Re: SSL attack scenario

Wikipedia is right in principle, but doesn't cover the case of TCP hijacking. By reliable delivery guarantee, it means the transport layer, once the data has left the application layer (i.e when is placed on the wire). Of course no guarantees are offerred for the application layer, where the

Re: SSL_write retruns with SSL_ERROR_WANT_WRITE on a non-blocking socket. Do I need to re-insert the same data when socket is ready.

See inlined answers. Next time don't truncate the thread. To make it clearer. Select or poll will return as soon as the socket is writable. However, SSL still needs to negotiate keys and encryption with the peer before you can exchange any data. This is handled transparently for you in each

Re: SSL_write retruns with SSL_ERROR_WANT_WRITE on a non-blocking socket. Do I need to re-insert the same data when socket is ready.

: SSL_write retruns with SSL_ERROR_WANT_WRITE on a non-blocking socket. Do I need to re-insert the same data when socket is ready. Nikos Balkanas wrote: To make it clearer. Select or poll will return as soon as the socket is writable. However, SSL still needs to negotiate keys and encryption

Re: SSL_write retruns with SSL_ERROR_WANT_WRITE on a non-blocking socket. Do I need to re-insert the same data when socket is ready.

Hi, To make it clearer. Select or poll will return as soon as the socket is writable. However, SSL still needs to negotiate keys and encryption with the peer before you can exchange any data. This is handled transparently for you in each SSL_write call. Therefore SSL replies to you Yes the

Re: Openssl Memory leak

shouldn't leave any allocated memory, about 12 kb ram is still allocated. 2009/5/5 Nikos Balkanas nbalka...@gmail.com Hi, Check the return value of SSL_shutdown(ssl). Sometimes it needs up to 4 iterations to complete due to internal state machine. It completes when the value != 0

Re: Openssl Memory leak

Hi, Check the return value of SSL_shutdown(ssl). Sometimes it needs up to 4 iterations to complete due to internal state machine. It completes when the value != 0. Hope it helps. BR, Nikos - Original Message - From: Fabian Bergmark To: openssl-users@openssl.org Sent:

Re: I want you to do my homework for me.

Hi, Isn't the abusive language and attitude used by Miguel good reason to ban him/her from this group? Although it was taken as humorous in the beginning, it seems that a lot of users were put off by his message. BR, Nikos - Original Message - From: Robert Butler To:

Re: I want you to do my homework for me.

Yes, mistress. Immediately. - Original Message - From: Miguel Ghobangieno mikee...@yahoo.com To: openssl-users@openssl.org Sent: Sunday, May 03, 2009 10:14 AM Subject: Re: I want you to do my homework for me. Libssl should be rewritten in java on ruby upon rails (the bottom rail,

Re: Bind Jamming Port

Hi, Sounds like you are not closing the port when exiting. If you do a netstat what state do you see ? CLOSE_WAIT? BR, Nikos - Original Message - From: Michael Lawson (mshindo) To: openssl-users@openssl.org Sent: Thursday, April 16, 2009 2:04 PM Subject: Bind Jamming Port

Re: apache http server not connecting to correct open ssl --urgent help needed

Hi, I imagine you are using a Solaris 10 machine. You also need to load different versions of the same library. You need to set the correct LD_LIBRARY_PATH. For 2.0.55 include in the LD_LIBARY_PATH your 0.9.8b libraries (libssl, libcrypto). For the 2.0.63 include your 0.9.8i libraries path

Re: apache http server not connecting to correct open ssl --urgent help needed

: Nikos Balkanas nbalka...@gmail.com Sent: Apr 3, 2009 7:11 AM To: openssl-users@openssl.org Cc: openssl-...@openssl.org Subject: Re: apache http server not connecting to correct open ssl --urgent help needed Hi, I imagine you are using a Solaris 10 machine. You also need to load different versions

SSL_write problem

Hi, I would like to ideally use non-blocking SSL_read and blocking SSL_write. Is this possible with BIO_set_nbio? What should the underlying socket be in that case? If this is not possible, as I suspect, i have the problem that the non-blocking SSL_write with select, will stall after first

Re: SSL_write problem

aerow...@gmail.com To: openssl-users@openssl.org Sent: Tuesday, March 31, 2009 3:13 AM Subject: Re: SSL_write problem SSL_CTX_set_mode(ssl, SSL_MODE_AUTO_RETRY); 2009/3/30 Nikos Balkanas nbalka...@gmail.com: Hi, I would like to ideally use non-blocking SSL_read and blocking SSL_write

Re: Linking with mingw on Windows

Hi, RSA_new is defined in libcrypto. It is obviously not defined in libeay32. You can check it with nm libeay32.a | grep RSA_new. Then you should probably get a good copy of libcrypto. BR, Nikos - Original Message - From: Kenneth Goldman To: openssl-users@openssl.org Sent:

DES_CBC_40 question

Hi, I have implemented DES_CBC encryption/decryption. I would like now to include also support for DES_CBC_40. Code is in C and I am using the des_ncbc_encrypt function. I imagine the same function can be used for the 40 bit version. What changes are needed to do this? Is there a place with

des_ncbc_encrypt question

+ 1640 $24 = (uchar *) 0x75c6d0 *ξΥΰl:=8υ\n\236\236π\006\006\006(VχR (??) Everything is fine except for the trailing (VχR. Any ideas or pointers of what is wrong, would be greatly appreciated. Thanx, Nikos Balkanas

Re: des_ncbc_encrypt question

...@openssl.org] On Behalf Of Nikos Balkanas Sent: March 8, 2009 1:20 PM To: openssl-users@openssl.org Subject: des_ncbc_encrypt question Hi, I am using des_ncbc_encrypt to encrypt/decrypt packages in a server/client architecture (CBC mode). When I test encryption/decryption from within the server I