you might want to take a look at the functions
SSL_pending - (tells you there is data to read on the SSL socket
before trying to read )
BIO_pending
Perry
Milan Křápek wrote:
Hi, I have a question. I have multithread system, with non blocking I/O and perhaps 100 connections to servers. I
I have had issues with this before using windows. Add
CRYPTO_malloc_init();
the the begining of your code I have an IntOpenssl function I do this
and the other OpenSSL stuff in.
Then switch your file pointers to BIO's I found this makes windows.
Perry
[EMAIL PROTECTED] wrote:
Hi,
I'm
sends it to me anyway. I realy
need a way to set this option in Java if there is one?
Thanks,
Perry
--
Perry L. Jones (Software Engineer)
E-mail: [EMAIL PROTECTED]
Phone: (315) 838-7038
Fax: (315) 838-7196
Dolphin Technology Inc.
474 Phoenix Drive
Rome, NY 13441-4911
smime.p7s
Description
Hello,
I have the following code nothing fancy just opening a pkcs12 file and
then trying to free every thing. when I run the code though purify I
get an error on sk_X509_pop_free, Freeing unallocated memeory, Freeing
memory read. If I don't uses sk_X509_free I get a memory leek but I
Hello,
Does anyone still uses openssl on IRIX?
Was 0.9.7x every tested on IRIX? I can get 0.9.6 working but not 0.9.7
were the IRIX structor carried over from 9.6 to 9.7? ( that SSL sockets
working on 9.6 but not 9.7 )
I ok if 0.9.7 is not supported on IRIX but I would really like to know
I have an issue with openssl on IRIX it SSL_connect work if I uses 9.6
but does not work if I uses 9.7i?
I am testing using the s_client and s_server all is happy when I uses
9.6 but if I uses 9.7i the s_client fails to connect to the server.
Client info:
CONNECTED(3)
wrtie:error=0
Hello,
I have some client server SSL socket code that works on Solaris, Linux,
and WinXP but It does not work on IRIX. I was hopping someone might be
able to help me figure out why. I am getting the error
SSL_ERROR_SYSCALL returned from SSL_connect.
example code:
ret = SSL_connect(
if set to 0 it will verify the whole cert chain of any length. root -
CA1 - CA2 -EE
if set to a number greater then 0 it will verify only chains of that
length or less. If the cert chain is greater then the given number
validation will fail.
In the case below I would think that it would
maybe you have not added the extra CA/root certs to the CTX?
SSL_CTX_add_extra_chain_cert( ctx, x509Cert )
Perry
[EMAIL PROTECTED] wrote:
[EMAIL PROTECTED] wrote:
11041:error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad
certificate:s3_pkt.c:1052:SSL alert number 42
Hello,
The man page for smime says that openssl does not support smime version
3. Under the BUGS section.
http://www.openssl.org/docs/apps/smime.html
Does anyone know if there is any work being done to support smime
Version 3?
If not is there possible another C api that already has
of the email message header.
If the issue comes back to being SMIME I will try to provide you with
more details.
Thanks,
Perry
Dr. Stephen Henson wrote:
On Fri, Mar 03, 2006, Perry L. Jones wrote:
Hello,
The man page for smime says that openssl does not support smime version
3. Under
I was not able to get windows stuff working until I added
CRYPTO_malloc_init();
before
SSL_library_init and OpenSSL_add_all_algorithms
hope that helps.
Perry
Szabolcs Berecz wrote:
Hi!
I'm not sure if you received this message, so I resend it:
I'm trying to parse a PKCS7 structure and
ccounter like seen in
SSL_CTX_use_PrivateKey or is there a better why?
Thanks,
Perry
Perry L. Jones wrote:
How do I dup a private key there is an X509_dup but I don't see a
EVP_PKEY_dup ?
Thanks,
Perry
__
OpenSSL Project
Thank You..
Dr. Stephen Henson wrote:
On Wed, Jan 04, 2006, Perry L. Jones wrote:
If I take a look at the code for SSL_CTX_use_PrivateKey() I see a
reference counter used. My code would work using the reference counter
but since the reference counter functions and structure members
How do I dup a private key there is an X509_dup but I don't see a
EVP_PKEY_dup ?
Thanks,
Perry
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
Is it possible you need one of these function. I has having trouble
opening p12 files under windows until I added CRYPTO_malloc_init() to my
main.
Other possible inits are:
CRYPTO_malloc_init();
SSL_library_init();
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
SSL_state to check for some shutdown state?
Thanks,
Perry
Victor Duchovni wrote:
On Mon, Dec 19, 2005 at 11:22:11AM -0500, Perry L. Jones wrote:
I have some questions about shutting down an SSL connection.
The correct use of SSL_shutdown() is described in the SSL_shutdown
Hello,
I have some questions about shutting down an SSL connection.
I am using TLS for the communication protocol and I am doing the
following to close my SSL socket.
if( (SSL *)NULL != *sslSocket )
{
if( SSL_ST_OK == SSL_state( *sslSocket ) )
{
SSL_shutdown( *sslSocket );
to check for some shutdown state?
Thanks,
Perry
Victor Duchovni wrote:
On Mon, Dec 19, 2005 at 11:22:11AM -0500, Perry L. Jones wrote:
I have some questions about shutting down an SSL connection.
The correct use of SSL_shutdown() is described in the SSL_shutdown
manpage. Read the whole
as posted before you can run the command
openssl ciphers -v
and it will print a list for you.
Perry
stone wrote:
Hi:
Can anybody tell me where can i find the cipher list of SSL in the
files of openssl? I mean the combination of algorithms which the
server support during a handshake. I
Anyone have an idea about why the following d2i_PKCS12_fp code fails in
windows using openssl 0.9.7c? It works find in Unix/Linux.
FILE *fp = (FILE *)NULL;
PKCS12 *p12 = (PKCS12 *)NULL;
fp = fopen( p12file, r );
if( (FILE *)NULL != fp )
{
p12 = d2i_PKCS12_fp( fp, (PKCS12 **)NULL );
, 2005, Perry L. Jones wrote:
Anyone have an idea about why the following d2i_PKCS12_fp code fails in
windows using openssl 0.9.7c? It works find in Unix/Linux.
FILE *fp = (FILE *)NULL;
PKCS12 *p12 = (PKCS12 *)NULL;
fp = fopen( p12file, r );
if( (FILE *)NULL != fp )
{
p12 = d2i_PKCS12_fp( fp
Hello,
I want to be able to handle unclean closing of an SSL socket. I have a
client server applications and if the client dies for some reason I want
to be able to check the SSL connection on the server side and then clean
things up.
I have tried using the SSL_state() command but when my
at 10:28:09AM -0500, Perry L. Jones wrote:
Hello,
I want to be able to handle unclean closing of an SSL socket. I have a
client server applications and if the client dies for some reason I want
to be able to check the SSL connection on the server side and then clean
things up.
I have tried
Dr. Stephen Henson wrote:
On Tue, Dec 06, 2005, Perry L. Jones wrote:
So is it ok to uses socket ioctl functions on the socket file descriptor
to figure out the socket is closed?
As long as you don't do anything which will affect any subsequent I/O (e.g.
reading or writing
Certificate Revocation List is a list of certificate that have been
revoked by a CA for some reason (Private Key was stolen). The list is
digitally signed by the CA creating the CRL. These lists are usually
public accessible in some LDAP or other command location.
Certificates have a Before
Hello,
I have an SSL connection and I want to check that its status is still OK
before reading or writing. I have seen SSL_state used I think for this
purpose but can't find any documentation on it. If this a function I
should uses or is there a better what to ensure my SSL socket is still
I have some legacy code that uses the ioctl() function on a socket to
see how many bytes are ready to be read. I was wounding if this can be
done with an openssl socket or if I can uses SSL_get_fd( sslSocket ) and
then uses the standard socket ioctl functions.
int numBytesToRead;
funcStatus =
thanks you this helps
Perry
Dr. Stephen Henson wrote:
On Wed, Nov 23, 2005, Perry L. Jones wrote:
I have some legacy code that uses the ioctl() function on a socket to
see how many bytes are ready to be read. I was wounding if this can be
done with an openssl socket or if I
try this to find the error:
i=SSL_accept(con);
switch (SSL_get_error(con,i))
{
case SSL_ERROR_NONE:
break;
case SSL_ERROR_WANT_WRITE:
can some one please point me to an example of non-blocking IO reading
with openssl.
Thanks,
Perry
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
Can someone please tell me why my server application does not cache a
session if It set the options to the following?
SSL_CTX_set_session_cache_mode( ctx, SSL_SESS_CACHE_SERVER );
and I don't set the callback functions:
SSL_CTX_sess_set_new_cb( ctx, NewSessionCallBack );
Sorry I left that line out yes I have set that too, maybe 10 is not a
good value to set in this functions?
SSL_CTX_set_session_id_context( ctx, Server, 10 )
Perry
Arno Garrels wrote:
Perry L. Jones wrote:
Can someone please tell me why my server application does not cache a
session
Certificates are a lot like pgp keys with one difference the public key
has be wrapped with the Public Key infrastructure (PKI). So a public
cert will not only contain the public key but it will also contain
information about what the key can be used for (signing, encrypting,
server, client,
Mark,
I am not sure why you would want to sign the private key but I am sure
there might be a reason some where.
All you should need to sign is the certificate request (cert.req) after
signing the certificate request it is likely that you will want to put
your related certificates and keys
I have been trying to figure this out for days now and can't seem to
find the solution? Someone please give me guidance or I am going to cry!
I have a server application using session caching. I have used the
following function to setup session caching:
SSL_CTX_set_session_id_context( ctx,
hello,
In my code I have a normal socket and I am using SSL_set_fd to turn it
into an SSL socket. After I have make it an SSL socket I no longer need
or want to the original socket. I have tried closing it after the
SSL_set_fd but this make the SSL socket no good.
What I want is to have
Engineering
EMC Corporation
228 South St. Mail Stop: 228 LL/AA-24
Hopkinton, MA 01748 USA
+1-508-249-1257 F: +1-508-497-8030 [EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Perry L. Jones
Sent: Friday, November 18, 2005 10:09 AM
To: openssl
Hello,
I have built a server application which is using session caching by
writing the session files to disk. The session caching is all working
fine but the (old) session never get removed from the disk. I have set
the SSL_CTX_sess_set_remove_cb function to my own remove session
function
What I think what you need to do is to replace the normal message body
with one that is mime encoded.
if you need a command line why to build mime files you could try
something like mpack.
- Perry
Eddy Tan wrote:
Hi all,
anyone knows how to send s/mime with file attachment?
It´s pretty simple
these function and would like to know if I can just incress
this buffer size of if theres is some other trick to making them faster?
I am currently using openssl version 0.9.7d
Thanks for any help.
Perry
--
Perry L. Jones (Software Engineer)
E-mail: [EMAIL PROTECTED]
Phone: (315) 838-7038
Fax: (315) 838
Hello,
Could someone tell when storeing a certificate and its supporting cert
chain in a p12 file is there an order the should be in?
root cert - down ?
user cert - down to Root?
Any order at all, and the applications need to figure out what the order is?
thanks,
Perry
[EMAIL PROTECTED] wrote:
I am trying to solve a problem for which the SSL On-Disk Session Caching
seems to be an appropriate solution. I need confirmation and pointers to
HOW-TO on this subject.
I have a CLI application that connects over SSL to a gSOAP server. I'm
currently experiencing around 7
43 matches
Mail list logo