use SSL_read in parts

Hi I am using non blocking socket I am receiving on the SSL socket a buffer of size 200 bytes. The way I read this buffer is first I read 10 bytes using SSL_read(ssl, buf, 10), and then I want to read the rest of the buffer. The problem I see is that using select to find out if there is data in

RE: OpenSSL 1.0.0 beta5 release v. VMS

Hello, Also if it is not too late, it would be nice to add 32 at the end of the sharable images if the are build with 32 bits pointer size (64 is the default). I mean to have like this: LIBCRYPTO32.OLB;1 LIBSSL32.OLB;1 LIBCRYPTO.OLB;1 LIBSSL.OLB;1 SSL_LIBCRYPTO_SHR32.EXE;1

RE: use SSL_read in parts

Take a look at the SSL_peek() function. *** Doug Fajardo -Original Message- From: owner-openssl-...@openssl.org [mailto:owner-openssl-...@openssl.org] On Behalf Of oavitzur Sent: Tuesday, February 16, 2010 8:52 AM To: openssl-dev@openssl.org Subject: use SSL_read in parts Hi I am using

[openssl.org #2173] [enhancement request] -showcerts option to always show certificates

Hi, I'm trying to diagnose a problem with a SSL server. I'm using s_client to attempt to investigate further. My initial investigation was to obtain the list of certificates the server is supplying. From reading the documentation, I had thought that the showcerts option would do this.

[openssl.org #2174] SSL_CTX_new SSL_OP_LEGACY_SERVER_CONNECT may clear previously set option

Hi! SSL_CTX_new currently contains: /* Setup RFC4507 ticket keys */ if ((RAND_pseudo_bytes(ret-tlsext_tick_key_name, 16) = 0) || (RAND_bytes(ret-tlsext_tick_hmac_key, 16) = 0) || (RAND_bytes(ret-tlsext_tick_aes_key, 16) = 0)) ret-options |= SSL_OP_NO_TICKET;

when does RAND_pseudo_bytes() return 0?

According to http://www.openssl.org/docs/crypto/RAND_bytes.html, RAND_bytes() returns 1 on success, 0 otherwise. The error code can be obtained by ERR_get_error(3). RAND_pseudo_bytes() returns 1 if the bytes generated are cryptographically strong, 0 otherwise. Both functions return -1 if they are

Re: [openssl.org #2174] SSL_CTX_new SSL_OP_LEGACY_SERVER_CONNECT may clear previously set option

I think that line should be ret-options |= SSL_OP_LEGACY_SERVER_CONNECT;, not simply an =. -Kyle H On Wed, Feb 17, 2010 at 10:03 AM, Tomas Hoger via RT r...@openssl.org wrote: Hi! SSL_CTX_new currently contains:    /* Setup RFC4507 ticket keys */    if

[openssl.org #2174] SSL_CTX_new SSL_OP_LEGACY_SERVER_CONNECT may clear previously set option

[tho...@redhat.com - Wed Feb 17 19:03:12 2010]: Hi! SSL_CTX_new currently contains: /* Setup RFC4507 ticket keys */ if ((RAND_pseudo_bytes(ret-tlsext_tick_key_name, 16) = 0) || (RAND_bytes(ret-tlsext_tick_hmac_key, 16) = 0) ||

Re: when does RAND_pseudo_bytes() return 0?

Hi, If you are not using an engine, then pseudorand is implemented in md_rand.c : function ssleay_rand_pseudo_bytes (line 524). Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr On 2/17/2010 8:10 PM, Thomas Anderson wrote: According tohttp://www.openssl.org/docs/crypto/RAND_bytes.html,

Re: when does RAND_pseudo_bytes() return 0?

ssleay_rand_pseudo_bytes(): /* pseudo-random bytes that are guaranteed to be unique but not unpredictable */ static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num) { int ret; unsigned long err; ret = RAND_bytes(buf, num); if (ret == 0)