Hi all.
I have been trying lately to debug a startup issue in APACHE's httpd
service; and the last logs I receive in "/etc/httpd/logs_error_log" is
#
[error] SSL Library Error: 1850
es), THAT WOULD GUARANTEE THAT "EVP_PKEY_cmp(xk, k)"
RETURNS 1 (as the success value).
Thanks again.
Regards,
Ajay
On Fri, Mar 23, 2012 at 8:40 PM, wrote:
> Hello,
>
> owner-openssl-us...@openssl.org wrote on 03/23/2012 03:10:47 PM:
>
> > Ajay Garg
> > Sent
Hi All.
We wish to exhange data over sockets in embedded-environments, and
unfortunately can't afford to use the de-facto openssl implementation,
which I believe uses dynamic memory allocations/deallocations in its code
(we intend to deploy our solution using bare-metal C, in environments where
ev
s that are
independent of the TLS-Algorithm and Cipher-Suite).
I know I sound incredibly clueless, kindly bear with me ...
Thanks and Regards,
Ajay
On Sun, Aug 16, 2015 at 11:08 PM, Viktor Dukhovni <
openssl-us...@dukhovni.org> wrote:
> On Sun, Aug 16, 2015 at 02:44:54PM +0530, Ajay Garg wrot
Hi.
Could not find a definitive answer on google, so thought it would be
best to ask the experts :)
Thanks and Regards,
Ajay
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
the question becomes obsolete.
Anyhow, I am thanks (and sorry at the same time) for everyone's time.
Thanks and Regards,
Ajay
On Mon, Apr 11, 2016 at 8:56 PM, Viktor Dukhovni
wrote:
> On Mon, Apr 11, 2016 at 10:01:33AM +0530, Ajay Garg wrote:
>
> [ Subject: Are double-quotes va
Thanks everyone for the quick and generous help !!
I am really thankful to everyone's time.
Thanks and Regards,
Ajay
On Tue, Apr 12, 2016 at 7:08 PM, Salz, Rich wrote:
>
>> Except when you want more people (usually everybody) access to the CRT,
>> but few people (usually one or two trusted serv
Hi All.
I understand the basic gist of setting up SSL-connections using
OpenSSL, as per
http://stackoverflow.com/questions/7698488/turn-a-simple-socket-into-an-ssl-socket
However, I am a bit unsure about certain implementations.
In particular (let's talk only about the client-side), I wonder how
On Fri, Oct 7, 2016 at 9:19 AM, Viktor Dukhovni
wrote:
> On Fri, Oct 07, 2016 at 08:51:24AM +0530, Ajay Garg wrote:
>
>> However, I am a bit unsure about certain implementations.
>> In particular (let's talk only about the client-side), I wonder how do
>> the foll
;bio2" (after "bio1" has
internally-transferred the bytes to "bio2") ?
* Reading from network via "bio2" (after which "bio1" can
internally-pick-up the bytes from "bio2") ?
Also, how do "bio1" and "bio2" communicate in case of non
anks for your help so far.
Thanks and Regards,
Ajay
On Fri, Oct 7, 2016 at 3:25 PM, Viktor Dukhovni
wrote:
> On Fri, Oct 07, 2016 at 12:28:46PM +0530, Ajay Garg wrote:
>
>> I realise I am still stuck with the original issue.
>
> Failure to read the documentation closel
Thanks for the reply Viktor.
On Fri, Oct 7, 2016 at 8:27 PM, Jakob Bohm wrote:
> On 07/10/2016 16:35, Ajay Garg wrote:
>>
>> Hi Viktor.
>>
>> Thanks for your reply, and I am sorry for being idiotic, OpenSSL does
>> seem daunting, but I am learning :)
>>
&
On Fri, Oct 7, 2016 at 11:17 PM, Viktor Dukhovni
wrote:
> On Fri, Oct 07, 2016 at 10:30:06PM +0530, Ajay Garg wrote:
>
>> Ok, so for sending app-payload-bytes, we do a bio_write() to "bio1",
>> and if "bio1" requires reading from bio2/peer, bio_write() will r
Hi Viktor.
On Fri, Oct 7, 2016 at 11:17 PM, Viktor Dukhovni
wrote:
> On Fri, Oct 07, 2016 at 10:30:06PM +0530, Ajay Garg wrote:
>
>> Ok, so for sending app-payload-bytes, we do a bio_write() to "bio1",
>> and if "bio1" requires reading f
On Sun, Oct 9, 2016 at 10:55 PM, Viktor Dukhovni
wrote:
>
>> On Oct 9, 2016, at 10:47 AM, Ajay Garg wrote:
>>
>>> However, it might sometimes return SSL_ERROR_WANT_READ, in which
>>> case, the SSL layer wants to read, even though the application
>>> want
ries in step a), step b) and
8-point-story in step c) as per my previous email.
Thanks and Regards,
Ajay
On Mon, Oct 10, 2016 at 2:39 AM, Michael Wojcik
wrote:
>> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
>> Of Ajay Garg
>> Sent: Sunday, Oct
Hi All.
We are just dealing with the client-side, and following are the steps ::
SSL_library_init();
OpenSSL_add_ssl_algorithms();
OpenSSL_add_all_algorithms();
SSL_load_error_strings();
ERR_load_crypto_strings();
solitary_ssl_ctx = SSL_CTX_new(TLSv1_2_client_method());
Sorry, the "send" button was clicked accidentally :(
On Mon, Oct 10, 2016 at 10:55 AM, Ajay Garg wrote:
> Hi All.
>
> We are just dealing with the client-side, and following are the steps ::
>
> SSL_library_init();
> OpenSSL_add_ssl_algorithms();
>
[Thanks Viktor, I made the change as suggested by you in the other
incomplete email that I sent accidentally].
Hi All.
We are just dealing with the client-side, and following are the steps ::
#
S
Damn the semicolon at the end :(
Sorry for the noise.
Thanks and Regards,
Ajay
On Mon, Oct 10, 2016 at 11:23 AM, Ajay Garg wrote:
> [Thanks Viktor, I made the change as suggested by you in the other
> incomplete email that I sent accidentally].
>
>
> Hi All.
>
> We are
Hi All.
Taking the socket-structure as ::
#
SSL *ssl;
BIO *ssl_bio; // app-payload-bytes will be
written by app into it.
BIO *inter_bio;
ket->inter_bio, socket->inter_bio);
BIO_set_ssl(socket->ssl_bio, socket->ssl, BIO_NOCLOSE);
On Mon, Oct 10, 2016 at 12:19 PM, Viktor Dukhovni <
openssl-us...@dukhovni.org> wrote:
>
> > On Oct 10, 2016, at 2:20 AM, Ajay Garg wrote:
> >
> >BIO *inte
Following works :
If(BIO_should_read(socket->ssl_bio) != 0)
If(BIO_should_write(socket->ssl_bio) != 0)
With this, I could get the entire end-to-end workflow to work
Thanks a ton for all the help !!!
On Mon, Oct 10, 2016 at 11:50 AM, Ajay Garg wrote:
> Hi All.
>
> Ta
Hi All.
I guess all my theories are bang on, as the entire framework was integrated
seamlessly making use of the above "theories".
Thanks a ton to everyone, and extra thanks to Viktor 😊
Thanks and Regards,
Ajay
On 10 Oct 2016 6:34 a.m., "Ajay Garg" wrote:
> Thank
On Mon, Oct 10, 2016 at 1:31 PM, Viktor Dukhovni wrote:
>
> > On Oct 10, 2016, at 3:52 AM, Ajay Garg wrote:
> >
> > If(BIO_should_read(socket->ssl_bio) != 0)
> >
> > If(BIO_should_write(socket->ssl_bio) != 0)
>
> In Postfix, we don't bother
On Mon, Oct 10, 2016 at 2:47 PM, Ajay Garg wrote:
>
>
> On Mon, Oct 10, 2016 at 1:31 PM, Viktor Dukhovni <
> openssl-us...@dukhovni.org> wrote:
>
>>
>> > On Oct 10, 2016, at 3:52 AM, Ajay Garg wrote:
>> >
>> > If(BIO_should_read(socke
Hi All.
a)
In the call,
int BIO_new_bio_pair(BIO **bio1, size_t
writebuf1, BIO **bio2, size_t writebuf2);
are internal-buffers malloc'ed for each of "bio1" and "bio2"?
If yes, is there a way to pass buffers from the application-layer?
I ask this, because not all systems p
. */
}
}
What am I doing wrong?
On Wed, Oct 12, 2016 at 12:59 AM, Benjamin Kaduk wrote:
> On 10/11/2016 02:06 PM, Ajay Garg wrote:
>
> Hi All.
>
>
> a)
> In the call,
>
> int BIO_new_bio_pair(BIO **bio1, size_t writebuf1, BIO
> **bio2, size_
Hi All.
I plan to integrate openssl in our client-side-framework, so that we can
remove all the unneeded stuff (as the TLS-versions, and
certificate-management is controlled by the server only, which is only a
limited subset amongst the vast feature-set of openssl).
As part of this, I am first br
PM, Matt Caswell wrote:
>
>
> On 15/10/16 13:43, Ajay Garg wrote:
> > Hi All.
> >
> > I plan to integrate openssl in our client-side-framework, so that we can
> > remove all the unneeded stuff (as the TLS-versions, and
> > certificate-management is control
Hardly helps :(
*nm -o /usr/lib/i386-linux-gnu/libcrypto.a | grep ASN1_TIME_t*
nm: ebcdic.o: no symbols
/usr/lib/i386-linux-gnu/libcrypto.a:a_time.o:0230 T
ASN1_TIME_to_generalizedtime
/usr/lib/i386-linux-gnu/libcrypto.a:ocsp_srv.o: U
ASN1_TIME_to_generalizedtime
On Sat, Oct 15, 2016
Thanks Salz.
I get a lot of linking-errors like ::
ex_data.c:(.text+0xaa6): undefined reference to `sk_num'
ex_data.c:(.text+0xb06): undefined reference to `sk_value'
ex_data.c:(.text+0xc5e): undefined reference to `sk_free'
Doing,
*nm -o /usr/lib/i386-linux-gnu/libssl.a | grep
sk_num*/usr/l
I am bringing in the relevant sources from the cloned openssl-repository,
and comping each "c unit" separately.
Also, I am not using Makefiles, rather compiling each "c unit" using gcc
using first-principles.
Could that be an issue?
On Sun, Oct 16, 2016 at 8:10 PM, Salz, Rich wrote:
> > ex_data
Aah... I guess I was being an idiot.
I just realize that the recommended/best/easier way is to compile openssl
as a separate library (enabling/disabling/removing features as required),
and then link this library to our application-binary.
Thanks a ton Salz, you have saved me a LOT of hours :
uild fails at link time with unresolved function references.
>
>
>
> *From:* openssl-users [mailto:openssl-users-boun...@openssl.org] *On
> Behalf Of *Ajay Garg
> *Sent:* Sunday, October 16, 2016 10:16 PM
> *To:* openssl-users@openssl.org
> *Subject:* Re: [openssl-users] Where
Hi All.
Following are the steps I followed :
###
a)
Downloaded nasm.exe from internet, and placed it in the include-path.
b)
*perl Configure VC-WIN32*
c)
*ms\do_nasm.bat*
d)
*nmake -f ms\nt.mak*
e)
*make*
*
Oops... pardon me.
The e) step was not done.
The errors came right after step d)
On 7 Nov 2016 3:36 p.m., "Ajay Garg" wrote:
> Hi All.
>
> Following are the steps I followed :
>
>
> ###
>
> Regards,
>jjf
>
> On 07/11/2016 11:42, Ajay Garg wrote:
>
> Oops... pardon me.
> The e) step was not done.
>
> The errors came right after step d)
>
> On 7 Nov 2016 3:36 p.m., "Ajay Garg" wrote:
&
ime itself.
On Mon, Nov 7, 2016 at 9:52 PM, Ajay Garg wrote:
> Oops.. sorry.
> OpenSSL-version is 1.0.2d, and nasm-version is 2.12.02.
>
>
>
> On Mon, Nov 7, 2016 at 9:31 PM, Jeremy Farrell
> wrote:
>
>> What version of OpenSSL? What version of nasm (nasm -v)? People
Hi Kim.
Thanks for the reply.
On 8 Nov 2016 11:59 a.m., "Kim Gräsman" wrote:
>
> On Tue, Nov 8, 2016 at 6:26 AM, Ajay Garg wrote:
> >
> > Is compiling on windows always such a pain? :(
> > On Linux, it compiled perfectly the first time itself.
>
&
Hi All.
I wish to compile openssl libraries for a STM32-processor (which would then
be linked statically with our application-framework code).
Now. I believe that OpenSSL uses tonnes of "malloc"s and "free"s. But for
bare-metal-systems (without any formal OSes), we generally don't have any
heap-
Ping !!!
Upon code-browsing, I am beginning to feel that OpenSSL uses
program-buffer, which is used for malloc/free.
Am I right?
If yes, is there a place where the maximum-size of "in-program-buffer-heap"
is defined?
On Tue, Nov 22, 2016 at 7:33 PM, Ajay Garg wrote:
> Hi All.
Hi All.
I am using the following script at myu laptop, to test for the available
cipher-suites :
#!/usr/bin/env bash
# OpenSSL requires the port number.
SERVER=server.ip.com:12345
DELAY=1
ciphers=$(openssl ciphers 'ALL:eNULL' | sed -e 's/:/ /g
Hi All.
I am getting stuck on the first step of configuring OpenSSL.
Following are some of the diagnostics ::
OpenSSL-Version : *1.0.2d*
#
pi@raspberrypi:~/instamsg-c/third_party/openssl $ *uname -a*
Linux raspberrypi 4.4.
Hi Experts !!!
Any help, please ?!!!
On Sun, Jan 15, 2017 at 9:14 AM, Ajay Garg wrote:
> Hi All.
>
> I am getting stuck on the first step of configuring OpenSSL.
> Following are some of the diagnostics ::
>
>
> Open
Any ideas please?
Is compiling openssl even possible on Raspberry-Pi?
On Sat, Jan 28, 2017 at 10:50 AM, Ajay Garg wrote:
> Hi Experts !!!
>
> Any help, please ?!!!
>
> On Sun, Jan 15, 2017 at 9:14 AM, Ajay Garg wrote:
>
>> Hi All.
>>
>> I am getting st
:
> On Sun, Feb 12, 2017 at 8:13 AM, Ajay Garg wrote:
> > Any ideas please?
> > Is compiling openssl even possible on Raspberry-Pi?
> >
>
> Try 'config' rather than 'Configure'. It looks like it does the job.
> I'm not sure why the same triplet pr
Hi All.
I am using bleeding-edge openssl code, and wish to compile it for
https://www.digikey.com/product-detail/en/microchip-technology/ATSAM4E8CA-AUR/ATSAM4E8CA-AURCT-ND/4140758
What is the best/recommended way to accomplish this?
Will be grateful for a reply.
Thanks and Regards,
Ajay
--
o
Help please... experts ?!!
On Fri, Nov 10, 2017 at 12:52 PM, Ajay Garg wrote:
> Hi All.
>
> I am using bleeding-edge openssl code, and wish to compile it for
> https://www.digikey.com/product-detail/en/microchip-
> technology/ATSAM4E8CA-AUR/ATSAM4E8CA-AURCT-ND/4140758
>
49 matches
Mail list logo