Re: SSL_OP_NO_QUERY_MTU problem in openssl 1.0.0.e
On Oct 19, 2011, at 11:45 PM, Oleg Moskalenko wrote: Hi I installed the new OpenSSL version and I immediately ran into a problem with DTLS: when the option SSL_OP_NO_QUERY_MTU is set, then the SSL_connect command produces a segmentation fault. Have you tried the first bug fix available at http://sctp.fh-muenster.de/dtls-patches.html It should address the problem. It will be included in the next release. I am using Linux Ubuntu 11.04. If I want to use my own discovered MTU, then I have to use that option. Otherwise, the system would ignore my MTU and use whatever the IP_MTU getsockopt on UDP socket returns. Unfortunately, I am using different platforms, and MTU discovery is supported in OpenSSL only on Linux platform. I need it working on FreeBSD, too, and I have to discover MTU myself. Is this a known bug ? Yes... By the way, are there any plans to support FreeBSD MTU discovery ? We have a patch which adds PMTU discovery and used DTLS heartbeats for that. Once the heartbeats are approved as an RFC we will contribute code for that and the PMTU stuff. Best regards Michael Thanks ! Oleg Moskalenko __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Problem with Server-Client Sessions with SSL proxy
Hi all, Problem seems very wired to me. please bear some deficiency in explaining the problem I am writing one Small HTTPS proxy (trasparent proxy only ) for study work. Client(IE)---Encrypted traffic--- || ClientSocket ---Plain text ServerSocket --Encrypted traffic--Https_WebServer In short I am doing man in middle for HTTPS content filtering... and I have chosen OPEN SSL for that. Well I am redirecting port 443 traffic to my tcp listener which get all incoming SSL traffic , i am making outbound connection for this client connection using another socket, and reading data between for some kind of content filtering. I have generated my selfsign CA, Private Key and using them for generating server certificate to present to client. ISSUE: Its works fine with some sites like https://encrypted.google.com https://twitter.com Where I am able to present newly generated certificate for each site and signed with my CA. (I have added my Self Signed CA cert in client browser) But with FaceBook, I am facing problem. Facebook webpage is making few sessions a248.e.akamai.net , tcpdump shows that akamai.net is sending server certificates only NO CA certificate in their certificate chain. With extension one of them is (keyUsage: keyEncipherment) while I am representing my made of this server certificate (with this keyUsage exetension), browser is rejecting my certificate by throwing error that Bad Certificate. -- I can send code/pseudo code, tcpdump captures/Pcaps if some anybody want. I am pulling my hair for days .. for making it work for facebook. --- I have tried X509_new() , by directly generating certificate and also tried by X509_REQ (first making certificate req and then certificate creation by X509_new) -- Any indication/direction would be appreciate. - Thanks Saurabh Pandya __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
OpenSSL Engine - configurable ciphers/digests
Hi, I need some help with a special case: a dynamic engine with non-static or configureable ciphers. While I do not use cryptodev, the code provides a good example of the intial problem: http://cvs.openssl.org/fileview?f=openssl/crypto/engine/eng_cryptodev.cv=1.23 I basically have it working, but there is a problem, during the first call to af_alg_ciphers() I have to list all ciphers the engine *could* support or none, as af_alg_ctrl() gets called later. If I respond with all ciphers, OpenSSL will assume I support all of them, and bail out unfriendly if told later on a given cipher is not supported in af_alg_ciphers(). If I claim there are no supported ciphers during this initital call to af_alg_ciphers(), the auto-engine loading feature via openssl.cnf does not work and software using openssl may require modifications to use the engine. The code and instructions for my engine is available here: http://src.carnivore.it/users/common/af_alg/ The comments for cryptodev_usable_ciphers and cryptodev_usable_digests show there is a demand for a way to configure the ciphers/digests run by the particular engine. How to do it properly? I want this to be a runtime option, not a compile time option. MfG Markus __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
FIPS_mode_set call fails
Hello, I just want to ask for help on a point. I have openssl 0.9.8r development version and just build the FIPS 1.2.3 modules.When I call FIPS_mode_set(1) in my application , it always returns 0. What I have done so far is the following: *I have set up perl *I have downloaded the openssl fips 1.2.3.tar.gz and open that manually *build that with the command ms\do_fips no-asm *I have found the file fipscanister.lib and linked that to my application Now I have no error while building the applicaiton or calling the function but it always returns 0. And when call the FIPS_mode it is 0. I am using Microsoft Visual Studio2010. My operating system is Windows XP 32 bits. Could ypu please give an idea , am I missing something?? and also on web I have found that I am supposed to use fipslink.pl to statically link FIPS module to my application. and do not know how to do that? or may it be the problem?? Many thanks and regards, Banu Software Developer
Help Needed: SSL Connect starting from a weird state
We've been running our SSL code for a while now with no issues. But
recently one of our developers started encountering this problem.
We did the best we could to troubleshoot to no avail. I know the
problem is not OpenSSL and it's something we're doing incorrectly,
probably at the start up.
The problem:
SSL completed without having done a single send or receive during the
handshake.
What we get in the print out, after issuing SSL_connect() is this:
Printout:
18:13:56.925 [4228] connect
18:13:56.927 [4228] SSL nonblock rc:-1 shutdown:0 state:23WCHA
(from:UNKWN )
18:13:56.928 [4228] ssl_err:5 SSL_ERROR_SYSCALL
The rough version of the code printing the above is this:
printf(connect\n);
const char *fromState = SSL_state_string(mSsl);
rc = SSL_connect(mSsl);
printf(SSL nonblock rc:%d shutdown:%d state:%s (from:%s)\n,
rc,
SSL_get_shutdown(mSsl),
SSL_state_string(mSsl),
fromState);
int ssl_error = SSL_get_error(mSsl, rc);
switch(ssl_error)
{
case SSL_ERROR_SYSCALL:
printf(%d SSL_ERROR_SYSCALL\n, SSL_ERROR_SYSCALL);
...
What I would expect to see would be something along the lines of the
following:
SSL nonblock rc:1 shutdown:0 state:SSLOK (from:UNKWN )
or
SSL nonblock rc:-1 shutdown:0 state:SSLOK (from:SSLOK )
For additional debugging I have enabled callbacks using the following
too:
SSL_set_msg_callback
And I see a lot of that happening but not in this case.
In this particular case, after switching the destination IP and port all
we get is what I showed you. Not even one single byte is exchanged
anywhere.
Looking inside ssl_stat.c I see the following:
case SSL23_ST_CW_CLNT_HELLO_A: str=23WCHA; break;
Looking inside s23_clnt.c I see these lines near the beginning of
ssl23_client_hello():
buf=(unsigned char *)s-init_buf-data;
if (s-state == SSL23_ST_CW_CLNT_HELLO_A)
How can my code start in this state?
Any hints would be appreciated.
thanks
jeff
RE: Failing to verify the certificate of one specific site
From: owner-openssl-us...@openssl.org On Behalf Of Lucas Clemente Vella Sent: Wednesday, 19 October, 2011 22:44 snip: connect to graph.facebook.com:443 using cafile=DigiCertHighAssuranceEVRootCA.crt gets rc=20 Then I found this directory in my system, /etc/ssl/certs, containing my installed CA roots, which I provided to OpenSSL, instead of the certificate file: and got rc=0 It seems to me that there is one certificate installed in /etc/ssl/certs, which is different from the on I was providing, that is being used to verify the host. If it is so, how can I know what certificate is being used? And why Firefox and Chrome both use the former certificate I provided, while OpenSSL is unable to use it for the same host? s_client shows that host is providing a chain which has at #2 Digicert High Assurance EV Root CA not actually a root but instead isssued by Entrust.net Secure Server Certification Authority. Such a cert with SHA1 99A6 9BE6 1AFE 886B 4D2B 8200 7CB8 54FC 317E 1539 found at www.entrust.net Download roots does verify the chain, and is in my Windows/IE(7) and FF3.6 and Java(6u24) truststores out of the box, so if your /etc/ssl/certs was put together with the usual suspects (a la Casablanca) very likely it's in there. The #2 from graph.facebook.com and the root from digicert.com have the same public key and keyid so either one can verify the children (which (both) have AKI.keyid). I don't know why both forms exist and I don't see anything obvious on the Digicert website about it. The dates are different: the #2 is 20061001 to 20140726 while the true root is 20061110 to 2030; possibly digicert initially got cross-signed by entrust and then established their own root(s). __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: SSL documentation
From: owner-openssl-us...@openssl.org On Behalf Of Jakob Bohm Sent: Wednesday, 19 October, 2011 06:04 On 10/19/2011 6:10 AM, Mohan Radhakrishnan wrote: Hi, Is there any material available that shows flows of one-way/two-ssl and different types of CA architectures ? We use two-way SSL and generate CSR's and update expired certificates and we are aware of the basic points. I am not sure what you mean by one-way SSL. In context I'm sure he means server (only) authentication versus server and client authentication, which is commonly called just client auth or client cert since to users that is the visible difference. (There are suites with no auth at all -- A[EC]DH, KRB5, PSK -- but they are rarely used.) The TLS RFCs (2246, 4346, 5246) show the maximal message flow, with description of which messages are omitted (or varied) in various cases. I don't know anything that lays out all the cases separately. 4158 describes and pictures several possible CA architectures, although some of them are IMHO not very practical. SSL does not deal with CSRs at all, those are used for CA operations and obtaining certificates, snip SSL/TLS the protocol does not, but OpenSSL does. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
