Programming Languages
 » 
Squeak
 » 
Squeak - Cryptography

 « Return to Thread: Debugging SSL on Linux

RE: Debugging SSL on Linux

by Ron Teitelbaum :: Rate this Message:

Reply to Author | View in Thread

Some parts of this message have been removed. Learn more about Nabble's security policy.

Great that explains it.  I’ll look at the asn more closely and let you know tomorrow.

 

Ron

 

From: Robert Withers [mailto:reefedjib@...]
Sent: Tuesday, March 20, 2007 6:26 PM
To: Ron@...
Cc: 'Norbert Hartl'; 'Cryptography Team Development List'
Subject: Re: [Cryptography Team] Debugging SSL on Linux

 

Hey Ron,

 

You are back on the SSL version.  The latest is SSL.111.  You are missing all of the Certificate validation code that I put in and this is why you are able to connect, since all of the problems in this case are with validation.  Since you have the latest X509, you are decoding the CertificateExtensions, which would expose problems 2 and 3, but you aren't encoding them for signature validation, per the above reason, so you never have a problem.

 

Norbert, if you load SSL.109 it should work, while we get this issue fixed.  This is just missing a lot of security.

 

Rob

 

 

On Mar 20, 2007, at 3:03 PM, Ron Teitelbaum wrote:



Hey Rob,

 

I’ll look more into the asn issue but this doesn’t explain why it works on my machine.

 

I was able to connect and retrieve data just fine, I just checked again with:

 

ANS1.26

Core.23

SSL.109

X509.32

 

I’ll try your new code but first I’ll verify the extension data and see if I can tell why it is parsing correctly on my machine.  I can’t get to it till tomorrow.

 

Thanks for looking at it!

Ron  

 

From: Robert Withers [reefedjib@...]
Sent: Tuesday, March 20, 2007 4:43 PM
To: Ron@...; Cryptography Team Development List
Cc: 'Norbert Hartl'
Subject: Re: [Cryptography Team] Debugging SSL on Linux

 

Ron and Norbert,

 

I found that SSL failed to establish a connection on the Mac, and I suspect the same is actually true on Windows, on close inspection. The resulting MIMEDocument has an error when evaluating the example:

 

https://home.selfish.orgHello everyone,

This is from Norbert:

I tried using the url that Norbert gave and it worked fine on Windows.

Could someone try this on Linux and see if they can help provide info as to what is going wrong. I suspect that the client hello is causing the server to disconnect. Maybe an Endian issue?


Ron Teitelbaum
Squeak Cryptography Team Leader

_______________________________________________

Cryptography mailing list

 

 

 


_______________________________________________
Cryptography mailing list
Cryptography@...
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography

 « Return to Thread: Debugging SSL on Linux

LightInTheBox - Buy quality products at wholesale price
Free Forum Powered by Nabble Forum Help