Hi,
In one of our customer environment I am always getting the following
stack error and my process always hangs here. Does anyone have any idea?
I found that OPENSSL_cleanse is not thread safe from the google search.
Ref:
http://fixunix.com/openssl/155271-openssl_cleanse-threadsafe-routine.htm
l
Sorry for my bad english, it crashes, it doesn't hang.
It is not true I don't handle errors.
The SSL_write always returns a positive value (the number of bytes I'm
trying to write), which means there has not been an error.
The SSL_get_error called with a positive value always returns
Sorry for my bad english, it crashes, it doesn't hang.
Then compile with '-g' and run 'gdb' on the core dump. Post the output of
the 'where' command.
DS
__
OpenSSL Project
Hi there,
Thanks for your help guys. And especially thanks for that info call back
routine - very handy! :o)
I've found out what's going on. As David suggested, it has infact already
written a client hello and now wants to read the response. I simply
never thought to check if OpenSSL had put
This is what you requested:
(gdb) run
Starting program: /home/develop/test/bin/sslTest
h:127.0.0.1
port:16001
SSL Connection opened
start op
w: 7
start op
w: 7
start op
w: 7
start op
w: 7
start op
w: 7
start op
w: 7
start op
Program received signal SIGPIPE, Broken pipe.
0x4011f41e in write
On Tue, Feb 12, 2008 at 08:34:20PM -0500, Jeff wrote:
I have some Fedora 5 systems on which I'd like to upgrade openssl. I'm
currently running 0.9.8a-5.4, which is reported by yum as the latest
version:
Many O/S vendors backport bugfixes from OpenSSL patch releases,
so, for example, instead
On Wed, Feb 13, 2008 at 12:40:18AM -0500, Nabil Ghadiali wrote:
Can someone help me with the command to generate a self-signed certificate
using openssl?
I have used the following steps and when I get a certificate and open up it
says the signature is invalid. Am I missing something?
Hello!
I am unable to determine why I can't load private key using the following
code:
-
FILE* file = fopen(keyFile, r);
if(!file){
fprintf(stderr, Failed to open file %s.\n, keyFile);
I'm a relative newcomer to OpenSSL so I apologize in advance if this has
been asked before.
I'm trying to get an OpenSSL client to accept only a *specific* server
certificate as opposed to it accepting any certificate that is issued by
a given CA.
I need to skip the hostname check - the
Is it possible to to 3des ofb operations. i am trying to create some test
data to test my own 3des-ofb function.?
is it enough that if you encrypt the data twice it decrypts itself?
thanks
--
View this message in context:
http://www.nabble.com/OFB-triple-des-help---tp15449131p15449131.html
Dear All;
Please tell me how COMP_CTX_free(COMP_CTX *ctx) will work. Actually I
saw in function COMP_CTX_free(COMP_CTX *ctx) we are using function
OpenSSL_free().But I saw no definitions of OpenSSL_free(). Then how this
function is working.How UNIX and Window Platform taking(Mapping)
On Wed, Feb 13, 2008 at 07:26:52PM +0530, Ajeet kumar.S wrote:
Please tell me how COMP_CTX_free(COMP_CTX *ctx) will work. Actually I
saw in function COMP_CTX_free(COMP_CTX *ctx) we are using function
OpenSSL_free().But I saw no definitions of OpenSSL_free(). Then how this
function is
On Tue, Feb 12, 2008 at 04:33:49PM -0500, Cooper, Andy wrote:
Now, on the client I'm trying to make sure that only the certificate
I've created is valid and that any other certificate is not valid. What
I'm seeing is that the client doesn't seem to care about the server
certificate as long as
Program received signal SIGPIPE, Broken pipe.
You need to either catch or ignore SIGPIPE.
There is also the output of the program. I think the focus should
not be on the call the caused the crash, but on the call before,
which returned 7 even if the connection was closed.
There's nothing
Bob Bell (rtbell) wrote:
[...] (for
instance Certicom has a patent on having an ECC public key in an X.509 cert
signed using RSA) [...]
This patent really can not hold water if challenged (if the content's
actually what's described here).
This is what x509 has been designed to allow, also prior
Victor,
Thanks for the reply. openssl version reports:
OpenSSL 0.9.8a 11 Oct 2005
Looks like I should take this up with the folks at Fedora...
Best,
-Jeff
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Victor Duchovni
Sent: Wednesday, February 13,
Can you be more specific about what your problem is? The cert appears
to be a self-signed cert.
The command openssl x509 -in test.pem -noout -text generates:
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
d2:4e:d0:af:62:63:da:1b
Signature
On Wednesday 13 February 2008 09:58:08 Nabil Ghadiali wrote:
I saved the base64 encoded text in a file with an extension .cer and then
double-clicked it. Microsoft recognizes it is a certificate and opens it up
in a certificate viewer.
Over here it says The integrity of the certificate cannot
I saved the base64 encoded text in a file with an extension .cer and then
double-clicked it. Microsoft recognizes it is a certificate and opens it up
in a certificate viewer.
Over here it says The integrity of the certificate cannot be guaranteed.
The certificate may be corrupted or may have
Ahh ok. That means that even if the signature is valid, it will show up like
that.
Thanks,
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Patrick Patterson
Sent: Wednesday, February 13, 2008 10:07 AM
To: openssl-users@openssl.org
Subject: Re: ECC
On Wed, Feb 13, 2008 at 10:54:53AM -0500, Jeff wrote:
Victor,
Thanks for the reply. openssl version reports:
OpenSSL 0.9.8a 11 Oct 2005
Looks like I should take this up with the folks at Fedora...
Yes, and most likely this is not actually the original 0.9.8a. It is
most likey 0.9.8a
I've signed and consumed ECC certs just fine. My only problem is that
when I specify a hash algorithm like SHA-256, OpenSSL falls back to
the default SHA-1 for self-signed certs only.
On Feb 13, 2008, at 7:13 AM, Nabil Ghadiali wrote:
Ahh ok. That means that even if the signature is
Hello,
I have a simple client-server program and am using blowfish. I'm using the
EVP_* routines to initialize, encrypt, and decrypt. Variable-length data is
taken in from the client through stdin and sent to the server socket after
encryption. One question I have is how I clear what's already
23 matches
Mail list logo
