wrote:
>
> > Date: Wed, 11 Oct 2000 15:10:58 +1100 (EST)
> > From: Jie Gao <[EMAIL PROTECTED]>
> > Reply-To: [EMAIL PROTECTED]
> > To: [EMAIL PROTECTED]
> > Subject: Net::SSLeay/Net::LDAPS problem
> >
> > Hi All,
> >
> > I have a test script using Net::LDAPS, but it never stops reading from
> > /dev/urandom. Here's some of the truss output:
> >
> > stat("/dev/urandom", 0x000C38CC)= 0
> > stat("/dev/urandom", 0x000C38CC)= 0
> > stat("/dev/urandom", 0xFFBEEF18)= 0
> > open("/dev/urandom", O_RDONLY)  = 5
> > fstat64(5, 0xFFBEED60)  = 0
> > ioctl(5, TCGETA, 0xFFBEECEC)Err#6 ENXIO
> > read(5, "E3 *AD10B8 j l = F *E3 *".., 8192) = 8192
> > read(5, " @ ` ~B7029EEA12DB I @ `".., 8192) = 8192
> > read(5, "EFA4D81BF0 : X L Z yEFA4".., 8192) = 8192
> > read(5, " mACBADA W18E9971D | mAC".., 8192) = 8192
> > read(5, "80E7A8 9 ` V " YAABB80E7".., 8192) = 8192
> > read(5, " E95 o 0 V vA6 f8A = H |".., 8192) = 8192
> > read(5, " jC78B A S82F7 6D4 T8A I".., 8192) = 8192
> > read(5, "89 *8FED J C7F1E9EC989 *".., 8192) = 8192
> > read(5, "18EE82F6 WA9C8DFE3E818EE".., 8192) = 8192
> > read(5, "87CD83 u19 2CF mE1BC87CD".., 8192) = 8192
> > read(5, "97 {ED911F f 61F u P97 {".., 8192) = 8192
> > read(5, "D80EFA02 C\rECC9ACF3D80E".., 8192) = 8192
> > read(5, "\0E805DA S8FF7D8 5DB\0E8".., 8192) = 8192
> > read(5, "15A2E48AB49A A JAE ^\0 g".., 8192) = 8192
> > read(5, "89809B o L ZAC rB2 mB7 U".., 8192) = 8192
> > read(5, " KB8 _CB Z f C8E8FB8 KB8".., 8192) = 8192
> > read(5, "\t8AA9DF o L80AC CDB\t8A".., 8192) = 8192
> > read(5, "9C pB7A8C78BD9DF87AB9C p".., 8192) = 8192
> > read(5, " <   vF8BA l } YD785 <  ".., 8192) = 8192
> > read(5, " FFB1CE2C6 j8AABC1 - FFB".., 8192) = 8192
> > read(5, "E0 K o VBE v lF3 t yE0 K".., 8192) = 8192
> > read(5, " >8FBB 7 ?F1F9D1D89501E8".., 8192) = 8192
> > read(5, "B0 5B7 MF5EC879E839C 6A5".., 8192) = 8192
> > read(5, " 2 k95 1E10E8E18F013 2 k".., 8192) = 8192
> > read(5, "F7 . Y U94\0 >F2EC #F7 .".., 8192) = 8192
> > read(5, "ABB5 *   G\nFB P83 gABB5".., 8192) = 8192
> > read(5, " a9205\bB2 O s jACD2 a92".., 8192) = 8192
> > read(5, "DA cEE83C81DF2 r ] "DA c".., 8192) = 8192
> > read(5, "BDA6F5 J q \ rB7 o lBDA6".., 8192) = 8192
> > read(5, "F0DE _84 19403AEB8E6 H88".., 8192) = 8192
> > read(5, "88 kC2FA g N92 QB589 ^D8".., 8192) = 8192
> > read(5, "A3AF T u # }9BB685B3A3AF".., 8192) = 8192
> > read(5, "03CDA6D3D0D2 CAC r v03CD".., 8192) = 8192
> > read(5, " e J0795 UFF n91D415 e J".., 8192) = 8192
> > read(5, "FB99A2 * a h O1C16 :FB99".., 8192) = 8192
> > read(5, "07D8 ND7 VAE @FBA3E207D8".., 8192) = 8192
> > read(5, "CA889F )A0FE86A3 \92CA88".., 8192) = 8192
> > read(5, "AB L PF7AC {9F g9F LC1DD".., 8192) = 8192
> >
> > This goes on and on and on
> >
> >
> > Jie
> >
> > __
> > OpenSSL Project http://www.openssl.org
> > User Support Mailing List[EMAIL PROTECTED]
> > Automated List Manager   [EMAIL PROTECTED]
> >
>
> __
> OpenSSL Project http://www.openssl.org
> User Support Mailing List[EMAIL PROTECTED]
> Automated List Manager   [EMAIL PROTECTED]

__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

RE: Net::SSLeay and RAND_seed bug? BUG FOUND!

2000-03-16 Thread marcel-za . bucher 

Found the bug myself!
Change ST(1) in SSLeay.xs:2142 to ST(0), this is presumably the id of the 
$buffer parameter...

SSLeay.xs:2142:
-   char * buf = SvPV( ST(1), len);
+   char * buf = SvPV( ST(0), len);

> Hi all
> 
> I've run into a problem with Net::SSLeay::RAND_seed($buf).
> 
> I'm working on WinNT4 with Net::SSLeay 1.05 and OpenSSL 0.9.5.
> (I'll be posting instructions how to get those two to work 
> together on NT as soon as the Net::SSLeay homepage is up again)
> 
> Since OpenSSL 0.9.5 complains when the PRNG is not seeded I'm 
> using RAND_seed to provide some initial data. Because this 
> didn't seem to help while debugging my perl scripts I built 
> debug versions of Net::SSLeay and OpenSSL and tried to track it down. 
> 
> I found that /crypto/rand/rand_lib.c/RAND_seed(const 
> void *buf, int num) ALWAYS gets called with a buffer pointing 
> to the value "*Net::SSLeay::RAND_seed" and num = 23!!! 
> (Except when run in the ActiveState debugger; then the buffer 
> always points to "1" and num=5, which is definetely to 
> few bytes, so OpenSSL complains).
> 
> There seems to be a problem with the interface from 
> Net::SSLeay::RAND_seed() to OpenSSL:RAND_seed(). Does anybody 
> know how to fix this?
> 
> 
> Thanks Marcel
> 
> (PS: Sampo, is there any Net::SSLeay 1.0.6 in the queue?)
> 

__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Net::SSLeay on Linux

1999-12-28 Thread Jason Terry 

Try this to find Net::SSLeay

locate Net/SSLeay.pm


- Original Message - 
From: "Kevsurf" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, December 27, 1999 10:20 AM
Subject: Net::SSLeay on Linux


> Hello,
> 
> I have installed the RPM for Net::SSLeay, and need to
> know what to do next so that I know it is installed.
> 
> Also, how can I use the 'whereis' command to find
> Net::SSLeay?
> 
> I have tried 'whereis Net::SSLeay' and it doesn't
> work.
> 
> I'm running RedHat 6.0
> 
> Any help is appreciated.
> 
> Thanks,
> Kevin
> 
> _
> Do You Yahoo!?
> Get your free @yahoo.com address at http://mail.yahoo.com
> __
> OpenSSL Project http://www.openssl.org
> User Support Mailing List[EMAIL PROTECTED]
> Automated List Manager   [EMAIL PROTECTED]

__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Re: Net::SSLeay (1.05) and Windows NT

1999-09-24 Thread Doug E Courtney 

Ed,
Is it possible for you to summarize the list of fixes that were need
to get Net::SSleay to compile and work on NT. Also are you using the
LWP perl library to to https POSTS

Thanks

Doug

-- 
Doug Courtney
[EMAIL PROTECTED]
(732)576-5572
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

RE: Re: Net::SSLeay (1.05) and Windows NT

1999-09-23 Thread Ed Eddington 

I have successfully installed Net::SSLeay on the picky NT machine now. Here 
is the last fix I had to make to get it to compile (in addition to the 
others posted previously for NT).


nmake error:

SSLeay.c(2508) : error C2440: '=' : cannot convert from 'const char *' to
'char *'
 Conversion loses qualifiers
SSLeay.c(2541) : error C2440: '=' : cannot convert from 'const char *' to
'char *'
 Conversion loses qualifiers

The fix:  (Remove 'const' from variable declaration in SSL.h to match 
ssleay.xs)

SSL.h:

const char  * SSL_get_cipher_list(SSL *s,int n);
->
char  * SSL_get_cipher_list(SSL *s,int n);

const char *SSL_CIPHER_get_name(SSL_CIPHER *c);
->
char *  SSL_CIPHER_get_name(SSL_CIPHER *c);


Ed Eddington


--
From:   Ed Eddington[SMTP:[EMAIL PROTECTED]]
Sent:   Tuesday, September 21, 1999 11:09 AM
To: '[EMAIL PROTECTED]'
Cc: '[EMAIL PROTECTED]'; '[EMAIL PROTECTED]'
Subject:Re: Net::SSLeay (1.05) and Windows NT

I am getting the problem below and was wondering if anyone has found a 
workaround for this on NT. I had to follow all of the other workarounds 
previously posted here (bn.h, ssl.h, rand.h, ssleay.xs...) and saw no fix 
for this one.

Compiling with "nmake -I" gets past this error, but then it never builds a 
"SSLeay.obj" and dies at link.

Using: NT4.0, VC++5.0, nmake version 1.62.7022
Perl 5.005_03 (ActiveState)
OpenSSL-0.9.4
Net::SSL-1.05

Any help would be appreciated.

Ed Eddington
[EMAIL PROTECTED]


> "Miguel Angel Fraga" <[EMAIL PROTECTED]> writes:
>> I got a lot of errors, so after some changes it looks better...
>> but i don't know how to resolve this error message (and i don't
>> know if it is the last one...):
>>
>>  Microsoft (R) 32-bit C/C++ Optimizing Compiler Version 12.00.8168 for 
80x86
>>  Copyright (C) Microsoft Corp 1984-1998. All rights reserved.
>>
>>  SSLeay.c
>>  SSLeay.c(2508) : error C2440: '=' : cannot convert from 'const char *' 
to
>> 'char *'
>> Conversion loses qualifiers
>>  SSLeay.c(2541) : error C2440: '=' : cannot convert from 'const char *' 
to
>> 'char *'
>> Conversion loses qualifiers
>>  NMAKE : fatal error U1077: 'cl.exe' : return code '0x2'
>>  Stop.
>
>This is the same place where gcc warns aboput losing const. The
>warning is not dangerous, I just need to figure out how to get XS
>compiler to pass const qualifier correctly.
>
>In short term, you should look in your compiler's documentation to find
>the flag that allows you to turn this error into just a warning and then
>ignore it. I'm sure there is such a flag in your compiler.
>
>Please let me know what the solution is.
>
>--Sampo

__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: [OpenSSL] Re: Net::SSLeay, mod_perl and mod_ssl

1999-09-23 Thread Sampo Kellomaki 

=?UTF-8?B?UmnEjWFyZGFzIMSMZXBhcw==?= <[EMAIL PROTECTED]> writes:

> --ibTvN161/egqYuK8
> Content-Type: text/plain; charset=UTF-8
> Content-Transfer-Encoding: quoted-printable
> 
> On Tue Sep 21 13:38:24 1999 +
>(Antradienis, 1999 m. rugs=C4=97jo 21 d. 15:38:24 CEST),
>   Sampo Kellomaki wrote:
> 
> > =3D?UTF-8?B?UmnEjWFyZGFzIMSMZXBhcw=3D=3D?=3D <[EMAIL PROTECTED]> writes:
> > > Is it possible to use these things together?
> > > Net::SSLeay works when I start Apache without mod_ssl. With
> > > mod_ssl Apache gives [notice] caught SIGTERM, shutting down
> > > just after startup.
> > > What I need is to retrieve a page from remote https host.
> > > I probably can play with ProxyPass, but maybe there is some more
> > > straight way?
> >=20
> > What you are trying to do is... have https server with a CGI running
> > under mod_perl registry and this CGI needs to use Net::SSLeay.pm?
> >=20
>   It's mod_perl handler, but that is not a problem - Net::SSLeay
> fails to load at all IMHO with mod_ssl.
> 
> > It ought to work, but I've never tested it. There is nothing in the
> > design that should prevent this. Basically Net::SSLeay is as innocent
> > module as can be, just some glue to a C library. That has been done in
> > many other modules and they are known to work well under mod_perl.
> >=20
> > Perhaps you should try first your program as pure CGI (i.e. not under
> > registry of mod_perl). If that works, then try using non i/o (socket)
> > related parts of Net::SSLeay (perhaps just calling some initialization
> > and set up functions).
> >=20
>   It works under mod_perl as well, just without mod_ssl.
> I guess there is some C libraries conflict (?), mod_ssl uses OpenSSL as wel=
> l.

True, both use dynamic linking to do their deed. From what I
understand, as long as they both were compiled against the same
version of a .so this should not be a problem. Never-the-less,
you could try statically linking one of the other.

I'm not exactly a guru with dynamic loading - Ralf, what do you think
about this?

--Sampo

> --=20
> 
>   Ri=C4=8Dardas =C4=8Cepas
> ~~
> ~
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Net::SSLeay 1.03 make_form behaviour

1999-08-03 Thread Sampo Kellomaki 

Ed Eddington <[EMAIL PROTECTED]> writes:
> The problem I noticed was in the "make_form" logic. In creating the 
> key-value pairs for the request, this routine leaves a trailing '=' if the 
> last key has no value. MY code was leaving a trailing '=' already. Then 
> "make_form" added a second trailing '='.
> 
> So, if the string of key-value pairs you pass to "make_form" contains a 
> trailing '=', like this:
> 
> $cgi_string = 'this=that&now=then¬hing='
> 
> Then, "make_form" will leave another '=' at the end, effectively giving 
> you:
> 
> this = 'that'
> now = 'then'
> nothing = '='<- not what I wanted here!

Sorry, but I do not understand what you mean. make_form() never eats
input in format of your $cgi_string, albeit it attempts to produce
that. It eats "hash like" list of name value pairs. If the list has
odd number of elements then the last name is dealt with as having
empty value. Please provide a snippet demonstrating the problem.

> 
> I added the following workaround to my code to hack off any double trailing 
> '=' after doing "make_form"...
> (Perl code follows)
> 
> -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
> sub do_https_post {
>   my $string = make_form ($cgi_string);#correct trailing '=' bug in 

You go wrong here. If you already have your CGI string formatted, you do
not need make_form(). make_form() is precisely used to format cgi strings,
like this:

$cgi_string = make_form('this'=>'that', 'now'=>'then', 'nothing'=>'');

You basically got the right idea on make_headers().
> 
>   ($page, $response, %reply_headers)
>= post_https($server, $port, $uri,
> make_headers(
> 'User-Agent' => $user_agent,
> 'Referer'=> $refer_url,
> 'Authorization' => $credentials,
> ),
> $string
>  );
> }

--Sampo
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Net::SSLeay perl module 1.04 released, supports OpenSSL-0.9.3a FINALLY

1999-08-03 Thread Lars Eggert 

-BEGIN PGP SIGNED MESSAGE-

  sampo> That symbol is supposed to come from libssl.a. Please check with
  sampo> nm. Then verify or experiment with compiler flags to see that it is
  sampo> indeed getting linked. Investigate if this has anything to do with
  sampo> OpenSSL library being dynamically loading.

The problems described in my previous post where due to OpenSSL config picking
gcc as a compiler, while the Net::SSLeay MakeMaker script picks cc/ld to build
things. They don't seem to interact well when building/using shared
libraries. Hand-editing the generated Net::SSLeay Makefile to explicitly use
gcc to build and link made it work on both FreeBSD-2.2.6 and Solaris.

Lars
__
Lars Eggert <[EMAIL PROTECTED]> Information Sciences Institute
http://www.isi.edu/~larse/   University of Southern California

-BEGIN PGP SIGNATURE-
Version: 2.6.2

iQCVAwUBN6dJoNZcnpRveo1xAQH9TgP5AZZrF7mZNfskH3/r+oaFLWGrrw3Z1JUZ
vAfY3qWi7zrWNEjOQi12FXpVyYgqp1GUMtAT9gfjqKvo1OjlZIEM3luPv99AKPMk
S76ZhxPCOIZ9SPcQhXN7W+5XytZELrxfzliwAOGw7/2zZYhOTlmSwVLUNqkmHfLC
Jxgd4se2jEg=
=y4tE
-END PGP SIGNATURE-
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Net::SSLeay perl module 1.04 released, supports OpenSSL-0.9.3a FINALLY

1999-08-03 Thread Sampo Kellomaki 

Lars Eggert <[EMAIL PROTECTED]> writes:

> -BEGIN PGP SIGNED MESSAGE-
> 
>   sampo> I just wrapped a new release. This is quite rough and badly tested
>   sampo> release so if you are in production environment and happy with 1.03,
>   sampo> don't upgrade yet. If on the other hand you have been longing for
>   sampo> OpenSSL-0.9.3a compatibility (i.e. compatibility with latest mod_ssl
>   sampo> and Apache-1.3.6), you should check this release.
> 
> I grabbed Net::SSLeay 1.05 and OpenSSL-0.9.3a. OpenSSL compiled and went
> through the tests fine. Net::SSLeay also compiled fine, but I see the
> following errors during the test run; any ideas on how to fix these?
> 
> On FreeBSD 2.2.6:
> PERL_DL_NONLAZY=1 /usr/local/bin/perl5 -Iblib/arch -Iblib/lib 
>-I/usr/local/lib/perl5/5.00502/i386-freebsd -I/usr/local/lib/perl5/5.00502 test.pl
> 1..16
> Can't load 'blib/arch/auto/Net/SSLeay/SSLeay.so' for module Net::SSLeay: Undefined 
>symbol "_SSL_library_init" in perl5:blib/arch/auto/Net/SSLeay/SSLeay.so at 
>/usr/local/lib/perl5/5.00502/i386-freebsd/DynaLoader.pm line 168.

That symbol is supposed to come from libssl.a. Please check with
nm. Then verify or experiment with compiler flags to see that it is
indeed getting linked. Investigate if this has anything to do with
OpenSSL library being dynamically loading.

Regarding your platform, I'm a bit unfamiliar with linkin on *BSD
platforms. Can you explain why the symbol has an underscore in front
of it? On Linux it does not.

> On Solaris-5.1
> PERL_DL_NONLAZY=1 /local/bin/perl5 -I./blib/arch -I./blib/lib 
>-I/local/perl5.004_04/lib/sun4-solaris/5.00404 -I/local/perl5.004_04/lib test.pl
> 1..16
> Can't load './blib/arch/auto/Net/SSLeay/SSLeay.so' for module Net::SSLeay: ld.so.1: 
>/local/bin/perl5: fatal: relocation error: file 
>./blib/arch/auto/Net/SSLeay/SSLeay.so: symbol __umoddi3: referenced symbol not found 
>at /local/perl5.004_04/lib/sun4-solaris/5.00404/DynaLoader.pm line 166.

I believe this error has the same roots as the one on FreeBSD, its
just random hashing that link fails first with umoddi3. Wait a
second...  to me it seems that __umoddi3 is supposed to come from libc
(on Linux anyway, other candidate could be some compiler specific
runtime library).

--Sampo
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Net::SSLeay (1.05) and Windows NT

1999-08-03 Thread Sampo Kellomaki 

"Miguel Angel Fraga" <[EMAIL PROTECTED]> writes:
> I got a lot of errors, so after some changes it looks better...
> but i don't know how to resolve this error message (and i don't
> know if it is the last one...):
> 
>  Microsoft (R) 32-bit C/C++ Optimizing Compiler Version 12.00.8168 for 80x86
>  Copyright (C) Microsoft Corp 1984-1998. All rights reserved.
> 
>  SSLeay.c
>  SSLeay.c(2508) : error C2440: '=' : cannot convert from 'const char *' to
> 'char *'
> Conversion loses qualifiers
>  SSLeay.c(2541) : error C2440: '=' : cannot convert from 'const char *' to
> 'char *'
> Conversion loses qualifiers
>  NMAKE : fatal error U1077: 'cl.exe' : return code '0x2'
>  Stop.

This is the same place where gcc warns aboput losing const. The
warning is not dangerous, I just need to figure out how to get XS
compiler to pass const qualifier correctly.

In short term, you should look in your compiler's documentation to find
the flag that allows you to turn this error into just a warning and then
ignore it. I'm sure there is such a flag in your compiler.

Please let me know what the solution is. 

--Sampo
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Net::SSLeay perl module 1.04 released, supports OpenSSL-0.9.3a FINALLY

1999-08-02 Thread Lars Eggert 

-BEGIN PGP SIGNED MESSAGE-

  sampo> I just wrapped a new release. This is quite rough and badly tested
  sampo> release so if you are in production environment and happy with 1.03,
  sampo> don't upgrade yet. If on the other hand you have been longing for
  sampo> OpenSSL-0.9.3a compatibility (i.e. compatibility with latest mod_ssl
  sampo> and Apache-1.3.6), you should check this release.

I grabbed Net::SSLeay 1.05 and OpenSSL-0.9.3a. OpenSSL compiled and went
through the tests fine. Net::SSLeay also compiled fine, but I see the
following errors during the test run; any ideas on how to fix these?

On FreeBSD 2.2.6:
PERL_DL_NONLAZY=1 /usr/local/bin/perl5 -Iblib/arch -Iblib/lib 
-I/usr/local/lib/perl5/5.00502/i386-freebsd -I/usr/local/lib/perl5/5.00502 test.pl
1..16
Can't load 'blib/arch/auto/Net/SSLeay/SSLeay.so' for module Net::SSLeay: Undefined 
symbol "_SSL_library_init" in perl5:blib/arch/auto/Net/SSLeay/SSLeay.so at 
/usr/local/lib/perl5/5.00502/i386-freebsd/DynaLoader.pm line 168.

 at test.pl line 17
BEGIN failed--compilation aborted at test.pl line 17.
not ok 1
*** Error code 2

Stop.
Exit 1


On Solaris-5.1
PERL_DL_NONLAZY=1 /local/bin/perl5 -I./blib/arch -I./blib/lib 
-I/local/perl5.004_04/lib/sun4-solaris/5.00404 -I/local/perl5.004_04/lib test.pl
1..16
Can't load './blib/arch/auto/Net/SSLeay/SSLeay.so' for module Net::SSLeay: ld.so.1: 
/local/bin/perl5: fatal: relocation error: file ./blib/arch/auto/Net/SSLeay/SSLeay.so: 
symbol __umoddi3: referenced symbol not found at 
/local/perl5.004_04/lib/sun4-solaris/5.00404/DynaLoader.pm line 166.

 at test.pl line 17
BEGIN failed--compilation aborted at test.pl line 17.
not ok 1
make: *** [test_dynamic] Error 2
Exit 2

Lars
__
Lars Eggert <[EMAIL PROTECTED]> Information Sciences Institute
http://www.isi.edu/~larse/   University of Southern California

-BEGIN PGP SIGNATURE-
Version: 2.6.2

iQCVAwUBN6X81tZcnpRveo1xAQHFNAQAtHHf2y/nCo4H6h8HTUIACefMnkC8DSQP
QZdYuqwZYg+hPmZM7s7aNmxJ/xPN1Z/Vf/T0vuVuvmfE07EJiSWy9fxqm4RShwWb
Aq9ofS+Kc89tXRSAQkMMWnu/kvCndjgI0oS76823RP8f8AbLuBmEm9SWNjAd/rw2
AJzWCfEHoNA=
=ArNN
-END PGP SIGNATURE-
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: NET::SSLeay for NT

1999-05-13 Thread Dave Clark 

At 05:52 PM 05/12/1999 , Fariba wrote:
>Hello,
>
>I need to install SSLeay on NT server.  I have download the version of
>openSSL1_0.9.1c and trying to compile it for NT in VC++. I was hoping to get
>some feedback from anyone who has done this process.

I was able to build OpenSSL 0.9.2b on NT server 4.0 using VC++ 5.0,
without a problem.  I just followed the instructions in Install.w32.
What problems are you having?
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Net::SSLeay - missing tmp rsa key

1999-03-31 Thread CJ Holmes 

>ssl accept: () 21782: 1 - error:1409B0AC:SSL
>routines:SSL3_SEND_SERVER_KEY_EXCHANGE:missing tmp rsa key
>
>Has anyone gotten this script to run? Does anyone know what "missing tmp
>rsa key means?". Is this missing from netscape's end or from Net::SSLeay's
>end?

I haven't run that script, but I know what the error means.  It means that
your browser only supports "exportable" encryption and SSL doesn't have a
lowered-strength RSA key to use to establish the session.  Hopefully, there
is something to configure in the script to allow exportable ciphers that
will, in turn, generate an exportable RSA temporary key and add it to the
context.

I don't know how the perl bindings work with OpenSSL, but the right thing
to do in C is:

RSA *exportKey = NULL;
exportKey = RSA_generate_key(512, 3, NULL, 0);
if(exportKey)
SSL_CTX_set_tmp_rsa(sslctx,exportKey);


cjh
<<<>>>
CJ Holmes   It is completely configurable -
StarNineyou just can't change the settings.
Senior Software Engineer


__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]