It seems that there's a problem in the CVS, the size of the snap is only
16ko today (20030721) !
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL
This is pretty standard - if I understand you correctly, you mean that you
have a client that keeps a pool of sockets connected to a particular server.
You just need to implement some way of storing the session ids from the
handshake using say SSL_get1_session (), and then setting these back ito
On Sun, Jul 20, 2003, Leonard R Smith II wrote:
To all,
I have a cert that is signed by verisign. Its works find with
openssl-0.9.6e that I compiled. The openssl verify command works and tells
me that that cert is okay and most of the ssl clients I used recognize it.
However
On Fri, Jul 18, 2003, rangeos wrote:
Hi,
I have made a soft which work fine with openssl-0.9.7-stable-SNAP-20030718,
but when I try to compile my soft using VisualStudio2003 with
openssl-SNAP-20030718 I get the following message :
d:\Mes
-Message d'origine-
De : [EMAIL PROTECTED]
[mailto:owner-openssl-[EMAIL PROTECTED] De la part de Dr. Stephen Henson
Envoyé : lundi 21 juillet 2003 13:29
À : [EMAIL PROTECTED]
Objet : Re: openssl 0.9.8 with VisualStudio2003
On Fri, Jul 18, 2003, rangeos wrote:
Hi,
I
Guys,
I am using openssl-0.9.7b on Windoze with the Visual Studio v6 compiler
and have found a strange problem. Maybe someone has some idea what is
going wrong. It looks like my program gets some sort of corruption on
returning from SSL_write coz VS says that a C++ exception has been thrown.
On Mon, Jul 21, 2003, Andrew Marlow wrote:
Guys,
I am using openssl-0.9.7b on Windoze with the Visual Studio v6 compiler
and have found a strange problem. Maybe someone has some idea what is
going wrong. It looks like my program gets some sort of corruption on
returning from SSL_write coz
Hi
I would like to try and reduce the size of the ASN.1 database, but am not
sure how the various files work together - I see that there is a perl script
to generate the necessary files, but I'm not too clear how this works. Can
anybody help me out on how to edit and regenerate this?
Many thanks
[EMAIL PROTECTED] writes:
On Mon, Jul 21, 2003, Andrew Marlow wrote:
I am using openssl-0.9.7b on Windoze with the Visual Studio v6 compiler
and have found a strange problem.
[ strange problem snipped ]
Only thing I can immediately think of is that ZLIB might not be compiled
to use the same
http://www.openssl.org/support/faq.html#PROG2
On Mon, Jul 21, 2003 at 03:36:07PM +0100, Andrew Marlow wrote:
[EMAIL PROTECTED] writes:
On Mon, Jul 21, 2003, Andrew Marlow wrote:
I am using openssl-0.9.7b on Windoze with the Visual Studio v6 compiler
and have found a strange problem.
[
On Mon, Jul 21, 2003, Markus Lorch wrote:
Hi,
I frequently have trouble finding function definitions in the crypt
library
e.g. this time I need to take a look at d2i_X509 (e.g. as used by
PEM_read_X509
to reference the conversion function)
I've done a grep -r d2i_X509 * on the whole
hi all,
maybe it is not a SSL question. I want to make post-connection assertion to
prevent man-in-the-middle attack. But I don't know how to get FQDN of the
peer side(Not from peer's certificate, it must be other side's real address).
Is there any socket fucntion to get peer's FQDN?
thank you
There is no functino in OpenSSL I beleive that does such a thing.
What you need to do is get the sockaddr sin_addr data from the accept()
function. At that point you have a IP Address. Use gethostbyaddr() to convert
that IP into a FQDN. You can then verify that the FQDN of the host matches
On Mon, Jul 21, 2003 at 12:12:49PM -0400, Jue (Jacky) Shu wrote:
hi all,
maybe it is not a SSL question. I want to make post-connection assertion to
prevent man-in-the-middle attack. But I don't know how to get FQDN of the
peer side(Not from peer's certificate, it must be other side's real
On Mon, Jul 21, 2003 at 12:20:05PM -0400, Christopher Fowler wrote:
There is no functino in OpenSSL I beleive that does such a thing.
What you need to do is get the sockaddr sin_addr data from the accept()
function. At that point you have a IP Address. Use gethostbyaddr() to convert
that
In reading his orignal email, I made the assumption that he just
wanted to get the hostname + domain of the peer that conencted. To
mae the logical choice was to get the peers IP address from the socket
data and then do a lookup on that IP Address. Maybe another method will work?
On Mon, Jul
On Mon, 21 Jul 2003 11:58:43 +0100, steve thornton wrote:
This is pretty standard - if I understand you correctly, you mean that you
have a client that keeps a pool of sockets connected to a particular server.
You just need to implement some way of storing the session ids from the
handshake
Thank you, Chris.
Yes, that's what I want to do. But I have to use SSL_accept instead of accept,
and peer's ip address is dynamic. Can I get peer's ip address from SSL
connection?
Thank you again.
Jacky
Quoting Christopher Fowler [EMAIL PROTECTED]:
In reading his orignal email, I made the
Jue (Jacky) Shu wrote:
Yes, that's what I want to do. But I have to use SSL_accept instead of accept,
and peer's ip address is dynamic. Can I get peer's ip address from SSL
connection?
Normally one makes first an accept and then an SSL_accept. After the
accept you can proceed as described by
On Mon, Jul 21, 2003, Jue (Jacky) Shu wrote:
Thank you, Chris.
Yes, that's what I want to do. But I have to use SSL_accept instead of accept,
and peer's ip address is dynamic. Can I get peer's ip address from SSL
connection?
You can get the underlying socket fd from the relevant socket BIOs
Hi,
I don't know how to exactly describe my problem, but I will try my best with
the help of a packet trace.
Below is a trace of an SSL session. As seen from this, when the handshake is
complete, and i send an applicaion data of 128 bytes, why do i get
two record layer packet, instead of just one.
Shashank Khanvilkar wrote:
Hi,
I don't know how to exactly describe my problem, but I will try my best with
the help of a packet trace.
Below is a trace of an SSL session. As seen from this, when the handshake is
complete, and i send an applicaion data of 128 bytes, why do i get
two record layer
Application: OpenLDAP 2.1.22
System: Solaris 8
Library: OpenSSL 0.9.7b
During the shutdown of a TLS|SSL connection to an
OpenLDAP 2.1.22 a SEGV fault occurs in the standard
Sun malloc(3C) library's realfree() internal function.
This looks like general memory corruption and I'm
looking in all
If you have access to the private RSA key, than you can get ssldump to
decrypt the application data, see the ssldump man page for more
information.
Ciao,
Yes.. i did use SSLdump, with the private RSA key to capture the trace.
Below is the command that i used.
/usr/local/sbin/ssldump -i eth0
Shashank Khanvilkar wrote:
Yes.. i did use SSLdump, with the private RSA key to capture the trace.
Below is the command that i used.
/usr/local/sbin/ssldump -i eth0 -A -d -X -k $HOME/certificates/client.pem
port
I think ssldump has no option to dump the application data in hex.. but I
will
Shashank Khanvilkar wrote:
Yes.. i did use SSLdump, with the private RSA key to capture the trace.
Below is the command that i used.
/usr/local/sbin/ssldump -i eth0 -A -d -X -k
$HOME/certificates/client.pem
port
I think ssldump has no option to dump the application data in
26 matches
Mail list logo