On 10/10/16 23:56, Bernhard Rosenkraenzer wrote:
> Hi,
> I'm porting some code to OpenSSL 1.1 -- for the most part, it's going
> well, but there's some things I'm not sure about:
>
> - What replaces a direct access to "sha1_hash" in an X509? (found in Qt 5.7)
You could use X509_digest() to
Hi,
I'm porting some code to OpenSSL 1.1 -- for the most part, it's going well, but
there's some things I'm not sure about:
- What replaces a direct access to "sha1_hash" in an X509? (found in Qt 5.7)
So far, haven't come up with a proper alternative to this. Should the code be
refactored to
On 10/10/2016 08:30 AM, Ken Goldman wrote:
> On 10/6/2016 10:11 AM, Matt Caswell wrote:
>> make install_html_docs
>
> That somewhat worked.
>
> 1 - I get 100's of errors of the form
>
> /usr/bin/pod2html: -: cannot resolve L in paragraph 11.
>
Trying the install locally, at
$openssl version
returns:
OpenSSL 1.0.2j-fips
My FIPS module version is openssl-fips-2.0.13
$OPENSSL_FIPS=1 openssl md5 /dev/null
returns:
Error setting digest md5
140066569107136:error:060A80A3:digital envelope
routines:FIPS_DIGESTINIT:disabled for fips:fips_md.c:180:
$OPENSSL_FIPS=1
On 10/6/2016 10:11 AM, Matt Caswell wrote:
make install_html_docs
That somewhat worked.
1 - I get 100's of errors of the form
/usr/bin/pod2html: -: cannot resolve L in paragraph 11.
2 - The links, typically in "SEE ALSO" are not links.
3 - The back navigation at the
On Fri, Oct 07, 2016, Matthew Heimlich wrote:
> Which returns
>
>
> Attempting to set FIPS mode to 1...
> Last error was: 2d06b06f
> FIPS_mode_set failed: 2d06b06f
> FIPS mode is: 0???
>
> So it would appear that my FIPS mode is never even being set, and walking
> through the code would seem
On Fri, Oct 07, 2016, craig_we...@trendmicro.com wrote:
> I am trying to build a library of FIPS 2.0.12 and OpenSSL 1.0.2f for MIPS
> architecture on vxWorks. I am getting this error during the link step:
>
> ../libcrypto.a(bn-mips.o)(.text+0x700): In function `bn_div_3_words':
> : multiple
On Mon, Oct 10, 2016 at 2:47 PM, Ajay Garg wrote:
>
>
> On Mon, Oct 10, 2016 at 1:31 PM, Viktor Dukhovni <
> openssl-us...@dukhovni.org> wrote:
>
>>
>> > On Oct 10, 2016, at 3:52 AM, Ajay Garg wrote:
>> >
>> > If(BIO_should_read(socket->ssl_bio)
On Mon, Oct 10, 2016 at 1:31 PM, Viktor Dukhovni wrote:
>
> > On Oct 10, 2016, at 3:52 AM, Ajay Garg wrote:
> >
> > If(BIO_should_read(socket->ssl_bio) != 0)
> >
> > If(BIO_should_write(socket->ssl_bio) != 0)
>
> In Postfix, we don't bother
> On Oct 10, 2016, at 3:52 AM, Ajay Garg wrote:
>
> If(BIO_should_read(socket->ssl_bio) != 0)
>
> If(BIO_should_write(socket->ssl_bio) != 0)
In Postfix, we don't bother with the application layer ssl_bio,
and just do SSL_read()/SSL_write() directly. You only need this
Hi All.
I guess all my theories are bang on, as the entire framework was integrated
seamlessly making use of the above "theories".
Thanks a ton to everyone, and extra thanks to Viktor
Thanks and Regards,
Ajay
On 10 Oct 2016 6:34 a.m., "Ajay Garg" wrote:
> Thanks
Following works :
If(BIO_should_read(socket->ssl_bio) != 0)
If(BIO_should_write(socket->ssl_bio) != 0)
With this, I could get the entire end-to-end workflow to work
Thanks a ton for all the help !!!
On Mon, Oct 10, 2016 at 11:50 AM, Ajay Garg wrote:
> Hi All.
>
Hi Viktor,
I am already setting that.
socket->ssl_bio = BIO_new(BIO_f_ssl());
if (!(socket->ssl_bio))
{
HANDLE_CATASTROPHIC_INIT_ERROR("client-ssl-bio")
return;
}
SSL_set_connect_state(socket->ssl);
SSL_set_bio(socket->ssl, socket->inter_bio,
> On Oct 10, 2016, at 2:20 AM, Ajay Garg wrote:
>
>BIO *inter_bio; // intermediate-bio, have no idea
> what it really is used for.
The internal BIO from BIO_new_bio_pair must be attached to the SSL
handle via:
SSL_set_bio(ssl,
Hi All.
Taking the socket-structure as ::
#
SSL *ssl;
BIO *ssl_bio; // app-payload-bytes will be
written by app into it.
BIO *inter_bio;
15 matches
Mail list logo