Girish Venkatachalam wrote:
Try calling EVP_CIPHER_CTX_cleanup(ctx) at the end...
I have tried this, does not change the situation. gdb output is
200 EVP_EncryptInit(ctx, EVP_bf_ecb(), NULL, NULL);
(gdb) step
Program received signal SIGSEGV, Segmentation fault.
0xb7df82fb in
Have you tried with the EVP_EncryptInit_ex() family of functions ? I'm
not sure it would help much but it could be worth a try
Felix Dorner wrote:
Girish Venkatachalam wrote:
Try calling EVP_CIPHER_CTX_cleanup(ctx) at the end...
I have tried this, does not change the
Hi,
the following code executes once, and does fine. Calling the
function a
second time gives a segfault during the call marked by --
You may have inadvertantly corrupted the heap the first time
your code is executed. I suggest you put several assert statements
to ensure that memory
Dear all,
Using openssl (openssl 0.9.7), I have set up a CA and this CA has issued 2
certs - one for client and the other for the server. I have checked that
these certificates are ok.
I am attempting to write a SSL client-server program.
SSL Server:- Java. It has a keystore, which contains the
Dear all,
Using openssl (openssl 0.9.7), I have set up a CA and this CA has issued
2
certs - one for client and the other for the server. I have checked that
these certificates are ok.
I am attempting to write a SSL client-server program.
SSL Server:- Java. It has a keystore, which
Samy,
Thanksfor your reply. On the server side (Java), I have
explictly set client authentication to true.
ks.load(new
FileInputStream(KEYSTORE_FILE), passphrase);
kmf.init(ks,
passphrase);ctx.init(kmf.getKeyManagers(), null, null);ssf =
Okay. The question is:
You have a CA. Did you encode the CA:true attribute in it?
You created a server certificate signed by that CA. How?
You created a client certificate signed by that CA. How?
You have loaded the CA certificate into the server's keystore, and
marked it 'trusted'. Have you
Kyle,
How to check CA:true attribute?
The server cert was signed by using the openssl utility sign-server-cert. It
is provided in the openssl link. Same for client cert. The server cert and
the CA cert was loaded into the keystore and using keytool utility, we
checked that it is okay.
On the
Hello thereI've previously sent this to the mod_ssl list with no success. Sorry if you've seen it before:I have apache compiled on solaris with sun cc with mod_ssl-
2.8.25-1.3.34 and openssl-0.9.8a (I've also tried 0.9.7i and the nightly build).When accessing the site using Internet Explorer I
hi
I'm having problems with the OpenSSL SSL_CTX_load_verify_locations()
routine dumping core on Solaris 8 (sparc, 64-bit). I first noticed
this problem with Apache mod_ssl but it can be reproduced with a
minimal standalone C program which calls SSL_CTX_load_verify_locations
().
I've
I'm not much of an expert with any of this, but you may want to look at
some of the return values of some of the functions to make sure
everything is good, such as on EVP_EncryptFinal. Please take a look at
some code I did up last summer in C++ (but it is almost all C), located at
Dear all,
I am a student and am trying to setup a demonstration with TLS and DTLS support between a SIP client and a Proxy.
Has anyone some information regarding adding DTLS support for a SIP client/Proxy or a more generic one using OpenSSL. I just need it for demonstration purposes and so error
Hello ... where can I find OPENSSL for z/OS 1.4 ?? The IBM site directs me to the OPENSSL site but I do not see an OPENSSLversion specifically listed for z/OS ???
thanks so much for any info you can supply !!!
marian
You should take the
OpenSSL tar file for the version you want. All the materials you
need are there. once you un-tar, you should use the
command./Confgure OS390-Unix, and then make. I would recommend Perl
5.6.1, and you need GNU make.
Dave McLellan --Consulting Software Engineer - SPEA
It appears that the SSL_METHOD functions don't allow a server to
accept connections using either SSL or TLS, so it has to be either one
or the other.
Does anyone have a work around to allow both SSL and TLS connections
to be accepted?
-Chris Clark
Hello,
I am trying to obtain a MIME version of an S/MIME message...I can sign
and verify e-mail messages with the libraries provided. However when I
don't want to verify and I just want to receive the text with MIME
headers, it fails. It works fine when there is a valid certificate, but
if I
On Tue, Jan 31, 2006, Chevalier, Victor T. wrote:
Hello,
I am trying to obtain a MIME version of an S/MIME message...I can sign
and verify e-mail messages with the libraries provided. However when I
don't want to verify and I just want to receive the text with MIME
headers, it fails. It
On Tue, Jan 31, 2006, Chris Clark wrote:
It appears that the SSL_METHOD functions don't allow a server to
accept connections using either SSL or TLS, so it has to be either one
or the other.
Have you tried SSLv23_server_method()?
Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys:
Your client is trying to use SSLv2, or SSLv3, and the server is
configured to not allow that protocol. (Or, the server isn't
configured to use any protocol.)
I don't know the specifics of how to configure what you're doing, but
I do know that there are environment variables available to
On 1/31/06, Jason Williard [EMAIL PROTECTED] wrote:
I considered this as a possibility. The part that doesn't make sense is
that I was under the belief that OpenSSL v0.9.7i supports both SSLv2
SSLv3. Is this correct?
It does, yes, but by default there's no ciphers or protocol versions
The headers are text...and it works when there is a certificate present
and I do a normal verify, but when I just want to spit it out, no
go...any ideas?
Victor
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Dr. Stephen Henson
Sent: Tuesday, January 31,
On Tue, Jan 31, 2006, Chevalier, Victor T. wrote:
The headers are text...and it works when there is a certificate present
and I do a normal verify, but when I just want to spit it out, no
go...any ideas?
Well the error messages suggests it is type multipart/mixed.
Does the smime utility do
I somehow corrupted the ctx object by overshooting the malloced area as
Mark had pointed out.
The problem is solved now,
thanks, felix
__
OpenSSL Project http://www.openssl.org
User Support Mailing
Dear Pjothi,
Making an application TLS aware/TLS enabled is not
much trouble once you have access to the source code.
You have to set up the SSL/TLS server with proper
X.509 certificate and corresponding private key,
specify which protocol(in your case TLS v1) you want
to use and then call
Hello,
We are planning on using OpenSSL on an OpenBSD 3.8 platform to generate
RSA key pairs, sign them with our own CA and embed them in hard tokens.
I notice a question in the FAQ:
''Why does OpenBSD-i386 build fail on des-586.s with 'Unimplemented
segment type'?'' The answer makes me
The problem is this: DTLS code exists in OpenSSL somewhere, but it's
not documented.
-Kyle H
On 1/31/06, Girish Venkatachalam [EMAIL PROTECTED] wrote:
Dear Pjothi,
Making an application TLS aware/TLS enabled is not
much trouble once you have access to the source code.
You have to set up the
26 matches
Mail list logo
