delorie.com/archives/browse.cgi   search  
Mail Archives: djgpp/2012/12/27/15:15:20

X-Authentication-Warning: delorie.com: mail set sender to djgpp-bounces using -f
X-Received: by 10.224.184.11 with SMTP id ci11mr16348474qab.1.1356638453157;
Thu, 27 Dec 2012 12:00:53 -0800 (PST)
Newsgroups: comp.os.msdos.djgpp
Date: Thu, 27 Dec 2012 12:00:52 -0800 (PST)
In-Reply-To: <1b2d3d9b-2d91-40b0-b816-0de2061ea1b2@googlegroups.com>
Complaints-To: groups-abuse AT google DOT com
Injection-Info: glegroupsg2000goo.googlegroups.com; posting-host=46.79.98.127; posting-account=v5xbdQoAAAAOGc9Ccc-kLZyobvPlN3Qr
NNTP-Posting-Host: 46.79.98.127
References: <1b2d3d9b-2d91-40b0-b816-0de2061ea1b2 AT googlegroups DOT com>
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <b9977d20-20b4-43f2-8151-e6b6dcdabdbe@googlegroups.com>
Subject: Re: Openssl problems
From: dosusb AT googlemail DOT com
Injection-Date: Thu, 27 Dec 2012 20:00:53 +0000
Bytes: 2992
Lines: 43
To: djgpp AT delorie DOT com
DJ-Gateway: from newsgroup comp.os.msdos.djgpp
Reply-To: djgpp AT delorie DOT com
Errors-To: nobody AT delorie DOT com
X-Mailing-List: djgpp AT delorie DOT com
X-Unsubscribes-To: listserv AT delorie DOT com

After reading some OpenSSL documention I started to test with the s_client option. Maybe someone can tell me what should get this working. This is what I get now:

openssl version 1.0.0d:

openssl s_client -no_ssl2 -debug -host www.google.com -port 443 -state
WARNING: can't open config file: /dev/env/DJDIR/ssl/openssl.cnf
warning, not much extra random data, consider using the -rand option

CONNECTED(00000006)
SSL_connect:before/connect initialization
SSL_connect:error in SSLv2/v3 write client hello A
write:errno=0

I do not understand why it does not find openssl.cnf, it is available and I do:
 
set DJDIR=c:\djgpp
set DJGPP=c:\djgpp\djgpp.env

I also found openssl 097 on the net: 
http://www.filegate.net/utiln/utilnet/ossl097d.zip
 
This gets me further:
openssl version 097:

openssl s_client -no_ssl2 -host www.google.com -port 443 -state
warning, not much extra random data, consider using the -rand option
CONNECTED(00000008)
SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL_connect:SSLv3 read server hello A
depth=1 /C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
verify error:num=20:unable to get local issuer certificate
verify return:0
SSL_connect:SSLv3 read server certificate A
SSL_connect:SSLv3 read server done A
SSL_connect:error in SSLv3 write client key exchange A
SSL_connect:error in SSLv3 write client key exchange A
1:error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not seeded:md_rand.c:503:

So I do get a server hello and SSLv3 seems to be initialized. Somehow I seem to have to provide random numbers to get this to continue.

The ossl097d package does not include a libssl.a so I cannot test that. And older versions of openssl have been removed from the djgpp ftp site now. Can someone add these for me again please :)

Georg

- Raw text -


  webmaster     delorie software   privacy  
  Copyright 2019   by DJ Delorie     Updated Jul 2019