Eric S. Eberhard wrote:
or ... keep it simple and at least consider using stunnel.
I use stunnel myself in some situations. It's a great tool.
But bear in mind that the application then has no access to authentication
information of the SSL layer.
Ciao, Michael.
Hi,
I am trying to implement State Machine based on the demo application,
that is a server code.
Like i am writting the client side.
So when i try to do handshake, by calling SSL_connect, which i have used
memory bios, after that i check for data available, and then i read data and
send
So finally u have agreed to my initial suggestion of state machines :)
The basic steps in terms of am algorithm are as follows
A. Create the ssl ctx and ssl. Obj
B. Create a pair of memory bios and attach them to the ssl obj, one is
for read and the other is for write.
C. Create the tcp fds and
Thanks Gayatri.
This is what i am doing, but i dont have any buffer to send initially, my
data transfer start from server side.
What i was doing is, calling SSL_connect after initialization and then in
the socket read and write code, i was doing encrypt and decrypt accordingly,
but the very first
Just to clarify my last message, I am using state machine, i called
SSL_connect after creating ctx and ssl objs, 2 mem bios and set them to ssl,
and then read data from bio, and sent that to server and that gave me error.
On Wed, May 25, 2011 at 10:12 AM, Harshvir Sidhu hvssi...@gmail.com wrote:
Okay, u r writing the client, so you need to do connect, now ssl_connect is
going to do the complete SSL handshake, which involves multiple read and
writes, now since you are using memory bios, ssl connect is going to read
from the r_membio and write into the w_membio. The data has to go out the
I am using SSL_is_init_finished this API function to check if init is
finished.
But its not even reaching that code.
The very first call i made to SS_Connect, and after that i read data from
w_BIO and then sending that on TCP, and on getting that data, server gives
this error.
and for debugging
David,
So are you suggesting that i change the approach in my Code. My
application is for Windows and in Managed C++. In that i am using Callback
function for receive, when the callback function is called, and when i call
SSL_read in that, it hangs at recv call in the OpenSSL code, my
Anyone any comments on this. Is openssl appropriate choice for my case?
// Harshvir
On Mon, May 23, 2011 at 3:59 AM, Harshvir Sidhu hvssi...@gmail.com wrote:
David,
So are you suggesting that i change the approach in my Code. My
application is for Windows and in Managed C++. In that i am
On 05/23/11 1:59 AM, Harshvir Sidhu wrote:
So are you suggesting that i change the approach in my Code. My
application is for Windows and in Managed C++. In that i am using
Callback function for receive, when the callback function is called,
and when i call SSL_read in that, it hangs at
I have discussed that with my team, we only have to use OpenSSL, SSAPI has
been ruled out for our work.
// Harshvir
On Mon, May 23, 2011 at 3:56 PM, John R Pierce pie...@hogranch.com wrote:
On 05/23/11 1:59 AM, Harshvir Sidhu wrote:
So are you suggesting that i change the approach in my
On 23 May 2011, at 1:29 PM, Harshvir Sidhu wrote:
Anyone any comments on this. Is openssl appropriate choice for my case?
As I understand it you want OpenSSL to handle the protocol and encryption, but
you don't want OpenSSL to do any network I/O itself: you want to do that (via
the C# sockets
You might also consider using stunnel which works perfectly and is
easy to use in many cases and unless your volume is silly-high has
plenty of performance to run in inetd mode which is very
reliable. stunnel is based on openssl. It also makes your app
independent of SSL changes which I
I think you can read this article and it will be help.
http://www.lenholgate.com/blog/2002/11/using-openssl-with-asynchronous-sockets.html
On Mon, May 23, 2011 at 4:59 PM, Harshvir Sidhu hvssi...@gmail.com wrote:
David,
So are you suggesting that i change the approach in my Code. My
actually I would seriously recommend you read the OpenSSL book written by
Eric Rescorla, it discusses all the use cases of openssl, BIO, async/sync
usages..so that you get an idea of how OpenSSL itself works.
On Mon, May 23, 2011 at 6:02 PM, Neo Liu diablo...@gmail.com wrote:
I think you can
or ... keep it simple and at least consider using stunnel. I have a
LOT of applications using openssl, 3/4 I just use stunnel and forget
about it. For a few when I need to do crazy things, I code and link
in to my application. But you can save a lot of trouble with
stunnel, at least as a
On 5/23/2011 1:59 AM, Harshvir Sidhu wrote:
David,
So are you suggesting that i change the approach in my Code.
Hard for me to give you a useful answer without seeing your code. If
your code tries to treat OpenSSL as a filter, expecting input and output
to correlate, then yes. If your
Hi,
Previously I have used SSL_XXX functions for performing SSL operations.
Now i have am working on an application which is written in Managed C++
using callback functions(BeginReceive and EndReceive), and SSL_Read function
is not working for that. So i tried using BIO_ functions to create a
On Sun, May 22, 2011 at 5:10 PM, Harshvir Sidhu hvssi...@gmail.com wrote:
Can someone point me to some example code for this in which BIO is used
to encrypt and decrypt data and then using normal sockets for send/receive?
I am not able to find anything in openssl source exmple or on google.
Thanks GS.
But i am more interested in the sample code in which BIO pair is used for
socket communication along with Certificate Exchange.
In the current code, i am creating CTX as usual, then using BIO to do
connect, and handshake. but that is not working.
// Harshvir
On Sun, May 22, 2011 at
Ah, yes, I realized later that there wasn't any communication info in
there. I only use it for encryption.
Good luck!
BIO pair is non-blocking BIO, so you need to call SSL_accept() or
SSL_do_handshake() for server times.
The example code looks like follows:
BIO_write(ebio, ...)
SSL_accept(ssl)
BIO_read(ebio, ...)
you can use BIO_pending() and BIO_wpending() to watch the buffer status of
the BIO pairs.
On Mon,
On 5/22/2011 5:10 PM, Harshvir Sidhu wrote:
Previously I have used SSL_XXX functions for performing SSL
operations. Now i have am working on an application which is written in
Managed C++ using callback functions(BeginReceive and EndReceive), and
SSL_Read function is not working for that.
as Neo Liu has pointed out, if you try to use memory bio pair for
communcation, then its ur responsibility to read and write every byte
out the fd using tcp_send and recv() calls, as openssl would only read and
write into the bio. This approach is very very tedious and not sure if thats
the only
24 matches
Mail list logo
