> Shashank Khanvilkar wrote:
> > Yes.. i did use SSLdump, with the private RSA key to capture the trace.
> > Below is the command that i used.
> > /usr/local/sbin/ssldump -i eth0 -A -d -X -k
$HOME/certificates/client.pem
> > port
> >
> > I think ssldump has no option to dump the application
Shashank Khanvilkar wrote:
Yes.. i did use SSLdump, with the private RSA key to capture the trace.
Below is the command that i used.
/usr/local/sbin/ssldump -i eth0 -A -d -X -k $HOME/certificates/client.pem
port
I think ssldump has no option to dump the application data in hex.. but I
will che
>
> If you have access to the private RSA key, than you can get ssldump to
> decrypt the application data, see the ssldump man page for more
information.
> Ciao,
Yes.. i did use SSLdump, with the private RSA key to capture the trace.
Below is the command that i used.
/usr/local/sbin/ssldump -i et
Application: OpenLDAP 2.1.22
System: Solaris 8
Library: OpenSSL 0.9.7b
During the shutdown of a TLS|SSL connection to an
OpenLDAP 2.1.22 a SEGV fault occurs in the standard
Sun malloc(3C) library's realfree() internal function.
This looks like general memory corruption and I'm
looking in all dire
Shashank Khanvilkar wrote:
Hi,
I don't know how to exactly describe my problem, but I will try my best with
the help of a packet trace.
Below is a trace of an SSL session. As seen from this, when the handshake is
complete, and i send an applicaion data of 128 bytes, why do i get
two record layer pa
Hi,
I don't know how to exactly describe my problem, but I will try my best with
the help of a packet trace.
Below is a trace of an SSL session. As seen from this, when the handshake is
complete, and i send an applicaion data of 128 bytes, why do i get
two record layer packet, instead of just one.
On Mon, Jul 21, 2003, Jue (Jacky) Shu wrote:
> Thank you, Chris.
> Yes, that's what I want to do. But I have to use SSL_accept instead of accept,
> and peer's ip address is dynamic. Can I get peer's ip address from SSL
> connection?
You can get the underlying socket fd from the relevant socket B
Jue (Jacky) Shu wrote:
Yes, that's what I want to do. But I have to use SSL_accept instead of accept,
and peer's ip address is dynamic. Can I get peer's ip address from SSL
connection?
Normally one makes first an accept and then an SSL_accept. After the
accept you can proceed as described by Chri
Thank you, Chris.
Yes, that's what I want to do. But I have to use SSL_accept instead of accept,
and peer's ip address is dynamic. Can I get peer's ip address from SSL
connection?
Thank you again.
Jacky
Quoting Christopher Fowler <[EMAIL PROTECTED]>:
> In reading his orignal email, I made the a
On Mon, 21 Jul 2003 11:58:43 +0100, "steve thornton" wrote:
>
> This is pretty standard - if I understand you correctly, you mean that you
> have a client that keeps a pool of sockets connected to a particular server.
> You just need to implement some way of storing the session ids from the
> han
In reading his orignal email, I made the assumption that he just
wanted to get the hostname + domain of the peer that conencted. To
mae the logical choice was to get the peers IP address from the socket
data and then do a lookup on that IP Address. Maybe another method will work?
On Mon, Jul 21
On Mon, Jul 21, 2003 at 12:20:05PM -0400, Christopher Fowler wrote:
> There is no functino in OpenSSL I beleive that does such a thing.
>
> What you need to do is get the sockaddr sin_addr data from the accept()
> function. At that point you have a IP Address. Use gethostbyaddr() to convert
> th
On Mon, Jul 21, 2003 at 12:12:49PM -0400, Jue (Jacky) Shu wrote:
> hi all,
>
> maybe it is not a SSL question. I want to make post-connection assertion to
> prevent man-in-the-middle attack. But I don't know how to get FQDN of the
> peer side(Not from peer's certificate, it must be other side's r
There is no functino in OpenSSL I beleive that does such a thing.
What you need to do is get the sockaddr sin_addr data from the accept()
function. At that point you have a IP Address. Use gethostbyaddr() to convert
that IP into a FQDN. You can then verify that the FQDN of the host matches
that
hi all,
maybe it is not a SSL question. I want to make post-connection assertion to
prevent man-in-the-middle attack. But I don't know how to get FQDN of the
peer side(Not from peer's certificate, it must be other side's real address).
Is there any socket fucntion to get peer's FQDN?
thank you in
On Mon, Jul 21, 2003, Markus Lorch wrote:
> Hi,
>
> I frequently have trouble finding function definitions in the crypt
> library
> e.g. this time I need to take a look at d2i_X509 (e.g. as used by
> PEM_read_X509
> to reference the conversion function)
>
> I've done a "grep -r "d2i_X509" * on
http://www.openssl.org/support/faq.html#PROG2
On Mon, Jul 21, 2003 at 03:36:07PM +0100, Andrew Marlow wrote:
> [EMAIL PROTECTED] writes:
> >On Mon, Jul 21, 2003, Andrew Marlow wrote:
> >> I am using openssl-0.9.7b on Windoze with the Visual Studio v6 compiler
> >> and have found a strange problem.
[EMAIL PROTECTED] writes:
>On Mon, Jul 21, 2003, Andrew Marlow wrote:
>> I am using openssl-0.9.7b on Windoze with the Visual Studio v6 compiler
>> and have found a strange problem.
[ strange problem snipped ]
>Only thing I can immediately think of is that ZLIB might not be compiled
>to use the sa
Hi
I would like to try and reduce the size of the ASN.1 database, but am not
sure how the various files work together - I see that there is a perl script
to generate the necessary files, but I'm not too clear how this works. Can
anybody help me out on how to edit and regenerate this?
Many thanks
Hi,
I frequently have trouble finding function definitions in the crypt
library
e.g. this time I need to take a look at d2i_X509 (e.g. as used by
PEM_read_X509
to reference the conversion function)
I've done a "grep -r "d2i_X509" * on the whole crypt source but can't
seem to find the function de
On Mon, Jul 21, 2003, Andrew Marlow wrote:
> Guys,
>
> I am using openssl-0.9.7b on Windoze with the Visual Studio v6 compiler
> and have found a strange problem. Maybe someone has some idea what is
> going wrong. It looks like my program gets some sort of corruption on
> returning from SSL_write
Guys,
I am using openssl-0.9.7b on Windoze with the Visual Studio v6 compiler
and have found a strange problem. Maybe someone has some idea what is
going wrong. It looks like my program gets some sort of corruption on
returning from SSL_write coz VS says that a C++ exception has been thrown.
Clear
> -Message d'origine-
> De : [EMAIL PROTECTED]
[mailto:owner-openssl->[EMAIL PROTECTED] De la part de Dr. Stephen Henson
>Envoyé : lundi 21 juillet 2003 13:29
>À : [EMAIL PROTECTED]
>Objet : Re: openssl 0.9.8 with VisualStudio2003
>
>On Fri, Jul 18, 2003, rangeos wrote:
>
>>
>>
>>
>>
On Fri, Jul 18, 2003, rangeos wrote:
>
>
>
>
> Hi,
>
>
>
> I have made a soft which work fine with openssl-0.9.7-stable-SNAP-20030718,
> but when I try to compile my soft using VisualStudio2003 with
> openssl-SNAP-20030718 I get the following message :
>
>
>
> d:\Mes Documents\Progra
On Sun, Jul 20, 2003, Leonard R Smith II wrote:
>
> To all,
> I have a cert that is signed by verisign. Its works find with
> openssl-0.9.6e that I compiled. The openssl verify command works and tells
> me that that cert is okay and most of the ssl clients I used recognize it.
>
> Ho
This is pretty standard - if I understand you correctly, you mean that you
have a client that keeps a pool of sockets connected to a particular server.
You just need to implement some way of storing the session ids from the
handshake using say SSL_get1_session (), and then setting these back ito
t
26 matches
Mail list logo