2014-09-09 10:46 GMT+02:00 Richard Levitte rich...@levitte.org:
And of course, I noticed this email after sending my own... sorry.
:)
Thanks a lot.
--
Iñaki Baz Castillo
i...@aliax.net
__
OpenSSL Project
namespaces are of little help.
Thanks a lot.
--
Iñaki Baz Castillo
i...@aliax.net
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated
{
#include openssl/foo.h
}
- And then in myproject.cpp I write:
p = (char*)malloc(sizeof(char) * 100);
Would this produce the malloc not found, may be you mean
'myproject::malloc'? error?
PS: Note that I do NOT include sdtlib.h in myproject.*.
--
Iñaki Baz Castillo
i...@aliax.net
The (bad) idea of using C++ namespaces was just targered for those
integrating OpenSSL into their own C++ projects.
El 09/09/2014 20:39, Larry Bugbee bug...@seanet.com escribió:
In the FWIW column
Please don't mangle names by forcing C++ namespaces. Some us call OpenSSL
from Python (and
, but the project
announces this feature and encourages people to enable it and update
their projects.
- At some time the option becomes enabled by default.
--
Iñaki Baz Castillo
i...@aliax.net
__
OpenSSL Project
don't like to see so many global C symbols
in it. As I said before, in my case I integrate openssl and libsrtp C
libraries into my C++ project. It 's annoying for me to see that the
macro SRTP_PROTECTION_PROFILE (which I need in my project) is defined
by openssl rather than libsrtp.
--
Iñaki Baz
projects relying
on OpenSSL should be adapted at some time, otherwise OpenSSL may
provide backward compatibility updates (as it does now). But at some
point bugs must be fixed and, IMHO, the namespace/prefix pollution of
OpenSSL is a bug.
--
Iñaki Baz Castillo
i...@aliax.net
= BIO_get_mem_data(sslBioToNetwork, data);
// Emtpy the BIO buffer data, HOW?
// Use the read data
---
But I do not know how to empty the already read BIO buffer data.
BIO_flush() does nothing.
How may I do this?
Thanks a lot.
--
Iñaki Baz Castillo
i
2014-09-08 14:44 GMT+02:00 Iñaki Baz Castillo i...@aliax.net:
--
int read = BIO_read(sslBioToNetwork, (void*)myBuffer, MY_BUFFER_SIZE);
// Use the read data
--
with something like
and the data is already in there after
calling SSL_write(). Why do I need to pass an allocated buffer?
Thanks a lot.
--
Iñaki Baz Castillo
i...@aliax.net
__
OpenSSL Project http://www.openssl.org
User
2014-09-08 18:19 GMT+02:00 Iñaki Baz Castillo i...@aliax.net:
This works fine:
---
long read;
// myBuffer is an already allocated buffer.
char** data = (char**)myBuffer;
read = BIO_get_mem_data(bio, data);
// Use data and read values.
BIO_reset(bio
.
-
Thanks a lot.
--
Iñaki Baz Castillo
i...@aliax.net
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List
is also affecting to any other
include within the openssl header file.
--
Iñaki Baz Castillo
i...@aliax.net
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl
, then measure your code if you need.
--
Iñaki Baz Castillo
i...@aliax.net
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List
/joyent/libuv/
--
Iñaki Baz Castillo
i...@aliax.net
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager
19:34 GMT+02:00 Iñaki Baz Castillo i...@aliax.net:
Hi,
I've a SSL in DTLS mode. Previously in its SSL_CTX I set the
SSL_MODE_ENABLE_PARTIAL_WRITE option to enable SSL_write() to return
less than the given data length.
It does not work. I call SSL_write() by passing a very long data
(65536
Found it, and mail sent to r...@openssl.org.
2014-08-31 14:34 GMT+02:00 Iñaki Baz Castillo i...@aliax.net:
It is sad to know that this question will never be replied by the
OpenSSL developers. May I know what I should do? I am not sure whether
this is a bug or not, should I report it as a bug
point. However I do not know too much about SCTP over
DTLS. Does it impose a fixed SCTP packet size so it must fit into a
UDP datagram?
--
Iñaki Baz Castillo
i...@aliax.net
__
OpenSSL Project http
together. They usually fit
into a single UDP datagram, but in case they do not I have no idea on
how to get separate DTLS records in order to send them separately in
different UDP datagrams.
--
Iñaki Baz Castillo
i...@aliax.net
missing something?
Thanks a lot.
--
Iñaki Baz Castillo
i...@aliax.net
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List
at server side.
Thanks a lot.
--
Iñaki Baz Castillo
i...@aliax.net
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager
Baz Castillo
i...@aliax.net
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord
the doc example will NEVER be fixed, am I right?
--
Iñaki Baz Castillo
i...@aliax.net
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
...@openssl.org makes sense -- it doesn't look as if this has been reported
before.
Bodo
--
Iñaki Baz Castillo
i...@aliax.net
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
Baz Castillo
i...@aliax.net
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord
it into the callback and the
return code of SSL_read() ?
--
Iñaki Baz Castillo
i...@aliax.net
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users
the same SSL_CTX or in case session cache is
used, but what about in my usecase?
Thanks a lot.
--
Iñaki Baz Castillo
i...@aliax.net
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
.
--
Iñaki Baz Castillo
i...@aliax.net
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager
don't set a custom buffer (this
is, I do not call to BIO_set_mem_buf(), then the internal buffer of my
BIO will be freed when I call free(my_bio)?
Thanks a lot.
[*] http://linux.die.net/man/3/bio_s_mem
--
Iñaki Baz Castillo
i...@aliax.net
should use BIO_free.
Yes sorry, it was a typo in my text.
As
long as you do that and as long as you haven't called BIO_set_close with
BIO_NOCLOSE (or BIO_set_mem_buf as above), then the internal buffer will
be freed.
Thanks to both. It is clear now.
Thanks!
--
Iñaki Baz Castillo
i
application data?
Of course I could use a static buffer for that purpose. Just wondering.
Thanks a lot.
--
Iñaki Baz Castillo
i...@aliax.net
__
OpenSSL Project http://www.openssl.org
User Support
May somebody please answer this question? The documentation is
confusing and contradictory, and the issue is important (memory leak
or crash if the bad choice is made).
Thanks.
2014-07-15 14:01 GMT+02:00 Iñaki Baz Castillo i...@aliax.net:
Hi, I'm a bit confused about how to free a BIO pair
in the documentation is really wrong and may
cause a crash, right? I mean the BIO_free(network_bio); line at the
end.
--
Iñaki Baz Castillo
i...@aliax.net
__
OpenSSL Project http://www.openssl.org
a lot.
--
Iñaki Baz Castillo
i...@aliax.net
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager
GMT+02:00 Iñaki Baz Castillo i...@aliax.net:
Hi, I'm a bit confused about how to free a BIO pair associated to a SSL.
The doc at https://www.openssl.org/docs/crypto/BIO_s_bio.html clearly says:
Both halves of a BIO pair should be freed. That is even if one half
can I get the PEM string of the client's certificate(s)?
Thanks a lot.
--
Iñaki Baz Castillo
i...@aliax.net
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
012/2/16 Iñaki Baz Castillo i...@aliax.net:
Hi, after the SSL/TLS handshake from a client I want to get the
client's certificate(s) in PEM format (so I get a string I can print
somewhere).
So I do:
X509 *client_cert;
if ((client_cert = SSL_get_peer_certificate(ssl))) {
# Printf got
the length of the resulting PEM format
in order to malloc for the char pointer.
I will check the memory BIO handle.
Thanks a lot.
--
Iñaki Baz Castillo
i...@aliax.net
__
OpenSSL Project http
, client_PEM_string);
}
--
Iñaki Baz Castillo
i...@aliax.net
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager
2012/2/16 Iñaki Baz Castillo i...@aliax.net:
However I've already got it:
X509 *client_X509;
unsigned char client_PEM_string[10*1024];
size_t client_PEM_string_len = sizeof(client_PEM_string);
BIO *bio;
int res;
if ((client_X509 = SSL_get_peer_certificate(ctx
2012/2/16 Iñaki Baz Castillo i...@aliax.net:
Now I've realized that in case the client presents a chain of public
certificates (rather than a single certificate) the function
SSL_get_peer_certificate (or maybe the functions PEM_write_bio_X509 or
BIO_read) just takes the first certificate
2012/2/16 Iñaki Baz Castillo i...@aliax.net:
As far as I see, SSL_get_peer_cert_chain(ssl) does never return NULL,
regardless the client presented a single certificate, a certificate +
chain of certificates, or no certificate at all. Am I miss something?
SSL_get_peer_cert(ssl) does return NULL
42 matches
Mail list logo