Re: *_dup() functions
On Fri, Aug 17, 2001 at 06:42:35PM +0200, Lutz Jaenicke wrote: I first found them because I wanted my wrapping x509req.get_subject() to exist even when x509req is destroyed, so therefore the rather odd do I need them? question. Hmm, seems that *_dup() might fulfill your requirement... Yes, and no, it turns out. If I let x509req.get_subject() return a X509_NAME_dup()ed pointer I can't do stuff like req.get_subject().CN = 'me' which would be rather nice (req.set_subject() would work, but it's rather un-Pythonic) :-) I wrote a copy constuctor instead, that takes an x509name object and returns a X509_NAME_dup()ed pointer. Thanks Martin -- Martin Sjögren [EMAIL PROTECTED] ICQ : 41245059 Phone: +46 (0)31 7710870 Cell: +46 (0)739 169191 GPG key: http://www.strakt.com/~martin/gpg.html __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
SV: Making PKCS#10 request without a private key
Hi Obviously I can't sign the request when I don't have the private key. So the (maybe stupid) question is: Is it at all possible somehow to make a PKCS#10 without a private key? Sorry maybe I'm stupid but why can't sign request ? Are you using RSA or memory smartcard ? The problem is that I don't have access to the smartcard, so I can't sign the request. Regards, Kim Hellan __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Failed to clean virus file Emanuel.exe
The file you have sent was infected with a virus but InterScan E-Mail VirusWall could not clean it. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
InterScan NT Alert
Destinatario, il sistema antivirus ha individuato un virus nel file allegato. Date: Mon, 20 Aug 2001 08:58:35 +0200 (W. Europe Daylight Time) Method: Mail From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] [EMAIL PROTECTED] File: Emanuel.exe Action: clean failed - deleted Virus: TROJ_NAVIDAD.E __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
WARNING. You sent a potential virus or unauthorised code
The MessageLabs Virus Control Centre discovered a possible virus or unauthorised code (such as a joke program or trojan) in an email sent by you. Please read this whole email carefully. It explains what has happened to your email, which suspected virus has been caught, and what to do if you need help. Some details about the infected message To help identify the email: The message sender was [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] (if this is not your email address, the message sender possibly belongs to a mailing list to which you both subscribe.) The message was titled 'Re: quick and dirty tunnel to SSL ?' The message date was Mon, 20 Aug 2001 15:41:02 +0900 (KST) The message identifier was 00d301c12944$0d8a31c0$48403ed3@SCL The message recipients were [EMAIL PROTECTED] To help identify the virus: Scanner 1 (F-Secure) reported the following: F-Secure Anti-Virus for i386-linux Release 4.08 build 2260 sign.def version 2001-08-16 fsmacro.def version 2001-08-16 sign2.def version 2001-08-16 502980_2MA-X-MSDOWNLOAD_Emanuel.exe infection: W95/Navidad.16896 1 files scanned 1 infections found The message was diverted into the virus holding pen on mail server server-9.tower-4.starlabs.net (id 502980_998290812) and will be held for 30 days before being destroyed. What should you do now? If you sent the email from a corporate network, you should first contact your local Helpdesk or System Administrator for advice. They will be able to help you disinfect your workstation. If you sent the email from a personal or home account, you will need to disinfect your computer yourself. To do this you will need an anti-virus program. We suggest using one of the leading industry anti-virus packages such as McAfee, F-Secure or Cybersoft, which cost £15-£30 per copy. Getting more help If you believe this message to be a false alarm or you require further assistance, you can email Star Internet Support at:- [EMAIL PROTECTED] or contact Star Helpdesk by telephone on:- +44 (0) 1285 884433 Please quote the following Virus Pen ID when contacting Support. mail server server-9.tower-4.starlabs.net (id 502980_998290812) If replying by email, please forward this entire email. _ This message has been checked for all known viruses by the MessageLabs Virus Scanning Service. For further information visit http://www.messagelabs.com/stats.asp __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
WARNING. You sent a potential virus or unauthorised code
The MessageLabs Virus Control Centre discovered a possible virus or unauthorised code (such as a joke program or trojan) in an email sent by you. Please read this whole email carefully. It explains what has happened to your email, which suspected virus has been caught, and what to do if you need help. Some details about the infected message To help identify the email: The message sender was [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] (if this is not your email address, the message sender possibly belongs to a mailing list to which you both subscribe.) The message was titled Re: quick and dirty tunnel to SSL ? The message date was Mon, 20 Aug 2001 15:41:02 +0900 (KST) The message identifier was 00d301c12944$0d8a31c0$48403ed3@SCL The message recipients were [EMAIL PROTECTED] To help identify the virus: Scanner 1 (NAI Virus Scan) reported the following: /var/qmail/queue/split/0/502989_2MA-X-MSDOWNLOAD_Emanuel.exe Found the W32/Navidad.e@M virus !!! The message was diverted into the virus holding pen on mail server server-7.tower-4.starlabs.net (id 502989_998290769) and will be held for 30 days before being destroyed. What should you do now? If you sent the email from a corporate network, you should first contact your local Helpdesk or System Administrator for advice. They will be able to help you disinfect your workstation. If you sent the email from a personal or home account, you will need to disinfect your computer yourself. To do this you will need an anti-virus program. We suggest using one of the leading industry anti-virus packages such as McAfee, F-Secure or Cybersoft, which cost £15-£30 per copy. Getting more help We strongly recommend that you read the Support FAQs at http://www.messagelabs.com/support/FAQs.htm These will answer many of the most common queries. If you subscribe to the MessageLabs SkyScan AV Service, please contact your IT Helpdesk/Support department for further assistance. If you do not subscribe to the MessageLabs SkyScan AV Service please contact ISP4 Business on:- + 44 (0) 8707 001718 You may contact one of our Messaging Technicians at MessageLabs Helpdesk 7 days a week , 6am - 12pm on:- +44 (0)9067 579 001 All calls will be charged at £0.75p per minute. If you believe this message to be a false alarm, you can email ISP4 Business at:- [EMAIL PROTECTED] Please quote the following Virus Pen ID when contacting Support. If replying by email, please forward this entire email. _ This message has been checked for all known viruses by the MessageLabs Virus Scanning Service. For further information visit http://www.messagelabs.com/stats.asp __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Failed to clean virus file Emanuel.exe
The file you have sent was infected with a virus but InterScan E-Mail VirusWall could not clean it. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
InterScan NT Alert
Sender, InterScan has detected virus(es) in your e-mail attachment. Date: Mon, 20 Aug 2001 03:12:16 -0400 (Eastern Daylight Time) Method: Mail From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] [EMAIL PROTECTED] File: Emanuel.exe Action: clean failed - deleted Virus: TROJ_NAVIDAD.E __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Delivery error re: Re: quick and dirty tunnel to SSL ?
This message was rejected by the mail hub at The University of Birmingham (bham.ac.uk) because it has an apparently executable attachment Emanuel.exe. The email rejected was not delivered to the following recipients: [EMAIL PROTECTED] Executable attachments are not being accepted at The University if Birmingham because they have been used by recent viruses such as that described in http://www.fsecure.com/v-descs/love.htm and http://vil.nai.com/vil/dispVirus.asp?virus_k=98797 Regrettably, it is possible that some legitimate communications could be refused by this measure and we apologise for any inconvenience caused. If this was a legitimate communication concerning University business please contact [EMAIL PROTECTED] for advice with a full explanation about the nature of the communication. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Antigen found Win32 (Norman,Sophos) virus
Antigen for Exchange found Emanuel.exe infected with Win32 (Norman,Sophos) virus. The file is currently Removed. The message, Re: quick and dirty tunnel to SSL ?, was sent from =?ks_c_5601-1987?B?uem787z2?= and was discovered in IMC Queues\Inbound located at NDS/NDS-JER/NDSILBRIDGE. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
question about cleanup
Hello openssl-users, I use openssl in one server application, thus, i would like to have no memory leaks. I noticed that then more crypts/decrypts/key creation i do then more memory my app uses. So, i have question : do i need to clean something after enc = EVP_des_ede3_cbc(); ? does BIO_free_all() guarantee that everything associated with this BIO will be cleaned ? and finally theoretical question : are there any known memory leaks that not found yet ? Best regards, Kubyshev Andrey mailto:[EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Feature or bug in 96b ?
Hello openssl-users, This is repeat, but i stil didnt get responce on it , and problem still remains. If its only problem at me , just do this test please, and see, if works ok... please I use openssl pretty long time, but only in simple mode. Recently , installed version 96b (major release) and found that my application become to crash. I checked it and found that crash happens in RSA_check_key function when i pass public key to it. I installed v. 95a and it worked fine for me. is it bug or i do something wrong ? You can reproduce this bug simply takes loadrsa.c from demos\eay\ and after public key created with line : pub_rsa=d2i_RSAPublicKey(NULL,p,(long)len); simply insert: RSA_check_key (pub_rsa); and it will crash. I use VC++ 6 with SP4 and WinNT I deleted all previous libraries, and header files from old libs. Best regards, Kubyshev Andrey [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Please reconfigure majordomo to not set Reply-To (was: Failed to clean virus file Emanuel.exe)
On Mon, 20 Aug 2001 13:33:18 +0200, Michael Ströder [EMAIL PROTECTED] wrote: Because the mailing list processor is configured to set the Reply-To address to the list address. IMHO this should be changed to reduce such problems with automatic replies (vacation e-mails, virus-scans etc.). But that would make *regular* replies a pain in the ass for list members. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Remove the E-Mail Field from the DN os an certrequest/cert
Hello, can somebody help me to configure my openssl.cnf ( or other things ) to remove the E-Mail Field as a part of the subject ( and Issuer ) DN within a certificate ? Thanks for your Help. Regards, Robert Hannemann Computer Center Saxony-Anhalt Germany +49 345 1304 883 __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
InterScan NT Alert
Destinatario, il sistema antivirus ha individuato un virus nel file allegato. Date: Mon, 20 Aug 2001 14:14:23 +0200 (W. Europe Daylight Time) Method: Mail From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] [EMAIL PROTECTED] File: Emanuel.exe Action: clean failed - deleted Virus: TROJ_NAVIDAD.E __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Antigen found W32/Navidad.e@M (McAfee4) virus
Antigen for Exchange found Emanuel.exe infected with W32/Navidad.e@M (McAfee4) virus. The file is currently Removed. The message, Re: quick and dirty tunnel to SSL ?, was sent from =?ks_c_5601-1987?B?uem787z2?= and was discovered in SMTP Messages\Inbound located at Corrent Organization/First Administrative Group/CORMAIL01. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Antigen found W32/Navidad.e@M (McAfee4) virus
Antigen for Exchange found Emanuel.exe infected with W32/Navidad.e@M (McAfee4) virus. The file is currently Removed. The message, Re: quick and dirty tunnel to SSL ?, was sent from =?ks_c_5601-1987?B?uem787z2?= and was discovered in SMTP Messages\Inbound located at Corrent Organization/First Administrative Group/CORMAIL01. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Antigen found Win32 (Norman,Sophos) virus
Antigen for Exchange found Emanuel.exe infected with Win32 (Norman,Sophos) virus. The file is currently Removed. The message, Re: quick and dirty tunnel to SSL ?, was sent from =?ks_c_5601-1987?B?uem787z2?= and was discovered in IMC Queues\Inbound located at NDS/NDS-JER/NDSILBRIDGE. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
InterScan NT Alert
Sender, InterScan has detected virus(es) in your e-mail attachment. Date: Mon, 20 Aug 2001 08:28:00 -0400 (Eastern Daylight Time) Method: Mail From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] [EMAIL PROTECTED] File: Emanuel.exe Action: clean failed - deleted Virus: TROJ_NAVIDAD.E __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
InterScan NT Alert
Receiver, InterScan has detected virus(es) in the e-mail attachment. Date: Mon, 20 Aug 2001 08:28:00 -0400 (Eastern Daylight Time) Method: Mail From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] [EMAIL PROTECTED] File: Emanuel.exe Action: clean failed - deleted Virus: TROJ_NAVIDAD.E __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
InterScan NT Alert
Receiver, InterScan has detected virus(es) in the e-mail attachment. Date: Mon, 20 Aug 2001 14:21:43 +0200 (W. Europe Daylight Time) Method: Mail From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] [EMAIL PROTECTED] File: Emanuel.exe Action: deleted Virus: TROJ_NAVIDAD.E __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
InterScan NT Alert
Sender, InterScan has detected virus(es) in your e-mail attachment. Date: Mon, 20 Aug 2001 08:28:07 -0400 (Eastern Daylight Time) Method: Mail From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] [EMAIL PROTECTED] File: Emanuel.exe Action: clean failed - deleted Virus: TROJ_NAVIDAD.E __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
InterScan NT Alert
Receiver, InterScan has detected virus(es) in the e-mail attachment. Date: Mon, 20 Aug 2001 08:28:07 -0400 (Eastern Daylight Time) Method: Mail From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] [EMAIL PROTECTED] File: Emanuel.exe Action: clean failed - deleted Virus: TROJ_NAVIDAD.E __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Antigen found W32/Navidad-B (Sophos) virus
Antigen for Exchange found Emanuel.exe infected with W32/Navidad-B (Sophos) virus. The file is currently Removed. The message, quick and dirty tunnel to SSL ?, was sent from and was discovered in Wilt, Paul\Inbox located at BellHowell/UMI Ann Arbor/AAMAIL01. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Antigen found W32/Navidad-B (Sophos) virus
Antigen for Exchange found Emanuel.exe infected with W32/Navidad-B (Sophos) virus. The file is currently Removed. The message, quick and dirty tunnel to SSL ?, was sent from and was discovered in Wilt, Paul\Inbox located at BellHowell/UMI Ann Arbor/AAMAIL01. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: Please reconfigure majordomo to not set Reply-To (was: Failed to clean virus file Emanuel.exe)
[not setting Reply-To] But that would make *regular* replies a pain in the ass for list members. The amount of such accidents like this one or the vacation mail disaster that seems to hit this list every few weeks is much more than on any other high-volume list that I know. I think the break- even point between convenient replies and preventing this stuff has been reached and I would also vote for disabling the Reply-To function! Best regards, Reiner. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Failed to clean virus file Emanuel.exe
The file you have sent was infected with a virus but InterScan E-Mail VirusWall could not clean it. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
InterScan NT Alert
Receiver, InterScan has detected virus(es) in the e-mail attachment. Date: Mon, 20 Aug 2001 14:29:02 +0200 (W. Europe Daylight Time) Method: Mail From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] [EMAIL PROTECTED] File: Emanuel.exe Action: clean failed - deleted Virus: TROJ_NAVIDAD.E __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Antigen found Win32 virus
Antigen for Exchange found Emanuel.exe infected with Win32 virus. The file is currently Deleted. The message, quick and dirty tunnel to SSL ?, was sent from ¹é»ó¼ö and was discovered in Raji Abdelaziz\Inbox located at Breakwater Communications/BREAKWATER/NT2. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: Please reconfigure majordomo to not set Reply-To (was: Failed to clean virus file Emanuel.exe)
[not setting Reply-To] But that would make *regular* replies a pain in the ass for list members. The amount of such accidents like this one or the vacation mail disaster that seems to hit this list every few weeks is much more than on any other high-volume list that I know. I think the break- even point between convenient replies and preventing this stuff has been reached and I would also vote for disabling the Reply-To function! I'm on another list, where emails are set up to Reply-To the list, and we *never* see any auto-reply, virus warnings, could-not-deliver, or any other spurious auto-generated mails. And it's been that way for years, so I doubt the listadmin is coming up with new filters for each new objectionable email. I'll get in touch with the listadmin and ask how he does it. Tom Biggs __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Please reconfigure majordomo to not set Reply-To (was: Failed to clean virus file Emanuel.exe)
Because the mailing list processor is configured to set the Reply-To address to the list address. IMHO this should be changed to reduce such problems with automatic replies (vacation e-mails, virus-scans etc.). But that would make *regular* replies a pain in the ass for list members. I also think reconfigure majordomo. Press reply to all isn't a pain in the ass compared to deleting the increasing amount of junk mail that has been turning up on this list of late. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Rejected: Re: quick and dirty tunnel to SSL ?
Your message was rejected because it has an apparently executable attachment Emanuel.exe. Please read http://www.scms.waikato.ac.nz/help/mail/policy.html __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Delivery error re: Re: quick and dirty tunnel to SSL ?
This message was rejected by the mail hub at The University of Birmingham (bham.ac.uk) because it has an apparently executable attachment Emanuel.exe. The email rejected was not delivered to the following recipients: [EMAIL PROTECTED] Executable attachments are not being accepted at The University if Birmingham because they have been used by recent viruses such as that described in http://www.fsecure.com/v-descs/love.htm and http://vil.nai.com/vil/dispVirus.asp?virus_k=98797 Regrettably, it is possible that some legitimate communications could be refused by this measure and we apologise for any inconvenience caused. If this was a legitimate communication concerning University business please contact [EMAIL PROTECTED] for advice with a full explanation about the nature of the communication. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Strange bug in connecting to server
Hi,
I'm trying to create an library for transfering special info between
an client and a webserver. But I have run into some strange problems.
I can connect to all kinds of webservers but one is allways failing.
I've debugged with returning the sslstate within the program, giving me:
Before connect
Before ssl connect
SSL_connect:before/connect initialization
SSL_connect:SSLv3 write client hello A
SSL_connect:error in SSLv3 read server hello A
SSL connect failed
Out
If I run the openssl program using the s_client option I can get
it to work... What am i doing wrong ???
Source code:
testssl.c :
#include stdio.h
int main (int argc, char **argv)
{
char ticket[10];
int t=0;
char call[] = GET /\n\n;
char host[] = www.paynet.no;
int port = 443;
memset(ticket,0,10);
sendSSL(call, strlen(call), ticket, 10, host, port);
printf(Out %s\n, ticket);
}
sslclient.c :
/*
* An SSL simple client
*
* This is a simple client. The client will try to open a socket
* on a specified port. This socket is hereafter read until
*
*/
#include stdio.h
#include stdlib.h
#ifdef WINNT
#include winsock2.h
#else
#include netdb.h
#include sys/socket.h
#include arpa/inet.h
#endif
// #include sys/types.h
#include ssl.h
#include sslclient.h
#define PROTOCOL tcp
#define MESSAGE_EXTEND 2048
static char sslclient_error_[4096];
static char *skeyphrase;
int verify_callback(int, X509_STORE_CTX*);
void apps_ssl_info_callback(SSL *, int, int);
/**
* Callback for getting key
*/
int returnKey(keybuf, maxlength, verify)
char *keybuf;
int maxlength;
int verify;
{
if(maxlengthstrlen(skeyphrase)) {
memcpy(keybuf,skeyphrase,strlen(skeyphrase));
return strlen(skeyphrase);
}
else
return -1;
}
/* Verify if passphrase works for keyfile */
int verifyKey(char* keyfile, char* passphrase)
{
SSL_METHOD *meth=NULL;
SSL_CTX *ctx=NULL;
int t=0;
skeyphrase = passphrase;
SSLeay_add_ssl_algorithms();
if((meth=SSLv3_client_method())
(ctx=SSL_CTX_new(meth)))
{
SSL_CTX_set_default_passwd_cb(ctx,*returnKey);
t = SSL_CTX_use_RSAPrivateKey_file(ctx, keyfile, SSL_FILETYPE_PEM);
if (ctx) SSL_CTX_free(ctx);
}
return (t0);
}
/**
* Send a ssl message
*
* This involves to open a port to the host set by setPGWPort and
* setPGWHostName. The data to be sendt should be stored in 'buf' of
* and the length of buf is passed to the function in 'length'.
*
* The return from the PGW is put into a buffer structure.
*
* It is the responsibillity of the caller to free both the buffer structure
* and the buffer within (the buf element)
*
*/
int sendSSL(sbuf,slength,mbuf,mlength,hostname,port)
char *sbuf,*mbuf;
int slength,mlength;
char *hostname;
int port;
{
/* --- VARIABLE DECLARATION --- */
int t,tt,size;
int fd,c_ret;
struct protoent *pe;
struct hostent *he;
struct sockaddr_in sin;
char *tmp;
// Method for the correct ssl version
SSL_METHOD *meth=NULL;
// create an SSL structure
SSL *con = NULL;
SSL_CTX *ctx=NULL;
X509*server_cert;
char*str;
int r;
/* --- CODE START --- */
#ifdef WINNT
struct WSAData wsa_state;
int wsa_init_done=0,err;
memset(wsa_state,0,sizeof(wsa_state));
if (WSAStartup(0x0101,wsa_state)!=0)
{
err=WSAGetLastError();
return(0);
}
#endif
// -- Establish plain socket connection
pe = getprotobyname(PROTOCOL);
// Open a new socket
fd = socket(AF_INET,SOCK_STREAM,pe-p_proto);
if(fd==-1) {
sprintf(sslclient_error_,
Could not create new socket);
goto error;
}
// Get the PGWHostName
if(hostname == NULL) {
sprintf(sslclient_error_,PGWHostName not set);
goto error;
}
he = gethostbyname(hostname);
if(he == NULL || he-h_addr == NULL) {
sprintf(sslclient_error_,
Could not gethostbyname for host:%s,hostname);
goto error;
}
sin.sin_family = AF_INET;
sin.sin_port = htons(port);
memcpy((void *)sin.sin_addr, (void *)he-h_addr, he-h_length);
#ifdef DEBUG
printf(Before connect\n);
#endif
c_ret = connect(fd,(struct sockaddr *)sin, sizeof(sin));
if(c_ret==-1){
sprintf(sslclient_error_,
Could not connect to port %d,port);
goto error;
}
// -- Establish ssl on top of the socket
// Add algorithms
//OpenSSL_add_ssl_algorithms();
SSLeay_add_ssl_algorithms();
// Set the method to SSLv3
meth=SSLv3_client_method();
// Create a new context for communication
ctx=SSL_CTX_new(meth);
SSL_load_error_strings();
if (ctx == NULL) {
sprintf(sslclient_error_,
Could not create new CTX structure);
goto error;
}
SSL_CTX_set_timeout(ctx, 3);
SSL_CTX_set_options(ctx,0);
Re: Please reconfigure majordomo to not set Reply-To (was: Failedto clean virus file Emanuel.exe)
On Mon, 20 Aug 2001 05:00:01 -0700, Caliban Tiresias Darklock [EMAIL PROTECTED] (ctd) writes: ctd On Mon, 20 Aug 2001 13:33:18 +0200, Michael Ströder ctd [EMAIL PROTECTED] wrote: Because the mailing list processor is configured to set the Reply-To address to the list address. IMHO this should be changed to reduce such problems with automatic replies (vacation e-mails, virus-scans etc.). ctd But that would make *regular* replies a pain in the ass for list ctd members. What we do is send the notice to the envelope sender, which typically is set to the list owner. (Sorry list owner.) At least that way it doesn't flood the entire list time and time again -- Amos __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
InterScan NT Alert
Mittente, il sistema antivirus ha individuato un virus nel file allegato. Date: Mon, 20 Aug 2001 14:14:23 +0200 (W. Europe Daylight Time) Method: Mail From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] [EMAIL PROTECTED] File: Emanuel.exe Action: clean failed - deleted Virus: TROJ_NAVIDAD.E __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: Please reconfigure majordomo to not set Reply-To (was: Failed to clean virus file Emanuel.exe)
-Original Message- From: Amos Gouaux [mailto:[EMAIL PROTECTED]] Sent: 20 August 2001 14:03 To: [EMAIL PROTECTED] Subject: Re: Please reconfigure majordomo to not set Reply-To (was: Failed to clean virus file Emanuel.exe) On Mon, 20 Aug 2001 05:00:01 -0700, Caliban Tiresias Darklock [EMAIL PROTECTED] (ctd) writes: ctd On Mon, 20 Aug 2001 13:33:18 +0200, Michael Ströder ctd [EMAIL PROTECTED] wrote: Because the mailing list processor is configured to set the Reply-To address to the list address. IMHO this should be changed to reduce such problems with automatic replies (vacation e-mails, virus-scans etc.). ctd But that would make *regular* replies a pain in the ass for list ctd members. What we do is send the notice to the envelope sender, which typically is set to the list owner. (Sorry list owner.) At least that way it doesn't flood the entire list time and time again If you think this is bad, imagine what would happen if the anti-virus checker attached the infected email in each alert (which for example InoculateIT can do). Forget out of office replies et al... - John Airey Internet Systems Support Officer, ITCSD, Royal National Institute for the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED] - NOTICE: The information contained in this email and any attachments is confidential and may be legally privileged. If you are not the intended recipient you are hereby notified that you must not use, disclose, distribute, copy, print or rely on this email's content. If you are not the intended recipient, please notify the sender immediately and then delete the email and any attachments from your system. RNIB has made strenuous efforts to ensure that emails and any attachments generated by its staff are free from viruses. However, it cannot accept any responsibility for any viruses which are transmitted. We therefore recommend you scan all attachments. Please note that the statements and views expressed in this email and any attachments are those of the author and do not necessarily represent those of RNIB. RNIB Registered Charity Number: 226227 Website: http://www.rnib.org.uk __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
SSL_CTRL_EXTRA_CHAIN_CERT
What does SSL_CTRL_EXTRA_CHAIN_CERT mean when returned from SSL_accept()? Also, is there any documentation as to the meaning of any of that type of definition (openssl/ssl.h line 826-870)? -- Nathan Bell Companion Corporation Evelyn Manufacturing 801-943-7277 Etc... )); __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: SSL_CTRL_EXTRA_CHAIN_CERT
On Mon, Aug 20, 2001 at 09:14:54AM -0600, Nathan Bell wrote: What does SSL_CTRL_EXTRA_CHAIN_CERT mean when returned from SSL_accept()? ??? Since when does SSL_accept() return SSL_CTRL_EXTRA_CHAIN_CERT? Also, is there any documentation as to the meaning of any of that type of definition (openssl/ssl.h line 826-870)? man SSL_get_error Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/ Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129 Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153 __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Strange bug in connecting to server
On Mon, Aug 20, 2001 at 03:18:20PM +0200, Carsten Rhod Gregersen wrote: Hi, I'm trying to create an library for transfering special info between an client and a webserver. But I have run into some strange problems. I can connect to all kinds of webservers but one is allways failing. I've debugged with returning the sslstate within the program, giving me: Before connect Before ssl connect SSL_connect:before/connect initialization SSL_connect:SSLv3 write client hello A SSL_connect:error in SSLv3 read server hello A SSL connect failed Out If I run the openssl program using the s_client option I can get it to work... What am i doing wrong ??? You are using SSLv3 only. s_client by default uses SSLv2 compatible client hello messages and supports SSLv2, SSLv3 and TLSv1. Try 's_client -ssl3' and see, whether it still succeeds. Probably the server only supports SSLv2 (it may also enforce TLSv1, but this is not likely). Best regards, Lutz PS. Query the error queue for more information. -- Lutz Jaenicke [EMAIL PROTECTED] BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/ Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129 Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153 __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Failed to clean virus file QUA1C129477534DCA0.txt
The file you have sent was infected with a virus but InterScan E-Mail VirusWall could not clean it. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Failed to clean virus file QUA1C129466D2ADE20.txt
The file you have sent was infected with a virus but InterScan E-Mail VirusWall could not clean it. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Rejected: Rejected Message
Your message was rejected because it has an apparently executable attachment Emanuel.exe. Please read http://www.scms.waikato.ac.nz/help/mail/policy.html __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Rejected: Rejected Message
Your message was rejected because it has an apparently executable attachment Emanuel.exe. Please read http://www.scms.waikato.ac.nz/help/mail/policy.html __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
InterScan NT Alert
Sender, InterScan has etected virus(es) in your e-mail attachment. Date: Mon, 20 Aug 2001 17:58:45 +0200 (W. Europe Daylight Time) Method: Mail From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] File: QUA1C129477534DCA0.txt Action: deleted Virus: TROJ_NAVIDAD.E __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
InterScan NT Alert
Sender, InterScan has etected virus(es) in your e-mail attachment. Date: Mon, 20 Aug 2001 17:57:49 +0200 (W. Europe Daylight Time) Method: Mail From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] File: QUA1C129466D2ADE20.txt Action: deleted Virus: TROJ_NAVIDAD.E __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
InterScan NT Alert
Receiver, InterScan has detected virus(es) in the e-mail attachment. Date: Mon, 20 Aug 2001 17:57:49 +0200 (W. Europe Daylight Time) Method: Mail From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] File: QUA1C129466D2ADE20.txt Action: deleted Virus: TROJ_NAVIDAD.E __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Please reconfigure majordomo to not set Reply-To (was: Failed to clean virus file Emanuel.exe)
I'm in agreement, there is a reason that most mailers have a Reply-All or Reply-Group function after all. Don't munge Reply-To! - Original Message - From: Steven Reddie [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, August 21, 2001 11:09 AM Subject: RE: Please reconfigure majordomo to not set Reply-To (was: Failed to clean virus file Emanuel.exe) Many lists are configured to only accept posts from subscribers to the list, which stops the types of mail that we're getting right now, but I don't think would stop vacation auto responders. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Tom Biggs Sent: Tuesday, 21 August 2001 12:03 AM To: [EMAIL PROTECTED] Subject: RE: Please reconfigure majordomo to not set Reply-To (was: Failed to clean virus file Emanuel.exe) [not setting Reply-To] But that would make *regular* replies a pain in the ass for list members. The amount of such accidents like this one or the vacation mail disaster that seems to hit this list every few weeks is much more than on any other high-volume list that I know. I think the break- even point between convenient replies and preventing this stuff has been reached and I would also vote for disabling the Reply-To function! I'm on another list, where emails are set up to Reply-To the list, and we *never* see any auto-reply, virus warnings, could-not-deliver, or any other spurious auto-generated mails. And it's been that way for years, so I doubt the listadmin is coming up with new filters for each new objectionable email. I'll get in touch with the listadmin and ask how he does it. Tom Biggs __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
private key
I'm writing a program that uses openssl to read the private key from a ASN1.DER encoded file. The openssl API outputs the following: 17752:error:0D080071::lib(13) :func(128) :reason(113):a_int.c:191: 17752:error:0D09D082::lib(13) :func(157) :reason(130):d2i_r_pr.c:124: I'm using the load_key() function from openssl/apps/x509.c but I got this error. I'm sure that my file is valid. Can anyone give me some hints? Thanks. Fiel Cabral __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Problem signing a certificate request using OpenSSL
Hi, I'm attempting to sign a certificate request using the CA.pl script included with OpenSSL. Configuration: -Slackware 8 -OpenSSL 0.9.6b When I attempt to issue the ./CA.pl -sign command I get the following error: [16:56:42][root@victory-260]# ./CA.pl -sign Using configuration from /etc/ssl/openssl.cnf Enter PEM pass phrase: unable to load CA private key 10436:error:06065064:digital envelope routines:EVP_DecryptFinal:bad decrypt:evp_enc.c:277: 10436:error:0906A065:PEM routines:PEM_do_header:bad decrypt:pem_lib.c:451: Signed certificate is in newcert.pem Has anyone seen this before? I can generate a certificate request using ./CA.pl -newreq and I can use OpenSSL on my system, I just can't generate a signed certificate. If anyone has any ideas as to how I can troubleshoot this problem I'm all ears. Just for the record, I've already created a CA certificate and I have also successfully generated signed certificates using this system before (about 1 month ago) but now I am unable to sign certificates. cheers, Gabe [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Please reconfigure majordomo to not set Reply-To (was: Failed to clean virus file Emanuel.exe)
On Mon, Aug 20, 2001 at 01:33:18PM +0200, Michael Ströder wrote: I just wonder why this program send this info to the list and not to the person who sent the virus ;-) Because the mailing list processor is configured to set the Reply-To address to the list address. IMHO this should be changed to reduce such problems with automatic replies (vacation e-mails, virus-scans etc.). Won't help. This is a typical what should an automated agent do when deciding who to send Email to problem. A proper anti-virus system would check for evidence of the message being from a mailing-list (Precedence: bulk, -return headers - all sorts of things), and decide not to send to that. Basically, it should act the same way Postmaster bounces do. I know of no commercial AV systems that do that. An example of such a system that does do that would be Qmail-Scanner http://qmail-scanner.sourceforge.net/ - ahem. Not that I have anything to do with that ;-) -- Cheers Jason Haar Unix/Special Projects, Trimble NZ Phone: +64 3 9635 377 Fax: +64 3 9635 417 __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Please reconfigure majordomo to not set Reply-To
From: Tom Biggs [EMAIL PROTECTED] tbiggs I'm on another list, where emails are set up to Reply-To the list, tbiggs and we *never* see any auto-reply, virus warnings, could-not-deliver, tbiggs or any other spurious auto-generated mails. And it's been that way tbiggs for years, so I doubt the listadmin is coming up with new filters for tbiggs each new objectionable email. I'll get in touch with the listadmin tbiggs and ask how he does it. That's easy. That list is probably set up so only members can post. It has for long been the policy for openssl-users that it should be open to post to by non-members... Perhaps that needs to change. -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-733-72 88 11 Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Software Engineer, GemPlus: http://www.gemplus.com/ Unsolicited commercial email is subject to an archival fee of $400. See http://www.stacken.kth.se/~levitte/mail/ for more info. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: openssl for MS-Windows
From: Kees Zeelenberg [EMAIL PROTECTED] Subject: Re: openssl for MS-Windows Date: Mon, 20 Aug 2001 22:36:10 +0200 Message-ID: 004201c129b7$c449a800$ed2cfb3e@beta kees.zeelenberg Can I ask you to mail us the exact changes in form of a kees.zeelenberg patch or something like that, so OpenSSL itself can get better? kees.zeelenberg Below are the diffs for mingw32.pl and the source of alarm.c kees.zeelenberg NB: The additional library Msup (see final diff) contains a.o. alarm.o kees.zeelenberg The use of DLL's instead of the static libraries was done by hand; I will kees.zeelenberg try to find a more general solution and mail it. I've added them to my stack of patches. -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-733-72 88 11 Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Software Engineer, GemPlus: http://www.gemplus.com/ Unsolicited commercial email is subject to an archival fee of $400. See http://www.stacken.kth.se/~levitte/mail/ for more info. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: drop-in memory management
From: Nathan Bell [EMAIL PROTECTED] nbell There is already support for drop-in cryptography, but doing drop-in nbell memory management seems like a more highly applicable feature. After nbell already having done this I realize that it is not a daunting task. It nbell would've been even better had there been documentation pointing to which nbell files to change. nbell Does anyone else see this as a good future feature? Actually, there is such a thing, but admitedly not documented. You can create your own allocator and deallocator functions and hook them in using the function CRYPTO_set_mem_functions(). See crypto.h -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-733-72 88 11 Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Software Engineer, GemPlus: http://www.gemplus.com/ Unsolicited commercial email is subject to an archival fee of $400. See http://www.stacken.kth.se/~levitte/mail/ for more info. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
