RE: SSL_connect problem
hi yes i have called SSL_library_init() at the beginning. SSL_connect is returning -1 whereas ERR_get_error() is returning 0. (SYS_ERROR_SYSCALL) what should be done? thank you in advance vijayVu Pham [EMAIL PROTECTED] wrote: From: [EMAIL PROTECTED][mailto:[EMAIL PROTECTED] On Behalf Of vijay basav Sent: Monday, March 07, 2005 8:22 AM To: openssl-users@openssl.org Subject: SSL_connect problem hi i have ported openssl on to vxworks mips processor. i havewritten a simple code for sercure server-client interaction. SSL_connect isgiving me problems. the error is SSL_ERROR_SYSCALL. ERR_get_error isreturning a 0. but ERR_error_string_n( ..) is returning error::lib(0):func(0):reason(0). Have you called the SSL_library_init() at the beginning ?Vu__OpenSSL Project http://www.openssl.orgUser Support Mailing List openssl-users@openssl.orgAutomated List Manager [EMAIL PROTECTED] Celebrate Yahoo!'s 10th Birthday! Yahoo! Netrospective: 100 Moments of the Web
SSL_connect problem
hi i have ported openssl on to vxworks mips processor. i have written a simple code for sercure server-client interaction. SSL_connect is giving me problems. the error is SSL_ERROR_SYSCALL. ERR_get_error is returning a 0. but ERR_error_string_n( ..) is returning error: :lib(0):func(0):reason(0). could someone tell me what might be wrong? thank you vijay__Do You Yahoo!?Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
RE: SSL_connect problem
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of vijay basav Sent: Monday, March 07, 2005 8:22 AM To: openssl-users@openssl.org Subject: SSL_connect problem hi i have ported openssl on to vxworks mips processor. i have written a simple code for sercure server-client interaction. SSL_connect is giving me problems. the error is SSL_ERROR_SYSCALL. ERR_get_error is returning a 0. but ERR_error_string_n( ..) is returning error: :lib(0):func(0):reason(0). Have you called the SSL_library_init() at the beginning ? Vu __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
[OpenSSL 0.9.7d] SSL_connect() problem on Linux.
Hi, I wrote a simple https client on *nix system, and it worked fine on solaris(including x86) and linux 2.4.8. Recently I have tested my code on Linux kernel 2.6.8. But some box gave me 'time out' while did SSL_connect(). After I did SSL_get_error(), I found it was SSL_ERROR_SYSCALL. It happend on some sites, not all of site. As I checked linux boxes running on Linux kernel 2.6.8, I found that some boxes' kernel used POSIX message queues in kernel configuration, and those were the boxes which gave me problem. Is there any body who had similar problem as mine? David Choi __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
SSL_Connect( ) problem
Hi, i have a problem with SSL_Connect(). My client runs on a Pocket PC 2002 and the server in Win32. BIO socket is connected succesfully but SSL_Connect( ) fails. Environment: OpensSSL 0.9.7c (OpenSSL installation for WIN-CE passed all tests). Many Thanks in Advance __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
SSL_connect() problem?
Hi. I'm writing a small class that uses the ssl library. The problem ( I'm not sure who has the problem :-P ) is that SSL_connect() blocks when the verify callback function returns 0. If it returns 1 all goes as expected. I'm using a blocking connect bio as the underlaying bio for the SSL object. And i'm programming my client in windows. Is this a wrong behaviour or i'm missing something?? Thanks in advance, Juan. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: SSL_connect problem : bad asn1 object header
the problem seems to be that you use self signed certificates /both sides/. there is a few possible ways to do this: 1. use custom handler for errors in certificates in your server static int SSL_verify_callback(int ok, X509_STORE_CTX *ctx) { charbuf[256]; X509* err_cert; int err, depth, ret; err_cert= X509_STORE_CTX_get_current_cert(ctx); err= X509_STORE_CTX_get_error(ctx); depth= X509_STORE_CTX_get_error_depth(ctx); switch(err) { case X509_V_OK: handle errors } } and use SSL_CTX_set_verify(your context ,SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE| SSL_VERIFY_FAIL_IF_NO_PEER_CERT,SSL_verify_callback); 2. you may use valid certificates /not expired, signed from thrusted root e.t.c/ then your default handler will report success. --- ozan alptekin [EMAIL PROTECTED] wrote: hi, I am using openssl 0.9.6.b and trying to write a server-client program in which both parties should authenticate each other and i am new to OpenSSL. but I have a problem during the handshake process, I get a SSL error: 5 : error:0005::lib(0) :func(0) :bad asn1 object header error when client calls SSL_connect. I realized that it is related with the verification mode of the server or something with the certificates I have created. I am using same selfsigned CA for creating certificates for server and client. I have set the verification flags as SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT both for the client and the server. Using methods TLSv1_server_method for the server and TLSv1_client_method for the client. Thanks a lot... Ozan Alptekin - Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
SSL_connect problem
server is ready. client call SSL_connect(ssl); in gdb,it say: 1057:error:0D06B078:asn1 encoding routines:ASN1_get_object:header too long:asn1_lib.c:139: 1057:error:0D09F006:asn1 encoding routines:d2i_X509:bad get asn1 object call:x_x509.c:102:address=135128672 offset=0 1057:error:1407E00B:SSL routines:SSL2_SET_CERTIFICATE:X509 lib:s2_clnt.c:906: what is the problem? What should I do in client? __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
SSL_Connect problem on win32
I'm trying to add ssl support to an application that uses non-blocking sockets on Win32 platform. I've downloaded the most recent version of the library 0,9.5a and compiled it on my machine. These are the steps that I follow: Initialize the SSL library and create a context. Connect a socket to the host and wait for the FD_CONNECT message to be received which confirms that the connection is done. Create an SSL session using this socket descriptor. call SSL_connect() There is a window's procedure that listens for any incoming traffic on the socket, anytime an FD_READ or FD_WRITE is received we will call SSL_read() or SSL_write(). When the first FD_READ is received we get an SSL_READ error. SSL_ERROR_SSL if I call ERR_get_error() I get the following hex value 0x24064064. I can also see in the logging that the handshake was at this point - SSLv3 write client key exchange A - before we get the read error. Does anyone have any ideas on what I'm doing wrong? __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: SSL_Connect problem on win32
Rose Marie Carissimi wrote: When the first FD_READ is received we get an SSL_READ error. SSL_ERROR_SSL if I call ERR_get_error() I get the following hex value 0x24064064. I can also see in the logging that the handshake was at this point - SSLv3 write client key exchange A - before we get the read error. Does anyone have any ideas on what I'm doing wrong? Well ERR_print_errors_fp() gives more readable answers but however lets see: openssl errstr 24064064 error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not seeded Which has been dealt with ad nauseam in the list and the FAQ. Steve. -- Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/ Personal Email: [EMAIL PROTECTED] Senior crypto engineer, Celo Communications: http://www.celocom.com/ Core developer of the OpenSSL project: http://www.openssl.org/ Business Email: [EMAIL PROTECTED] PGP key: via homepage. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
SSL_Connect problem on win32
Hi There, I am running into a problem getting SSL_connect() to work on win32. It is not the PRNG problem because RAND_status() returns 1. After SSL_connect() returns -1, the call SSL_get_error() returns 2 which translates to "system lib". I tried both 0.9.5 and 0.9.5a and they both give me the same error. I built on Windows NT 4.0 SP5 both the openSSL library and my client application. Does anybody experience encountered similar problem? Any hints will be appreciated. frankie Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]