Peer certificate doesn't survive i2d_SSL_SESSION / d2i_SSL_SESSION

2011-05-09 Thread Arno Garrels
Hi *, After a d2i_SSL_SESSION() session has been successfully resumed SSL_get_peer_certificate() returns NULL. Am I doing something wrong or is that the expected result? Thanks in advance. -- Arno Garrels __ OpenSSL Project

Re: Peer certificate doesn't survive i2d_SSL_SESSION / d2i_SSL_SESSION

2011-05-09 Thread Arno Garrels
Arno Garrels wrote: Hi *, After a d2i_SSL_SESSION() session has been successfully resumed SSL_get_peer_certificate() returns NULL. Am I doing something wrong or is that the expected result? Sorry, wrong test case, it actually works. -- Arno Garrels

RE: Initialization Vector for EVP_rc4() ?

2011-05-09 Thread PMHager
This is contrary to the specification: The total length of an Enhanced Provider symmetric key and its salt value cannot be greater than 128 bits. So, I think this salt value should not have any influence, as the bits you can set are the trailing bits between the reduced key size and the one the

Re: Multiple connection from 1 client

2011-05-09 Thread Harshvir Sidhu
Hi, I used the following code to change the socket to non blocking, but its still not successful, now its not even able to complete SSL_Accept. I am changing the socket option for the accepted socket. unsigned long iMode = 1; int nReturn = ioctlsocket(sock, FIONBIO, iMode);

Re: Multiple connection from 1 client

2011-05-09 Thread Gayathri Sundar
Hi., Yes, once you make the socket noblocking, your current ssl API,s will not work. that is why I asked you to write the asynchronous state machine. Go thro the man pages for ssl accept, ssl read, ssl write for non blocking cases. You need to handle special cases called want read and write

Re: Multiple connection from 1 client

2011-05-09 Thread David Schwartz
On 5/9/2011 6:27 AM, Harshvir Sidhu wrote: Also i suspect, that if i change the socket to non blocking, then my current read write code will not work. i mean the one in which i use FD_SET and select to perform operations. Thanks. It's very easy to get things wrong and it won't work

Re: command line to c++ code

2011-05-09 Thread lists
On 04/13/2011 07:16 PM, luis hernandez wrote: Hi I do not know if you have talk about this here, but I can not find the answer. How to translate a command line commandt to a c++ code? For instance if at commandd prompt i do this: openssl x509 -inform DER -in cert.cer There is no single

Re: Multiple connection from 1 client

2011-05-09 Thread Eric S. Eberhard
Harsh, I would take up his offer of help. Socket control over multiple sockets is tricky code and very specific to what you are trying to do. My environment is single threaded and does similar things to yours -- but as Gayathri said, there are many details and exceptions and although with

RE: Create cert with SHA1: now unexplained window-full and RST?

2011-05-09 Thread Dave Thompson
From: owner-openssl-us...@openssl.org On Behalf Of Moisés Barba Pérez Sent: Thursday, 05 May, 2011 14:52 Firstly I apologize for my insistence about this topic but it is very important to me. I cleared my head a little and I'm exposing my issue again: