OpenSSL will do networking for you only if the underlying BIO is a
socket.
The data source/sink for OpenSSL can be anything you choose. The library
comes with a few BIO implementations and if none suit your purpose, then
writing a BIO should not be very difficult as the BIO functions and
their in
Hi,
Openssl doesnot have support for client-side session
management. There is no concept of a client cache. It's
totally upto the client to manage/store/re-use the sessions.
To re-use a session, you must use 'SSL_get_session(ssl)'
to retrieve the session from the current SSL structur
Hi,
> SSL_use_certificate_file(ssl, "client.pem", SSL_FILETYPE_PEM)
> SSL_use_PrivateKey_file(ssl, "client.pem", SSL_FILETYPE_PEM)
It could be that the above certificate file loading itself failed.
Meaning the path could be incorrect or maybe some other problem
with the format. Check the retur
Hi,
I am using openssl-0.9.5a(13th May snapshot). I am using
callbacks for temp key generation. In the callback, I check the
if isExport flag and if true, I return a key of length specified
by the keylength parameter.
Now my question. Here is some code from s3_srvr.c that is
used in the key
Yes certainly !
Raaj Krissna wrote:
>Later i came to know that if anybody wants to
> form the communication between the client and server
> then the server must send the certificate to the
> client.
No, not really ! You can use SSL in anonymous mode. In
this mode, you use ciphers which donot r
Hi,
My earlier version seemed to be somewhat buggy. Sorry.
Here is a fixed one :). I changed WANT_WRITE case to do
SSL_read again. As I undertsand SSL_read can result in
WANT_WRITE meaning it wants to write something but failed
(due to an underlying wouldblock maybe).
A simple solution woul
Hi,
I think the problem is that you never waited on a close
event and you did not check error code SSL_ERROR_ZERO_RETURN
which signals connection termination. Besides the structure
of your code too didnt look very clean. I have code below
which I feel should work fine.
You need not really w
Hi,
I have been using the OpenSSL package for about 3 months now.
I have a licence from RSA for BSAFE SSL-C, but it didnot provide all
the functionalities
(like crypto, etc) and inspite of it being a packaged product,
documentation was minimal and
pathetic at best. This is what drove me to Ope
If you have perl for WIN32 you can use perldoc to
view these files.
You can also convert them to html using pod2html that
comes with perl.
Amit.
"Hellan,Kim KHE" wrote:
>
> Hi
>
> I'm looking for a way to read the manual files in the Doc directory
> correctly.
> All the files in the Doc directo
Hi,
This is a more concise version of my earlier posts on the same
matter.
When my app comes up I create a pool of SSL structures (using
SSL_new)that I
intend to reuse for the connections as follows:
SSL_clear(ssl);
SSL_set_accept_state(ssl);
SSL_set_fd(ssl,client);
I do this before accepting
; That URL comes up 404 - but the server is OK
> I am interested in the data - can you forward a
> working URL?
>
> Thanks!
>
> -Original Message-
> From: Amit Chopra [mailto:[EMAIL PROTECTED]]
> Sent: Monday, May 08, 2000 6:08 AM
> To: [EMAIL PROTECTED]
&g
es anyone know what I might be doing wrong when I reuse the SSL
structures ?
(I still use 0.9.4.)
Thanks,
Amit.
Amit Chopra wrote:
>
> Hi All,
>I am facing a problem accepting SSL connections. I have a simple
> multi-threaded SSL web server. For test purposes I have also written
fusion, as in the "early days" a number of groups created their
> own OID's for the same standard/common things. Peter Gutmann can give song
> and dance in great detail on this. :)
> /r$
>
> -Original Message-
> From: Amit Chopra [mailto:[EMAIL PROTE
Hi All,
I am facing a problem accepting SSL connections. I have a simple
multi-threaded SSL web server. For test purposes I have also written
a simple SSL client.
When I open an instance of IE (5.0) or Navigator(4.7),the browser
opens multiple connections with my server (one for each URI)
The people at Tokyo Institute of Technology have done some performance
maesurements. Their document might be of use to you.
http://maruyama-www.cs.titech.ac.jp/~maruyama/papers/specwebssl/
Amit.
Douglas Lee wrote:
>
> Does anyone know what the protocol overhead is or how I can calculate it?
>
Hi,
I was going through the openssl.cnf file and there was a directive for
Object Identifers section. I went through the openssl docs but didn't
get much info. Eventually I found myself reading RFC 2459 (Certificate
and CRL Profile).There i found many strings like the following.
An algorithm id
Hi,
I have noticed a couple of memory leaks. I am pasting parts of the
purify call stack.
I am using openssl-0.9.4. How can I get rid of these leaks ? Is there a
cleanup function?
Purify stack :
[W] MLK: Memory leak of 332 bytes from 1 block allocated in
CRYPTO_malloc
Distribution
Hi,
I have a memory leak problem. The stack of CA certs that I create in
the following fashion leaks when my application terminates.
if ( (s_pSkCAList = SSLInitFindCAList(
(LPCSTR)m_szCertificateAuthorityFile) ) == NULL )
{
DEBUGMSG("Setup (%s): Unable to determine list of available CA
c
Hi,
You can take a look at the s_server and s_client sources to find out how they
communicate. I did that myself and its pretty neat.
Good luck.
Amit.
pgold wrote:
> X-EXP32-SerialNo: 2917
> Sender: [EMAIL PROTECTED]
> Precedence: bulk
> Reply-To: [EMAIL PROTECTED]
> X-Sender: pgold <[EMA
Hi,
Has anybody got acces violations when doin SSL_read. I come across
them pretty regularly, but they are difficult to debug because they
happen randomly when servicing hundreds of connections.
A second question was about the counterpart to SSL_library_init(). Is
there a deinit function? I
Amit.
Amit Chopra wrote:
> Hi,
>I just switched to using openssl-0.9.5a-beta2 with my application
> (from openssl-0.9.4). I followed the instructions for a Win32 build.
> Specifically I did the followin:
> 1. > perl Congifure VC-WIN32
> 2. > ms/do_masm
> 3. >n
Hi,
I just switched to using openssl-0.9.5a-beta2 with my application
(from openssl-0.9.4). I followed the instructions for a Win32 build.
Specifically I did the followin:
1. > perl Congifure VC-WIN32
2. > ms/do_masm
3. >nmake -f ms/ntdll.mak
It built the libraries and the openssl applications
only?
I mean whats the difference between signing and encrypting (when both use some private
key)??
It might be pretty obvious, might really I fail to see it. If anybody could help me
with this, I'd be glad :)
Thanks,
Amit Chopra.
-Original Message-
From: Ulf Moller [S
Hi,
OpenSSL provides all crpyto stuff, cert stuff and SSL stuff packaged in one big
package.
But if I were using RSA SSL-C kit and I would have to crypto stuff like key generation
would I need their Crypto-C kit too?? Would I need the entire entire RSA BSAFE toolkit
to have something similar t
params are hard quoted in the code.So if the server is not started
again, the same
RSA keys are used for each connection served and the Dh params are never changed. Is
this safe??
Shouldn't we generate a new pair of RSA keys in the callback that sets RSA keys.
Thanks,
Amit Chopra.
PSPL,
25 matches
Mail list logo