X-Authentication-Warning: delorie.com: mail set sender to djgpp-bounces using -f X-Recipient: djgpp AT delorie DOT com X-Authenticated: #27081556 X-Provags-ID: V01U2FsdGVkX1/eWtYf+Sne+srU6hdbi8dl2XKga0USuBJ5ejIFMe nR1QhBO570sNfn Message-ID: <50D983FA.4040305@gmx.de> Date: Tue, 25 Dec 2012 11:46:18 +0100 From: Juan Manuel Guerrero User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:16.0) Gecko/20121025 Thunderbird/16.0.2 MIME-Version: 1.0 To: djgpp AT delorie DOT com Subject: Re: Openssl problems References: <1b2d3d9b-2d91-40b0-b816-0de2061ea1b2 AT googlegroups DOT com> In-Reply-To: <1b2d3d9b-2d91-40b0-b816-0de2061ea1b2@googlegroups.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Y-GMX-Trusted: 0 Reply-To: djgpp AT delorie DOT com Am 24.12.2012 14:39, schrieb dosusb AT googlemail DOT com: > I try to use the openssl library Juan has ported recently. First: thank you very much for that! > > To test this I try to get the demo programs sconnect.c (in demo/bio) and cli.cpp (in demo/ssl) > to work. sconnect.c has a "#if WATT32" in there so it must have worked once with watt32. > > I compile these with: > gcc -o sconnect.exe sconnect.c -lssl -lcrypto -lwatt -lz > and > gpp -o cli.exe cli.cpp -lssl -lcrypto -lwatt -lz > First, I ported openssl because I needed it for a port of CVS that I was working on. Later I realized that there was already certain kind of DOS specific openssh so I lost interest in openssl. Especially due to the difficulties getting work the noise source on XP. Please note that I tried to port the library and the testsuite but I never wasted my time trying to get the demo code working. The README of the demos clearly states: NOTE: Don't expect any of these programs to work with current OpenSSL releases, or even with later SSLeay releases. Again I never tried neither to compile nor to run any of these demo programs. I do not even know for what they are good. Even if there are some "#if WATT32" this does not imply that they do work with the current version of openssl. An inspection of the time stamp shows that the Makefile and source code is from 1998 and 2002. The code is over a decade old. This means at least that it is not longer maintained. > Made a PEM file with openssl.exe but do not know where openssl will look for that. > From what I read openssl needs a client certificate, a client key and a CA cert. > My PEM file just contains a private key and a certificate. IIRC either in /dev/env/DJDIR/share/ssl/certs or /dev/env/DJDIR/share/ssl I usually try to keep the unix paths. I replace /usr/local by /dev/env/DJDIR. In the worst case look in a linux machine where the certificate goes. > I devload "noise586.sys /i /m" . I also load a packet driver successfully > which does work with other programs. All this in real mode. noise586.sys works > since in a different test the message "Insufficient random entropy" did no longer > appear after loading noise586.sys. > > cli.cpp will not successfully make a tcp/ip connection (to 127.0.0.1 as in the code). > sconnect.c will jump to the "err:" label when trying a BIO_write(). I will investigate this when I am back from vacations and when I have access to a dos mashine. > Is there a working example? (wget/htget in ssl mode?) Or can someone spot what I am doing wrong? I am not aware of any dos/djgpp specific example that uses openssl. Regards, Juan M. Guerrero