On 2014-06-25 at 22:22, Michael Wojcik michael.woj...@microfocus.com wrote:
[…]
But if two or more parallel SSL connections
are initiated you would AFAICS require a unique index variable per running
SSL*.
No, that's not how it works. You need one index value per item to be stored
in a
Hello Viktor,
On 2014-06-25 at 00:49, Viktor Dukhovni openssl-us...@dukhovni.org wrote:
On Tue, Jun 24, 2014 at 07:58:27PM +0200, Jens Maus wrote:
conn-ssLCtx = SSL_CTX_new(SSLv23_client_method());
SSL_CTX_set_options(conn-sslCtx, SSL_OP_ALL | SSL_OP_NO_SSLv2);
Excerpt from the book : Network Security with OpenSSL :
An SSL_CTX object will be a factory for producing SSL connection objects.
This context allows us to set connection configuration parameters before
the connection is made, such as protocol version, certificate
information, and verification
On 2014-06-25 at 15:06, Michel msa...@paybox.com wrote:
Excerpt from the book : Network Security with OpenSSL :
An SSL_CTX object will be a factory for producing SSL connection objects.
This context allows us to set connection configuration parameters before the
connection is made, such as
On Wed, Jun 25, 2014 at 03:23:27PM +0200, Jens Maus wrote:
Ok, but then please allow the question how I should deal with
SSL_CTX_set_cert_verify_callback(sslCtx, func, conn);
Set this callback once, with a conn value of 0. Use
ssl_idx = SSL_get_ex_data_X509_STORE_CTX_idx();
conn =
On 2014-06-25 at 16:28, Viktor Dukhovni openssl-us...@dukhovni.org wrote:
On Wed, Jun 25, 2014 at 03:23:27PM +0200, Jens Maus wrote:
Ok, but then please allow the question how I should deal with
SSL_CTX_set_cert_verify_callback(sslCtx, func, conn);
Set this callback once, with a conn
On 6/25/2014 3:23 PM, Jens Maus wrote:
On 2014-06-25 at 15:06, Michel msa...@paybox.com wrote:
Excerpt from the book : Network Security with OpenSSL :
An SSL_CTX object will be a factory for producing SSL connection objects.
This context allows us to set connection configuration parameters
On 2014-06-25 at 16:58, Jakob Bohm jb-open...@wisemo.com wrote:
On 6/25/2014 3:23 PM, Jens Maus wrote:
So how can I specify an own app_data for every connection? IMHO there should
be something like SSL_set_cert_app_data() so that I can specify different
app_data for different SSL
On Wed, Jun 25, 2014 at 11:15 AM, Jens Maus m...@jens-maus.de wrote:
...
Actually, I now understand that I can keep a single SSL_CTX throughout the
whole lifetime of my application and just assign it to the SSL_new() call.
However, as I outlined in my last posts, if I change my code like
On 2014-06-25 at 17:33, Jeffrey Walton noloa...@gmail.com wrote:
On Wed, Jun 25, 2014 at 11:15 AM, Jens Maus m...@jens-maus.de wrote:
...
Actually, I now understand that I can keep a single SSL_CTX throughout the
whole lifetime of my application and just assign it to the SSL_new() call.
On Wed, Jun 25, 2014, Viktor Dukhovni wrote:
On Wed, Jun 25, 2014 at 03:23:27PM +0200, Jens Maus wrote:
Ok, but then please allow the question how I should deal with
SSL_CTX_set_cert_verify_callback(sslCtx, func, conn);
Set this callback once, with a conn value of 0. Use
Am 25.06.2014 um 18:09 schrieb Jeffrey Walton noloa...@gmail.com:
On Wed, Jun 25, 2014 at 11:45 AM, Jens Maus m...@jens-maus.de wrote:
Of course, everything is possible. But if I create a global data structure
now that uses the SSL* as a key so that I can search for that one within the
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
us...@openssl.org] On Behalf Of Jens Maus
Sent: Wednesday, 25 June, 2014 11:05
On 2014-06-25 at 16:28, Viktor Dukhovni openssl-us...@dukhovni.org wrote:
On Wed, Jun 25, 2014 at 03:23:27PM +0200, Jens Maus wrote:
Ok, but
Am 25.06.2014 um 18:22 schrieb Michael Wojcik michael.woj...@microfocus.com:
[…]
To retrieve it in the callback, you use the code Viktor provided. First you
get the index of the SSL* object in the X509_STORE_CTX's external data
collection:
int ssl_idx =
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
us...@openssl.org] On Behalf Of Jens Maus
Sent: Wednesday, 25 June, 2014 14:07
Am 25.06.2014 um 18:22 schrieb Michael Wojcik
michael.woj...@microfocus.com:
[...]
Now, if you need additional application-specific information
Hello,
this is actually my first post to this list, so please apologize if it might be
too lengthy or too short or might address a question already raised in the past
(which I didn’t find in the list archives so far).
I am an application developer of an email client using openssl to secure
On 6/24/2014 7:58 PM, Jens Maus wrote:
Hello,
this is actually my first post to this list, so please apologize if it might be
too lengthy or too short or might address a question already raised in the past
(which I didn’t find in the list archives so far).
I am an application developer of an
On Tue, Jun 24, 2014 at 07:58:27PM +0200, Jens Maus wrote:
conn-ssLCtx = SSL_CTX_new(SSLv23_client_method());
SSL_CTX_set_options(conn-sslCtx, SSL_OP_ALL | SSL_OP_NO_SSLv2);
SSL_CTX_load_verify_locations(conn-sslCtx, ?);
SSL_CTX_set_default_verify_paths(?);
SSL_CTX_set_verify(conn-sslCtx,
18 matches
Mail list logo