Hi All,
Anyone know how many rules should be performed when build TLS connection?
I have some test case. The certificate time is not valid, validation failed.
But the certificate passed if the validity dates of the child certificate
are not contained within the validity
dates of the parent
Hi All ,
I am using the openssl version openssl-0.9.8d and installed . I
included openssl/include/openssl/ header files . but while accessing hmac.h
from my net-snmp i am getting some errors
mips64-octeon-linux-gnu-gcc -I../include -I. -I../snmplib -I../openssl/include
-mabi=64
Hi Anri:
Anri Lau wrote:
Hi All,
Anyone know how many rules should be performed when build TLS connection?
I have some test case. The certificate time is not valid, validation failed.
But the certificate passed if the validity dates of the child certificate
are not contained within the
Hi Patrick,
Thank you for your kindly reply.
I will do more research and test based on your advice. Actually, I want to
know which rules openssl has done, which should i implement in callback
function.
1.We make sure the chain we are going to build is present and that the first
entry is in
Hi Patrick,
Thank you for your kindly reply.
I will do more research and test based on your advice. Actually, I want to
know which rules openssl has done, which should i implement in callback
function.
The following are the rules implemented by openssl collected from source
code.
1.We make
I have wrote a multi-threaded server (UNIX) and I use OpenSSL for encrypting
communication between
the server and the client (the client is an MFC application, but I think this
doesn't matter...).
Server is running fine but randomly it crashes and every time in SSL_read()
method.
Here is a
Sorry for the fist post. It seems like I have some problems with the other
email client. A new try :)
I have wrote a multi-threaded server (UNIX) and I use OpenSSL for encrypting
communication between
the server and the client (the client is an MFC application, but I think this
doesn't
Anri Lau wrote:
Hi All,
Anyone know how many rules should be performed when build TLS
connection?
I have some test case. The certificate time is not valid, validation
failed. But the certificate passed if the validity dates of the child
certificate are not contained within the validity
Sorry again. I copied the dump from another core file and the disass was from
another:
The dump for that diisassembly snippet was:
#0 0x00c9b770 in SSL_read () from /lib/libssl.so.4
(gdb) bt
#0 0x00c9b770 in SSL_read () from /lib/libssl.so.4
#1 0x0805b27f in wns::ServerPort::pending
My initial idea would be that you're passing in an invalid pointer to
SSL_read. Does this happen with, say, openssl s_client?
Remember a couple of things:
1) You MUST use the proper version of the library (debug or release)
with the appropriate build setting in your project (debug or release).
Thanks for your reply.
I use OpenSSL 0.9.8g 19 Oct 2007.
I compiled the library from source on a Redhat Linux Enterprise. The output of
`uname -a`:
Linux www.mysite.com 2.6.9-55.0.2.ELsmp #1 SMP Tue Jun 12 17:59:08 EDT 2007
i686 i686 i386 GNU/Linux
The compiler used was the gnu c compiler, I
How are you creating an MFC executable on Linux?
-Kyle H
On Fri, Apr 18, 2008 at 4:29 AM, Ion Scerbatiuc [EMAIL PROTECTED] wrote:
Thanks for your reply.
I use OpenSSL 0.9.8g 19 Oct 2007.
I compiled the library from source on a Redhat Linux Enterprise. The output
of `uname -a`:
Linux
Problem:
It's looking for the path where openssl's make install would put the
header files. Specifically, it's looking for
../include/openssl/hmac.h.
Potential Solutions (choose 1):
(1) mv ../openssl ../include
(2) ln -s ../openssl ../include/openssl
(3) -I..
(4) (preferred to ensure that all
Hi all,
I test a chain of certificates by calling
X509_verify_cert( X509_STORE_CTX_variable ).
This function works fine, but it seems to me that it uses the current system
time to check the certificate expiration.
The problem is that I need to check the expiration against a defined checktime.
I'm not creating any MFC applications on linux. the client is for Windows
platform, but as I said I don't think the client matters. I also wrote some
client emulation on linux that emulates the behavior of the MFC clients and
the server still crashes.
- Original Message
From: Kyle
Hi Luzt,
On 18/04/2008, Lutz Jaenicke [EMAIL PROTECTED] wrote:
Anri Lau wrote:
Hi All,
Anyone know how many rules should be performed when build TLS
connection?
I have some test case. The certificate time is not valid, validation
failed. But the certificate passed if the validity
Hello to all, this is my first post here. Can anyone help me with the
following problem? After configuring and installing openssl, when I try to
compile openldap I get this error about libcrypto.a. What could be done to
solve this? And I apologize in advance if this post doesn't belong here.
ergh. My apologies for not catching that. You're right, it shouldn't
matter on the client side.
Okay... going back to basics (I'm sorry if this seems a bit
patronizing, I honestly don't intend it to be such), a segfault occurs
on a pointer dereference, trying to gain access to memory which is
How did you compile and install openSSL? Which version of OpenSSL are
you using?
-Kyle H
On Fri, Apr 18, 2008 at 6:20 AM, Rodrigo Castro [EMAIL PROTECTED] wrote:
Hello to all, this is my first post here. Can anyone help me with the
following problem? After configuring and installing openssl,
What is the command please to view the entire contents of a certificate?
Thank you,
Chuck
Kyle Hamilton wrote:
ergh. My apologies for not catching that. You're right, it shouldn't
matter on the client side.
Okay... going back to basics (I'm sorry if this seems a bit
patronizing, I honestly
openssl x509 -in cert_file_name -noout -text
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Chuck Aaron
Sent: April 18, 2008 10:35 AM
To: openssl-users@openssl.org
Subject: Openssl
What is the command please to view the entire contents of a
I have an application that is dynamically linked with openssl. I'd like
to load system installed openssl at runtime.
My application can only be as secure as the openssl loaded into the
process. What steps should I take to ensure my application doesn't load
a compromised openssl library that
I compiled openssl-0.9.8g like this:
./config -fPIC
make
make install
On Fri, Apr 18, 2008 at 11:34 AM, Kyle Hamilton [EMAIL PROTECTED] wrote:
How did you compile and install openSSL? Which version of OpenSSL are
you using?
-Kyle H
On Fri, Apr 18, 2008 at 6:20 AM, Rodrigo Castro [EMAIL
I have an application that is dynamically linked with openssl.
I'd like to load system installed openssl at runtime.
1) I'd like to use the system installed openssl rather than one I know is
secure.
My application can only be as secure as the openssl loaded into
the process. What steps
You need to use:
./config shared
This is the supported way to create a shared, dynamically-loadable library.
-Kyle H
On Fri, Apr 18, 2008 at 1:49 PM, Rodrigo Castro [EMAIL PROTECTED] wrote:
I compiled openssl-0.9.8g like this:
./config -fPIC
make
make install
On Fri, Apr 18, 2008 at
Thanks for your response. Shipping my own version of openssl is ruled
out. So I have to trust the system installed one. Think at least on some
Unix systems, LD_LIBRARY_PATH is searched first. I worry Trojan horses
hidden there. I am advised to zeroing-out this env variable before
loading openssl.
Thanks for your response. Shipping my own version of openssl is ruled
out. So I have to trust the system installed one. Think at least on some
Unix systems, LD_LIBRARY_PATH is searched first.
Right, this is beause:
1) A library cannot do any harm the user could not do directly. So there's
no
27 matches
Mail list logo
