* derleader mail on Monday, May 02, 2011 8:14 PM
> > But what exactly do you want to know? If you can use SSL and
> > Blowfish?
> > It does not appear in http://www.openssl.org/docs/apps/ciphers.html.
> >
> Yes the web site and the book about the OpenSSL is outdated.
Does TLS spec nowadays define
>> If I decide to go with openssl and blowfish what are the
>> potential threats?
>
>Yes, heaps of.
>You might consider asking more detailed.
>
>> Is there another security mechanism that I can use with blowfish?
>
>Of course...
>But what exactly do you want to know? If you can use SSL
> If I decide to go with openssl and blowfish what are the
> potential threats?
Yes, heaps of.
You might consider asking more detailed.
> Is there another security mechanism that I can use with blowfish?
Of course...
But what exactly do you want to know? If you can use SSL and Blowfish?
It does
>> > I'm going to use stream protocol - TCP/IP. Here is the
>> template source
>> > code of the server without the encryption part
>>
>> We mean application protocol.
>>
>> > while (1) {
>> > sock = accept(listensock, NULL, NULL);
>> > printf("client connected to child thread %i with
* owner-openssl-us...@openssl.org
> What is the purpose of the project?
>
> This is a open source project - I need a way to monitor a
> huge number of servers - monitor CPU load, RAM load, HDD
> load, installed packets and etc.
Why not using http://www.nagios.org/?
> The data which will gathe
>
>> On 5/1/2011 1:34 AM, derleader mail wrote:
>>
>> > I'm going to use stream protocol - TCP/IP. Here is the
>> template source
>> > code of the server without the encryption part
>>
>> We mean application protocol.
>>
>> > while (1) {
>> > sock = accept(listensock, NULL, NULL)
>> So I need a high performance solution that can handle many connections
>> with little server load.
>>
>> 1. SSL is a good solution but is not high performance - it's more
>> suitable for encryption of a web page. When establishing connection more
>> that 100 connections are used to perf
>Don't you know how much data you've read that you're about to decrypt?
>
>in your code template, you showed the sendign routine doing...
>
> nread = recv(sock, buffer, 25, 0);
>
>isn't the recieving routine doing somethign similar? well, nread would
>be the length you need, no?
Y
>> I'm going to use stream protocol - TCP/IP. Here is the template source
>> code of the server without the encryption part
>
>We mean application protocol.
>
>> while (1) {
>> sock = accept(listensock, NULL, NULL);
>> printf("client connected to child thread %i with pid %i.\n",
>> pthrea
On Sun, May 1, 2011 at 5:28 PM, derleader mail wrote:
> >What protocol are you using?
> What I mean is application layer protocol. But since in your example,
> you're using your own protocol,
> why not send both length and data.
> Example.
> <4 byte len field><0..2^32-1 data field>
>
> Then in yo
>What protocol are you using? What I mean is application layer protocol. But
>since in your example, you're using your own protocol, why not send both
>length and data.
Example.
Then in you receiving end, do
recv 4 bytes, get length, and recv until received data equals to length.
Hi,
>What protocol are you using?
What I mean is application layer protocol. But since in your example, you're
using your own protocol,
why not send both length and data.
Example.
<4 byte len field><0..2^32-1 data field>
Then in you receiving end, do recv 4 bytes, get length, and recv until
recei
The encrypted output is not a NULL terminated string so strlen will not work.
>> EVP_DecryptUpdate(&ctx, (unsigned char *)plaintextz, &out_len,
(unsigned char *)ciphertext, strlen(ciphertext));
Use the length output from the encryption part.
Thank you very much for
On Sun, May 1, 2011 at 1:48 AM, derleader mail wrote:
>
> Hi,
>
> The encrypted output is not a NULL terminated string so strlen will not
> work.
>
> >> EVP_DecryptUpdate(&ctx, (unsigned char *)plaintextz, &out_len, (unsigned
> char *)ciphertext, strlen(ciphertext));
>
> Use the length output fro
Hi,
The encrypted output is not a NULL terminated string so strlen will not work.
>> EVP_DecryptUpdate(&ctx, (unsigned char *)plaintextz, &out_len,
(unsigned char *)ciphertext, strlen(ciphertext));
Use the length output from the encryption part.
Thank you very much for the
15 matches
Mail list logo