Re: trying to add SSL to a web client

1999-09-07 Thread Bodo Moeller 

On Mon, Sep 06, 1999 at 08:07:59PM -0700, Jef Poskanzer wrote:

 [...]  When I run it, the SSL_connect() always returns -1.

Probably it's a non-blocking socket?  Either switch to blocking I/O if
that is appropriate, or browse the openssl-dev mailing list archives
for information on how to use non-blocking I/O correctly.
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: OpenSSL + Macintosh-- Submitting Changes?

1999-09-07 Thread Andy Polyakov 

   They are, of course, in a funky Mac-specific
   format (goofy data/resource fork), so it's easiest if I send them as an
   encoded archive (.sit.hqx, if that means anything to anyone).
  Absolutely! It's no problem at all!
 
 Is it possible to deStuff on a PC at all?
Define "a PC." Windows? Not that I know of... Unix? There is unstuffit
in CAP60 contrib directory. Never tried it myself... You should also
know that in a sense it's CAP specific as it manages those resource fork
and finder info (signature) in a CAP specific way so that it looks right
when a Mac mounts a CAP volume. But on the other hand why would you like
to do that at all? It's only really Mac specific files (project files,
Makefiles' equivalent) that will be finally provided as .sit.hqx.

Andy.
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: ocsp in openssl

1999-09-07 Thread Sven Hansen 

Hi all,

   
   Name: ocsp.tar
ocsp.tar   Type: Unix Tape Archive (application/x-tar)
   Encoding: base64
Description: OpenSSL patch implementing PKIX OCSP ASN.1.

Is there a recent version available for 0.9.4?
And when it will be integrated into openssl?

-- 
  _,
Regards, (_
 ,_)ven Hansen.

+---+
| Sven Hansen Celo Communications GmbH  |
| Dipl.-Chem. Weissenfelser Strasse 46a |
| Senior Software EngineerD-06217 Merseburg | 
| mailto:[EMAIL PROTECTED]http://www.celocom.de |
| Phone: +49 (0)3461/3318-24  Fax: +49 (0)3461/415072   |
+---+
Unix _IS_ user friendly - 
  it's just selective about who its friends are !
 S/MIME Cryptographic Signature

RE: ocsp in openssl

1999-09-07 Thread Salz, Rich 

Tom is no longer at CertCo.

Because of the US export regulations we cannot help
with this.  We wish it were otherwise.
/r$
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

apps minor bug fixes patch (s_time.c and speed.c)

1999-09-07 Thread Lennart Bång 

Hola,

I am running quick tests on all the apps for my OpenSSL port.

Two minor fixes (one in s_time.c and one in speed.c).

/Lennart Bang
[EMAIL PROTECTED]

===
--- modapps/s_time.cThu Sep  2 13:17:45 1999
+++ apps/s_time.c   Tue Sep  7 17:12:27 1999
@@ -253,7 +253,6 @@
 #endif

apps_startup();
-   s_time_init();

if (bio_err == NULL)
bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
@@ -410,6 +409,8 @@
int ret=1,i;
MS_STATIC char buf[1024*8];
int ver;
+
+   s_time_init();

 #if !defined(NO_SSL2)  !defined(NO_SSL3)
s_time_meth=SSLv23_client_method();
===
--- modapps/speed.c Thu Sep  2 13:17:46 1999
+++ apps/speed.cTue Sep  7 15:00:07 1999
@@ -71,7 +71,9 @@

 #include stdio.h
 #include stdlib.h
+#ifndef OSE_DELTA
 #include signal.h
+#endif
 #include string.h
 #include math.h
 #include "apps.h"
@@ -344,6 +346,7 @@
int pr_header=0;

apps_startup();
+   memset(results, 0, sizeof(results));
 #ifndef NO_DSA
memset(dsa_key,0,sizeof(dsa_key));
 #endif
===



begin:vcard 
n:Bang;Lennart
tel;cell:+46 70 733 14 70
tel;fax:+46 8 446 34 64
tel;work:+46 8 446 34 67
x-mozilla-html:TRUE
url:www.netstream.se
org:NetStream AB;Networking department
version:2.1
email;internet:[EMAIL PROTECTED]
title:CEO   |   http://www.netstream.se
adr;quoted-printable:;;Enhagsbacken 9=0D=0A;S-187 40 Taby;;;Sweden
fn:Lennart Bang
end:vcard

[Fwd: Solution - ApacheSSL on HPUX 11]

1999-09-07 Thread Ben Laurie 

Do we need to do something about this?

Cheers,

Ben.

--
http://www.apache-ssl.org/ben.html

"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
 - Indira Gandhi


Hello Ben,

I finally finally found the solution out ! Here it is -

Apache SSL on HPUX 11 is now working. We have used +DAportable
option while compiling OpenSSL. This option generates code compatible across
PA-RISC 1.1 and 2.0 workstations and servers. We first tried with +DA1.1. But
it didn't work. If somebody builds OpenSSL with +DA1.1 option, then ApacheSSL
has to be built with +DAportable option. But if OpenSSL is built with +DAportable
then one can build ApacheSSL without any option.

I am writing you this cause you'd get more queries than me regarding this and you 
could help
out more people.

Thanks for all your time and effort.
Cheers,
Karthik KR

Ben Laurie wrote:

 "K. Karthik" wrote:
 
  Hi ben,
 
  I am (still) not able to find the core fileIs there any way by which i can tell
  apache to core dump at a specific place ?? I think the core file should be found 
at the
  server-root ?!
  I am however getting the "Memory Fault" message at the command prompt.  Also in 
the error
  log i get a message called
  "/usr/local/apache_ssl/logs/httpsd.pid overwritten::unclean shutdown of previous 
apache
  run ?" Does this signify something ? This comes only when i start apacheSSL using 
httpsd
  -X.

 -X is a debugging mode, and it bypasses the usual cleanup on exit. The
 core dump should be (I think) wherever you are when you run Apache.

 Cheers,

 Ben.

 --
 http://www.apache-ssl.org/ben.html

 "My grandfather once told me that there are two kinds of people: those
 who work and those who take the credit. He told me to try to be in the
 first group; there was less competition there."
  - Indira Gandhi

Re: support for HPUX11 on 32/64 bit machine

1999-09-07 Thread Anonymous 

"Peter Huang" [EMAIL PROTECTED] wrote:
 the default autoconf for openssl on HPUX11 give a compiler flag of =
 +DA2.0.  this flag will compile the openssl
 library in 64-bit mode which can't be used by apache (32bit).  The =
 correct compiler flag should be +DAportable
 so CC will generate correct code that can run on either platform.

+DA2.0 only tells the compiler to generate code for a PA-RISC 2.0 cpu.
The code is still 32-bit and should run on any newer PA-RISC cpu with
HPUX11.  It won't run on PA1.0 or PA1.1 cpus (9000/755 or lower, I think).

The "hpux11-64bit-cc" uses +DA2.0W, which apparently gets you 64-bit code
for 2.0 cpus only.  But I don't find that in the cc man page, and I don't
have access to a 64-bit system to try it on.

BTW, both these hpux11 configurations apparently came from www.globus.org
but there's no one active in openssl-dev supporting or testing them.  HPUX
isn't very widely used, and 64-bit installations of HPUX 11 are even rarer.

Who knows how to tell which version of the architecture the cpu is, so it
can be built into config?  32/64-bit detection would be nice, too.

__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]