f



Openssl problems

I try to use the openssl library Juan has ported recently. First: thank you very much for that!

To test this I try to get the demo programs sconnect.c (in demo/bio) and cli.cpp (in demo/ssl) to work. sconnect.c has a "#if WATT32" in there so it must have worked once with watt32.

I compile these with:
gcc -o sconnect.exe sconnect.c -lssl -lcrypto -lwatt -lz
and
gpp -o cli.exe cli.cpp -lssl -lcrypto -lwatt -lz

Made a PEM file with openssl.exe but do not know where openssl will look for that. From what I read openssl needs a client certificate, a client key and a CA cert. My PEM file just contains a private key and a certificate.

I devload "noise586.sys /i /m" . I also load a packet driver successfully
which does work with other programs. All this in real mode. noise586.sys works since in a different test the message "Insufficient random entropy" did no longer appear after loading noise586.sys.

cli.cpp will not successfully make a tcp/ip connection (to 127.0.0.1 as in the code).
sconnect.c will jump to the "err:" label when trying a BIO_write().

Is there a working example? (wget/htget in ssl mode?) Or can someone spot what I am doing wrong?

Georg


0
dosusb
12/24/2012 1:39:16 PM
comp.os.msdos.djgpp 3308 articles. 2 followers. tigrepotrazosalvaje (34) is leader. Post Follow

16 Replies
4173 Views

Similar Articles

[PageSpeed] 12

Am 24.12.2012 14:39, schrieb dosusb@googlemail.com:
 > I try to use the openssl library Juan has ported recently. First: thank you very much for that!
 >
 > To test this I try to get the demo programs sconnect.c (in demo/bio) and cli.cpp (in demo/ssl)
 > to work. sconnect.c has a "#if WATT32" in there so it must have worked once with watt32.
 >
 > I compile these with:
 > gcc -o sconnect.exe sconnect.c -lssl -lcrypto -lwatt -lz
 > and
 > gpp -o cli.exe cli.cpp -lssl -lcrypto -lwatt -lz
 >

First, I ported openssl because I needed it for a port of CVS that I was
working on.  Later I realized that there was already certain kind of DOS
specific openssh so I lost interest in openssl.  Especially due to the
difficulties getting work the noise source on XP.

Please note that I tried to port the library and the testsuite but I never
wasted my time trying to get the demo code working.  The README of the demos
clearly states:
   NOTE: Don't expect any of these programs to work with current
   OpenSSL releases, or even with later SSLeay releases.

Again I never tried neither to compile nor to run any of these demo programs.
I do not even know for what they are good.  Even if there are some "#if WATT32"
this does not imply that they do work with the current version of openssl.
An inspection of the time stamp shows that the Makefile and source code is
from 1998 and 2002.  The code is over a decade old.  This means at least
that it is not longer maintained.

 > Made a PEM file with openssl.exe but do not know where openssl will look for that.
 > From what I read openssl needs a client certificate, a client key and a CA cert.
 > My PEM file just contains a private key and a certificate.

IIRC either in /dev/env/DJDIR/share/ssl/certs or /dev/env/DJDIR/share/ssl
I usually try to keep the unix paths.  I replace /usr/local by /dev/env/DJDIR.
In the worst case look in a linux machine where the certificate goes.


 > I devload "noise586.sys /i /m" . I also load a packet driver successfully
 > which does work with other programs. All this in real mode. noise586.sys works
 > since in a different test the message "Insufficient random entropy" did no longer
 > appear after loading noise586.sys.
 >
 > cli.cpp will not successfully make a tcp/ip connection (to 127.0.0.1 as in the code).
 > sconnect.c will jump to the "err:" label when trying a BIO_write().

I will investigate this when I am back from vacations and when I have access to
a dos mashine.


 > Is there a working example? (wget/htget in ssl mode?) Or can someone spot what I am doing wrong?
I am not aware of any dos/djgpp specific example that uses openssl.


Regards,
Juan M. Guerrero

0
Juan
12/25/2012 10:46:18 AM
Hi guys, Merry Christmas!  :-)

On Tuesday, December 25, 2012 4:46:18 AM UTC-6, Juan Manuel Guerrero wrote:
> Am 24.12.2012 14:39, schrieb dosusb@nospam.no:
> 
>  > Is there a working example? (wget/htget in ssl mode?) Or can someone spot what I am doing wrong?
> 
> I am not aware of any dos/djgpp specific example that uses openssl.

This is all way way over my head. Anyways, I'm not sure it'll work, but you could maybe try to build Lynx with OpenSSL. I know I managed to build Lynx (though without SSL) a while back, and it more or less worked (under VirtualBox).

http://lynx.browser.org/
0
rugxulo
12/25/2012 7:52:06 PM
Thank you for your message Juan!

>Especially due to the difficulties getting work the noise source on XP.=20
I agree - I looked at the code and it would take me a while to get that to =
compile and do some changes.

I picked the demos that seemed to be the most simple and hoped these still =
would work.

>I will investigate this when I am back from vacations and when I have acce=
ss >to a dos machine.=20
Of cause I look forward to this!

@Rugxulo:
>Hi guys, Merry Christmas!  :-)=20
Merry Christmas to you and all readers!=20

What do you expect us to do after singing Christmas songs and opening our p=
resents? Looking into Openssl of cause :-)

Frankly I try to get SSL to work with my DOS port of the Dillo browser. Thi=
s has SSL code that works for Windows but it will not run with DOS. So I lo=
ok for a simple example to see how (and if?) OpenSSL for DOS works at all. =
Then I want to step through the code in the browser comparing it with this =
working example. Currently I have no clue which step does stop it working.

Georg




0
dosusb
12/25/2012 9:25:37 PM
I got noise to compile but I could not generate a version that worked with Windows XP. Maybe devload will not install device drivers in a Windows XP DOS box.

Also tried to get libcurl with openssl for DOS to work, but that did not get further than a "client hello" so the key and certificate were not checked yet:
http://curl.haxx.se/libcurl/c/simplessl.html

Georg
0
dosusb
12/26/2012 10:15:13 PM
I got noise to compile but I could not generate a version that worked with Windows XP. Maybe devload will not install device drivers in a Windows XP DOS box.

Also tried to get libcurl with openssl for DOS to work, but that did not get further than a "client hello" so the key and certificate were not checked yet:
http://curl.haxx.se/libcurl/c/simplessl.html

Georg
0
dosusb
12/26/2012 10:15:58 PM
After reading some OpenSSL documention I started to test with the s_client option. Maybe someone can tell me what should get this working. This is what I get now:

openssl version 1.0.0d:

openssl s_client -no_ssl2 -debug -host www.google.com -port 443 -state
WARNING: can't open config file: /dev/env/DJDIR/ssl/openssl.cnf
warning, not much extra random data, consider using the -rand option

CONNECTED(00000006)
SSL_connect:before/connect initialization
SSL_connect:error in SSLv2/v3 write client hello A
write:errno=0

I do not understand why it does not find openssl.cnf, it is available and I do:
 
set DJDIR=c:\djgpp
set DJGPP=c:\djgpp\djgpp.env

I also found openssl 097 on the net: 
http://www.filegate.net/utiln/utilnet/ossl097d.zip
 
This gets me further:
openssl version 097:

openssl s_client -no_ssl2 -host www.google.com -port 443 -state
warning, not much extra random data, consider using the -rand option
CONNECTED(00000008)
SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL_connect:SSLv3 read server hello A
depth=1 /C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
verify error:num=20:unable to get local issuer certificate
verify return:0
SSL_connect:SSLv3 read server certificate A
SSL_connect:SSLv3 read server done A
SSL_connect:error in SSLv3 write client key exchange A
SSL_connect:error in SSLv3 write client key exchange A
1:error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not seeded:md_rand.c:503:

So I do get a server hello and SSLv3 seems to be initialized. Somehow I seem to have to provide random numbers to get this to continue.

The ossl097d package does not include a libssl.a so I cannot test that. And older versions of openssl have been removed from the djgpp ftp site now. Can someone add these for me again please :)

Georg
0
dosusb
12/27/2012 8:00:52 PM
Just an addendum:

entering: 
GET / HTTP/1.1
Host: www.google.de
after "s_client" has established the connection allows me to retrieve a web page to STDOUT.

Georg

[.....]
SSL_connect:SSLv3 flush data
SSL_connect:SSLv3 read server session ticket A
SSL_connect:SSLv3 read finished A
GET / HTTP/1.1
Host: www.google.de
0
dosusb
12/27/2012 9:33:29 PM
> Date: Thu, 27 Dec 2012 12:00:52 -0800 (PST)
> From: dosusb@googlemail.com
> 
> openssl s_client -no_ssl2 -debug -host www.google.com -port 443 -state
> WARNING: can't open config file: /dev/env/DJDIR/ssl/openssl.cnf
> warning, not much extra random data, consider using the -rand option
> 
> CONNECTED(00000006)
> SSL_connect:before/connect initialization
> SSL_connect:error in SSLv2/v3 write client hello A
> write:errno=0
> 
> I do not understand why it does not find openssl.cnf, it is available and I do:
>  
> set DJDIR=c:\djgpp
> set DJGPP=c:\djgpp\djgpp.env

No need to set DJDIR, it will be set automatically.  Only set DJGPP.

Do you actually have the c:\djgpp\djgpp.env file?  If not, that's your
problem: it should be there.  Also, make sure you have
c:\djgpp\ssl\openssl.cnf exactly in the place shown.

Sorry, I don't know enough about Openssl and networking in DJGPP to
help you with the rest of your problems.
0
Eli
12/28/2012 7:56:53 AM
Hi,

On Friday, December 28, 2012 1:56:53 AM UTC-6, Eli Zaretskii wrote:
> > Date: Thu, 27 Dec 2012 12:00:52 -0800 (PST)
>=20
> Sorry, I don't know enough about Openssl and networking in DJGPP to
> help you with the rest of your problems.

Nor I. Also a quick search for sources or lib files (*.a) for OSSL097D.ZIP =
was unsuccessful. But I did find the following recent thread (archive), whi=
ch suggests that OpenSSL will work fine with Watt-32. You may wish to conta=
ct Doug Kaufman and/or Gisle Vanem.

http://openssl.6102.n7.nabble.com/Patch-for-DJGPP-head-td42490.html

http://www.rahul.net/dkaufman/
http://home.broadpark.no/~gvanem/
0
rugxulo
12/28/2012 1:05:47 PM
Thank you for your messages.

Yes, I do have \djgpp\djgpp.env and I checked the path \djgpp\ssl\openssl.cnf.
You usually keep several versions of a package on the djgpp FTP server but for openssl the old version is unfortunately gone.

Rugxulo, I read the interesting link to the mailing list. Since I got "openssl s_client" to run OK this means that openssl works, not quite sure about libssl.a. To test that one would need a working example code.

I will be traveling for a week now and continue then. Still hope that Juan may find a working example. 

Georg
0
dosusb
12/28/2012 8:09:57 PM
Am 27.12.2012 21:00, schrieb dosusb@googlemail.com:
> After reading some OpenSSL documention I started to test with the s_client option. Maybe someone can tell me what should get this working. This is what I get now:
>
> openssl version 1.0.0d:
>
> openssl s_client -no_ssl2 -debug -host www.google.com -port 443 -state
> WARNING: can't open config file: /dev/env/DJDIR/ssl/openssl.cnf
> warning, not much extra random data, consider using the -rand option
>
> CONNECTED(00000006)
> SSL_connect:before/connect initialization
> SSL_connect:error in SSLv2/v3 write client hello A
> write:errno=0
>
> I do not understand why it does not find openssl.cnf, it is available and I do:
>   
> set DJDIR=c:\djgpp
> set DJGPP=c:\djgpp\djgpp.env
>
> I also found openssl 097 on the net:
> http://www.filegate.net/utiln/utilnet/ossl097d.zip
>   
> This gets me further:
> openssl version 097:
>
> openssl s_client -no_ssl2 -host www.google.com -port 443 -state
> warning, not much extra random data, consider using the -rand option
> CONNECTED(00000008)
> SSL_connect:before/connect initialization
> SSL_connect:SSLv2/v3 write client hello A
> SSL_connect:SSLv3 read server hello A
> depth=1 /C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
> verify error:num=20:unable to get local issuer certificate
> verify return:0
> SSL_connect:SSLv3 read server certificate A
> SSL_connect:SSLv3 read server done A
> SSL_connect:error in SSLv3 write client key exchange A
> SSL_connect:error in SSLv3 write client key exchange A
> 1:error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not seeded:md_rand.c:503:
>
> So I do get a server hello and SSLv3 seems to be initialized. Somehow I seem to have to provide random numbers to get this to continue.
>
> The ossl097d package does not include a libssl.a so I cannot test that. And older versions of openssl have been removed from the djgpp ftp site now. Can someone add these for me again please :)
>
> Georg
>
Sorry but I cannot reproduce anything of this.

1) I have ported/build openssl version 1.0.1c. I do not know anything about
these two particular builds.
AFAIK there have also never been an official openssl 0.97d port. All packaged
uploaded to the djgpp ftp server are either stored in
ftp://ftp.delorie.com/pub/djgpp/current
or
ftp://ftp.delorie.com/pub/djgpp/beta
or if deleted then they are in
ftp://ftp.delorie.com/pub/djgpp/deleted.
I have never found any of those ports in any of those directories. An
inspections of the djgpp_announce mailing list also shows that except for
the openssl 1.0.1c port announce there have never been one related to openssl.
IMHO no one has removed those ports because they have never been uploaded
and thus they were never officially released as djgpp ports of openssl.
But I may be wrong.

2) Openssl needs to find its certificates. This port has been configured to
search for them at /dev/env/DJDIR/share/ssl. You can always determinate
how the port has been configured by inspecting the header file:
/dev/env/DJDIR/include/openssl/opensslconf.h
I have never experienced any difficulties concerning this issue. Openssl
always finds the required files where they have been installed.
As already pointed out in some other mail, the only environment variable
that needs to be defined is DJGPP. It points to djgpp.env where DJDIR is
defined. With DJDIR OpenSSL finds the /dev/env/DJDIR/share/ssl path and
loads openssl.cnf flawlessly.

3) I am neither an OpenSSL user nor a DOS/DJGPP network expert. I have tested
it only on MSDOS 6.22. This is because OpenSSL usually needs an noise source
and I only know about http://www.rahul.net/dkaufman/noise063a2.zip.
This driver does not work with Windows.

The test machine is a VMWare Player 5.0.1 build-894247 with OpenSUSE 12.1
as host OS. The Player has been configure with a NAT network connection.
DHCP is used to assign IP addresses. OpenSSL tries to read watt.cfg to get
the required network parameterrs. My watt.cfg file is stored in directory:
/dev/env/DJDIR/net/watt/bin
and has a single line like this:
my_ip = dhcp
Using the tcpinfo.exe program include in my lately uploaded build of Watt-32
gives the following output:
---------- OUTPUT START ----------
using sample configuration
contact local network guru for more details
Configuring through DHCP..Reading configuration file `c:\djgpp-2.04\net\watt\bin\wattcp.cfg'
Warning: %WATT_ROOT% contains forward ('/') slashes.
This may break some Makefiles.
PKTDRVR Name : NE2100, version 0.03, API ?, intr 0x60
Class : Ethernet, level 2, RX mode 5
Address : 00:50:56:21:5C:AF

IP Address : 172.16.244.142
Network Mask : 255.255.255.0

Gateways : GATEWAY'S IP SUBNET SUBNET MASK
: 172.16.244.2 DEFAULT DEFAULT

ARP Cache : IP Address MAC Address Type Timeout
: 172.16.244.2 00:50:56:FE:B0:9E dynamic 299451 ms

Host name : random-pc.localdomain
Domain name : localdomain
Nameserver : 172.16.244.2 Timeout 120s

DHCP : Enabled and SUCCEEDED
DHCP Server : 172.16.244.254

IPv6-address : FE80::2001:80FF:FE21:5CAF
6-to-4 gateway : 0.0.0.0

Max Seg Size,MSS : 1460 bytes
Max Transmit,MTU : 1500 bytes

TCP timers : Sock delay 30s, Inactivity 0s, Keep-alive 120s/30s
: Open 1000ms, Close 1000ms, RST time 100ms
: RTO base 10ms, RTO add 100ms, Retrans 10ms

_tcp_Socket size : 4460 bytes
_udp_Socket size : 1736 bytes

HOSTS file : <NONE>
HOSTS6 file : <NONE>
SERVICES file : <NONE>
PROTOCOL file : <NONE>
NETWORKS file : <NONE>
ETHERS file : <NONE>

Version info : Watt-32 (2.2.10), GNU-C 4.7.2 (Pent), djgpp 2.04, Jan 12 2013
Capabilities : /debug/mcast/bind/BSDsock/BSDfatal/bootp/dhcp/rarp/lang/frag/stat/fortify/fsext/loopback/tftp/echo/PPPoE/IPv6/RS232/gzip-compr/TCP-MD5/DynIP/profiler/fast-pkt
---------- OUTPUT END ----------


To check if openssl.exe works I have issued the same command than you;
this is:
openssl s_client -no_ssl2 -debug -host www.google.com -port 443 -state
I do not know for what this is good but it produces the following output:

---------- OUTPUT START ----------
using sample configuration
contact local network guru for more details
SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL_connect:SSLv3 read server hello A
depth=1 C = ZA, O = Thawte Consulting (Pty) Ltd., CN = Thawte SGC CA
verify error:num=20:unable to get local issuer certificate
verify return:0
SSL_connect:SSLv3 read server certificate A
SSL_connect:SSLv3 read server key exchange A
SSL_connect:SSLv3 read server done A
SSL_connect:SSLv3 write client key exchange A
SSL_connect:SSLv3 write change cipher spec A
SSL_connect:SSLv3 write finished A
SSL_connect:SSLv3 flush data
SSL_connect:SSLv3 read server session ticket A
SSL_connect:SSLv3 read finished A
CONNECTED(00000008)
write to 0x3a4460 [0x3c4590] (322 bytes => 322 (0x142))
0000 - 16 03 01 01 3d 01 00 01-39 03 03 50 f2 2d e8 dd ....=...9..P.-..
0010 - 94 1a 4d 51 3e b6 87 2d-de d7 09 a6 8f 19 e0 32 ..MQ>..-.......2
0020 - 82 d0 dd 1b 9c 7a fb c7-6f 3c 5d 00 00 a0 c0 30 .....z..o<]....0
0030 - c0 2c c0 28 c0 24 c0 14-c0 0a c0 22 c0 21 00 a3 .,.(.$.....".!..
0040 - 00 9f 00 6b 00 6a 00 39-00 38 00 88 00 87 c0 32 ...k.j.9.8.....2
0050 - c0 2e c0 2a c0 26 c0 0f-c0 05 00 9d 00 3d 00 35 ...*.&.......=.5
0060 - 00 84 c0 12 c0 08 c0 1c-c0 1b 00 16 00 13 c0 0d ................
0070 - c0 03 00 0a c0 2f c0 2b-c0 27 c0 23 c0 13 c0 09 ...../.+.'.#....
0080 - c0 1f c0 1e 00 a2 00 9e-00 67 00 40 00 33 00 32 .........g.@.3.2
0090 - 00 9a 00 99 00 45 00 44-c0 31 c0 2d c0 29 c0 25 .....E.D.1.-.).%
00a0 - c0 0e c0 04 00 9c 00 3c-00 2f 00 96 00 41 00 07 .......<./...A..
00b0 - c0 11 c0 07 c0 0c c0 02-00 05 00 04 00 15 00 12 ................
00c0 - 00 09 00 14 00 11 00 08-00 06 00 03 00 ff 02 01 ................
00d0 - 00 00 6f 00 0b 00 04 03-00 01 02 00 0a 00 34 00 ..o...........4.
00e0 - 32 00 0e 00 0d 00 19 00-0b 00 0c 00 18 00 09 00 2...............
00f0 - 0a 00 16 00 17 00 08 00-06 00 07 00 14 00 15 00 ................
0100 - 04 00 05 00 12 00 13 00-01 00 02 00 03 00 0f 00 ................
0110 - 10 00 11 00 23 00 00 00-0d 00 22 00 20 06 01 06 ....#.....". ...
0120 - 02 06 03 05 01 05 02 05-03 04 01 04 02 04 03 03 ................
0130 - 01 03 02 03 03 02 01 02-02 02 03 01 01 00 0f 00 ................
0140 - 01 01 ..
read from 0x3a4460 [0x3c9af8] (7 bytes => 7 (0x7))
0000 - 16 03 03 00 42 02 ....B.
0007 - <SPACES/NULS>
read from 0x3a4460 [0x3c9b02] (64 bytes => 64 (0x40))
0000 - 00 3e 03 03 50 f2 12 7a-53 3e 23 5b d0 28 71 ca .>..P..zS>#[.(q.
0010 - 96 43 3a 53 3c ad 1a 02-1b b1 5f 18 4c 0a 67 27 .C:S<....._.L.g'
0020 - b1 ff ba ab 00 c0 11 00-00 16 ff 01 00 01 00 00 ................
0030 - 0b 00 04 03 00 01 02 00-23 00 00 00 0f 00 01 01 ........#.......
read from 0x3a4460 [0x3c9afb] (5 bytes => 5 (0x5))
0000 - 16 03 03 06 59 ....Y
read from 0x3a4460 [0x3c9b00] (1625 bytes => 1625 (0x659))
0000 - 0b 00 06 55 00 06 52 00-03 25 30 82 03 21 30 82 ...U..R..%0..!0.
0010 - 02 8a a0 03 02 01 02 02-10 4f 9d 96 d9 66 b0 99 .........O...f..
0020 - 2b 54 c2 95 7c b4 15 7d-4d 30 0d 06 09 2a 86 48 +T..|..}M0...*.H
0030 - 86 f7 0d 01 01 05 05 00-30 4c 31 0b 30 09 06 03 ........0L1.0...
0040 - 55 04 06 13 02 5a 41 31-25 30 23 06 03 55 04 0a U....ZA1%0#..U..
0050 - 13 1c 54 68 61 77 74 65-20 43 6f 6e 73 75 6c 74 ..Thawte Consult
0060 - 69 6e 67 20 28 50 74 79-29 20 4c 74 64 2e 31 16 ing (Pty) Ltd.1.
0070 - 30 14 06 03 55 04 03 13-0d 54 68 61 77 74 65 20 0...U....Thawte
0080 - 53 47 43 20 43 41 30 1e-17 0d 31 31 31 30 32 36 SGC CA0...111026
0090 - 30 30 30 30 30 30 5a 17-0d 31 33 30 39 33 30 32 000000Z..1309302
00a0 - 33 35 39 35 39 5a 30 68-31 0b 30 09 06 03 55 04 35959Z0h1.0...U.
00b0 - 06 13 02 55 53 31 13 30-11 06 03 55 04 08 13 0a ...US1.0...U....
00c0 - 43 61 6c 69 66 6f 72 6e-69 61 31 16 30 14 06 03 California1.0...
00d0 - 55 04 07 14 0d 4d 6f 75-6e 74 61 69 6e 20 56 69 U....Mountain Vi
00e0 - 65 77 31 13 30 11 06 03-55 04 0a 14 0a 47 6f 6f ew1.0...U....Goo
00f0 - 67 6c 65 20 49 6e 63 31-17 30 15 06 03 55 04 03 gle Inc1.0...U..
0100 - 14 0e 77 77 77 2e 67 6f-6f 67 6c 65 2e 63 6f 6d ..www.google.com
0110 - 30 81 9f 30 0d 06 09 2a-86 48 86 f7 0d 01 01 01 0..0...*.H......
0120 - 05 00 03 81 8d 00 30 81-89 02 81 81 00 de b7 26 ......0........&
0130 - 43 a6 99 85 cd 38 a7 15-09 b9 cf 0f c9 c3 55 8c C....8........U.
0140 - 88 ee 8c 8d 28 27 24 4b-2a 5e a0 d8 16 fa 61 18 ....('$K*^....a.
0150 - 4b cf 6d 60 80 d3 35 40-32 72 c0 8f 12 d8 e5 4e K.m`..5@2r.....N
0160 - 8f b9 b2 f6 d9 15 5e 5a-86 31 a3 ba 86 aa 6b c8 ......^Z.1....k.
0170 - d9 71 8c cc cd 27 13 1e-9d 42 5d 38 f6 a7 ac ef .q...'...B]8....
0180 - fa 62 f3 18 81 d4 24 46-7f 01 77 7c c6 2a 89 14 .b....$F..w|.*..
0190 - 99 bb 98 39 1d a8 19 fb-39 00 44 7d 1b 94 6a 78 ...9....9.D}..jx
01a0 - 2d 69 ad c0 7a 2c fa d0-da 20 12 98 d3 02 03 01 -i..z,... ......
01b0 - 00 01 a3 81 e7 30 81 e4-30 0c 06 03 55 1d 13 01 .....0..0...U...
01c0 - 01 ff 04 02 30 00 30 36-06 03 55 1d 1f 04 2f 30 ....0.06..U.../0
01d0 - 2d 30 2b a0 29 a0 27 86-25 68 74 74 70 3a 2f 2f -0+.).'.%http://
01e0 - 63 72 6c 2e 74 68 61 77-74 65 2e 63 6f 6d 2f 54 crl.thawte.com/T
01f0 - 68 61 77 74 65 53 47 43-43 41 2e 63 72 6c 30 28 hawteSGCCA.crl0(
0200 - 06 03 55 1d 25 04 21 30-1f 06 08 2b 06 01 05 05 ..U.%.!0...+....
0210 - 07 03 01 06 08 2b 06 01-05 05 07 03 02 06 09 60 .....+.........`
0220 - 86 48 01 86 f8 42 04 01-30 72 06 08 2b 06 01 05 .H...B..0r..+...
0230 - 05 07 01 01 04 66 30 64-30 22 06 08 2b 06 01 05 .....f0d0"..+...
0240 - 05 07 30 01 86 16 68 74-74 70 3a 2f 2f 6f 63 73 ..0...http://ocs
0250 - 70 2e 74 68 61 77 74 65-2e 63 6f 6d 30 3e 06 08 p.thawte.com0>..
0260 - 2b 06 01 05 05 07 30 02-86 32 68 74 74 70 3a 2f +.....0..2http:/
0270 - 2f 77 77 77 2e 74 68 61-77 74 65 2e 63 6f 6d 2f /www.thawte.com/
0280 - 72 65 70 6f 73 69 74 6f-72 79 2f 54 68 61 77 74 repository/Thawt
0290 - 65 5f 53 47 43 5f 43 41-2e 63 72 74 30 0d 06 09 e_SGC_CA.crt0...
02a0 - 2a 86 48 86 f7 0d 01 01-05 05 00 03 81 81 00 21 *.H............!
02b0 - ac d5 ae ca 34 89 5a c2-ab 52 d2 b2 34 66 9d 7a ....4.Z..R..4f.z
02c0 - ab ee e6 7c d5 7e c2 5c-28 bb 74 00 c9 10 1f 42 ...|.~.\(.t....B
02d0 - 13 fc 69 8a 1e 24 a0 02-00 e9 ba 5b ca 19 04 b2 ..i..$.....[....
02e0 - d3 af 01 b2 7e 5f 14 db-a6 db 52 b9 9a f3 12 7f ....~_....R.....
02f0 - 7c a2 9c 3b 6f 99 7d ea-50 0d 76 23 12 ff f7 66 |..;o.}.P.v#...f
0300 - 73 29 b7 95 0a ad d8 8b-b2 de 20 e9 0a 70 64 11 s)........ ..pd.
0310 - 08 c8 5a f1 7d 9e ec 69-a5 a5 d5 82 d7 27 1e 9e ..Z.}..i.....'..
0320 - 56 cd d2 76 d5 79 2b f7-25 43 1c 69 f0 b8 f9 00 V..v.y+.%C.i....
0330 - 03 27 30 82 03 23 30 82-02 8c a0 03 02 01 02 02 .'0..#0.........
0340 - 04 30 00 00 02 30 0d 06-09 2a 86 48 86 f7 0d 01 .0...0...*.H....
0350 - 01 05 05 00 30 5f 31 0b-30 09 06 03 55 04 06 13 ....0_1.0...U...
0360 - 02 55 53 31 17 30 15 06-03 55 04 0a 13 0e 56 65 .US1.0...U....Ve
0370 - 72 69 53 69 67 6e 2c 20-49 6e 63 2e 31 37 30 35 riSign, Inc.1705
0380 - 06 03 55 04 0b 13 2e 43-6c 61 73 73 20 33 20 50 ..U....Class 3 P
0390 - 75 62 6c 69 63 20 50 72-69 6d 61 72 79 20 43 65 ublic Primary Ce
03a0 - 72 74 69 66 69 63 61 74-69 6f 6e 20 41 75 74 68 rtification Auth
03b0 - 6f 72 69 74 79 30 1e 17-0d 30 34 30 35 31 33 30 ority0...0405130
03c0 - 30 30 30 30 30 5a 17 0d-31 34 30 35 31 32 32 33 00000Z..14051223
03d0 - 35 39 35 39 5a 30 4c 31-0b 30 09 06 03 55 04 06 5959Z0L1.0...U..
03e0 - 13 02 5a 41 31 25 30 23-06 03 55 04 0a 13 1c 54 ..ZA1%0#..U....T
03f0 - 68 61 77 74 65 20 43 6f-6e 73 75 6c 74 69 6e 67 hawte Consulting
0400 - 20 28 50 74 79 29 20 4c-74 64 2e 31 16 30 14 06 (Pty) Ltd.1.0..
0410 - 03 55 04 03 13 0d 54 68-61 77 74 65 20 53 47 43 .U....Thawte SGC
0420 - 20 43 41 30 81 9f 30 0d-06 09 2a 86 48 86 f7 0d CA0..0...*.H...
0430 - 01 01 01 05 00 03 81 8d-00 30 81 89 02 81 81 00 .........0......
0440 - d4 d3 67 d0 8d 15 7f ae-cd 31 fe 7d 1d 91 a1 3f ..g......1.}...?
0450 - 0b 71 3c ac cc c8 64 fb-63 fc 32 4b 07 94 bd 6f .q<...d.c.2K...o
0460 - 80 ba 2f e1 04 93 c0 33-fc 09 33 23 e9 0b 74 2b ../....3..3#..t+
0470 - 71 c4 03 c6 d2 cd e2 2f-f5 09 63 cd ff 48 a5 00 q....../..c..H..
0480 - bf e0 e7 f3 88 b7 2d 32-de 98 36 e6 0a ad 00 7b ......-2..6....{
0490 - c4 64 4a 3b 84 75 03 f2-70 92 7d 0e 62 f5 21 ab .dJ;.u..p.}.b.!.
04a0 - 69 36 84 31 75 90 f8 bf-c7 6c 88 1b 06 95 7c c9 i6.1u....l....|.
04b0 - e5 a8 de 75 a1 2c 7a 68-df d5 ca 1c 87 58 60 19 ...u.,zh.....X`.
04c0 - 02 03 01 00 01 a3 81 fe-30 81 fb 30 12 06 03 55 ........0..0...U
04d0 - 1d 13 01 01 ff 04 08 30-06 01 01 ff 02 01 00 30 .......0.......0
04e0 - 0b 06 03 55 1d 0f 04 04-03 02 01 06 30 11 06 09 ...U........0...
04f0 - 60 86 48 01 86 f8 42 01-01 04 04 03 02 01 06 30 `.H...B........0
0500 - 28 06 03 55 1d 11 04 21-30 1f a4 1d 30 1b 31 19 (..U...!0...0.1.
0510 - 30 17 06 03 55 04 03 13-10 50 72 69 76 61 74 65 0...U....Private
0520 - 4c 61 62 65 6c 33 2d 31-35 30 31 06 03 55 1d 1f Label3-1501..U..
0530 - 04 2a 30 28 30 26 a0 24-a0 22 86 20 68 74 74 70 .*0(0&.$.". http
0540 - 3a 2f 2f 63 72 6c 2e 76-65 72 69 73 69 67 6e 2e ://crl.verisign.
0550 - 63 6f 6d 2f 70 63 61 33-2e 63 72 6c 30 32 06 08 com/pca3.crl02..
0560 - 2b 06 01 05 05 07 01 01-04 26 30 24 30 22 06 08 +........&0$0"..
0570 - 2b 06 01 05 05 07 30 01-86 16 68 74 74 70 3a 2f +.....0...http:/
0580 - 2f 6f 63 73 70 2e 74 68-61 77 74 65 2e 63 6f 6d /ocsp.thawte.com
0590 - 30 34 06 03 55 1d 25 04-2d 30 2b 06 08 2b 06 01 04..U.%.-0+..+..
05a0 - 05 05 07 03 01 06 08 2b-06 01 05 05 07 03 02 06 .......+........
05b0 - 09 60 86 48 01 86 f8 42-04 01 06 0a 60 86 48 01 .`.H...B....`.H.
05c0 - 86 f8 45 01 08 01 30 0d-06 09 2a 86 48 86 f7 0d ..E...0...*.H...
05d0 - 01 01 05 05 00 03 81 81-00 55 ac 63 ea de a1 dd .........U.c....
05e0 - d2 90 5f 9f 0b ce 76 be-13 51 8f 93 d9 05 2b c8 .._...v..Q....+.
05f0 - 1b 77 4b ad 69 50 a1 ee-de dc fd db 07 e9 e8 39 .wK.iP.........9
0600 - 94 dc ab 72 79 2f 06 bf-ab 81 70 c4 a8 ed ea 53 ...ry/....p....S
0610 - 34 ed ef 1e 53 d9 06 c7-56 2b d1 5c f4 d1 8a 8e 4...S...V+.\....
0620 - b4 2b b1 37 90 48 08 42-25 c5 3e 8a cb 7f eb 6f .+.7.H.B%.>....o
0630 - 04 d1 6d c5 74 a2 f7 a2-7c 7b 60 3c 77 cd 0e ce ..m.t...|{`<w...
0640 - 48 02 7f 01 2f b6 9b 37-e0 2a 2a 36 dc d5 85 d6 H.../..7.**6....
0650 - ac e5 3f 54 6f 96 1e 05-af ..?To....
read from 0x3a4460 [0x3c9afb] (5 bytes => 5 (0x5))
0000 - 16 03 03 00 cd .....
read from 0x3a4460 [0x3c9b00] (205 bytes => 205 (0xCD))
0000 - 0c 00 00 c9 03 00 17 41-04 84 0c c6 ea 1e d4 a1 .......A........
0010 - fd 52 5c 75 90 40 eb 9a-8f fd 12 b5 b2 95 17 03 .R\u.@..........
0020 - 89 5a 0c 37 46 02 39 bd-af 08 95 66 79 f4 23 4c .Z.7F.9....fy.#L
0030 - ee 49 df ed d8 44 e7 4c-31 22 09 5f 2d 6a a5 40 .I...D.L1"._-j.@
0040 - 1d 66 60 d4 43 6a f1 cd-f8 06 01 00 80 98 f1 17 .f`.Cj..........
0050 - fd b9 b9 56 f2 c4 f4 7c-e2 b2 44 43 6f e6 e9 fa ...V...|..DCo...
0060 - 17 a4 36 11 b4 57 be 64-1c 15 73 d6 9b d4 40 0e ..6..W.d..s...@.
0070 - 2e d1 0c d4 33 0e 64 9f-b5 8c 60 21 5a f7 f0 6e ....3.d...`!Z..n
0080 - f1 49 56 0b 3e 31 04 ee-53 a3 6a f5 56 07 7b 56 .IV.>1..S.j.V.{V
0090 - 81 93 e4 80 c8 56 73 38-6a b6 82 7f 84 b6 0f 4b .....Vs8j......K
00a0 - c0 28 c6 cc 46 5b 39 bd-8e 4b 67 3f 4c b1 7d 9d .(..F[9..Kg?L.}.
00b0 - 38 f8 dc c4 9e 11 32 81-52 af 21 e4 9a b0 1b ae 8.....2.R.!.....
00c0 - 89 07 42 21 f7 c5 ab 85-a4 6c 3d 2c b6 ..B!.....l=,.
read from 0x3a4460 [0x3c9afb] (5 bytes => 5 (0x5))
0000 - 16 03 03 00 04 .....
read from 0x3a4460 [0x3c9b00] (4 bytes => 4 (0x4))
0000 - 0e .
0004 - <SPACES/NULS>
write to 0x3a4460 [0x3aa058] (75 bytes => 75 (0x4B))
0000 - 16 03 03 00 46 10 00 00-42 41 04 a6 78 92 fb 57 ....F...BA..x..W
0010 - 8c 6d a0 34 49 78 d0 7f-92 49 26 9c ea ac 68 e3 .m.4Ix...I&...h.
0020 - 29 34 7b e7 22 47 1e d0-34 f9 b0 2e 48 17 ed ac )4{."G..4...H...
0030 - 04 5a a4 42 51 45 9a aa-d8 d5 45 0c 5a e5 8f 16 .Z.BQE....E.Z...
0040 - 6c 48 8a 27 e3 dc c0 f8-50 cf 15 lH.'....P..
write to 0x3a4460 [0x3aa058] (6 bytes => 6 (0x6))
0000 - 14 03 03 00 01 01 ......
write to 0x3a4460 [0x3aa058] (41 bytes => 41 (0x29))
0000 - 16 03 03 00 24 07 9f 81-d3 11 26 4f 2f f6 a2 29 ....$.....&O/..)
0010 - 22 73 3e bc 2c c1 5f ac-f6 04 8c d8 1b 0d 52 60 "s>.,._.......R`
0020 - 13 77 aa 20 0d 97 c7 7a-12 .w. ...z.
read from 0x3a4460 [0x3c9afb] (5 bytes => 5 (0x5))
0000 - 16 03 03 00 9e .....
read from 0x3a4460 [0x3c9b00] (158 bytes => 158 (0x9E))
0000 - 04 00 00 9a 00 01 89 c0-00 94 6f 9a 0a 40 f0 84 ..........o..@..
0010 - 89 ce 1e d4 ac 63 f4 2d-50 93 3a 2b 8d 71 53 4d .....c.-P.:+.qSM
0020 - e5 5d 13 52 61 d7 8c d3-b0 85 3b a3 39 67 7e 53 .].Ra.....;.9g~S
0030 - c7 6a 59 91 a5 be 1c 2d-9e 51 1a 41 b4 d8 48 d3 .jY....-.Q.A..H.
0040 - b7 57 24 25 fd 77 79 56-ea 90 16 bc 3b ad 33 73 .W$%.wyV....;.3s
0050 - 56 ea 2e 2a 9c 70 0e d6-73 42 7f 8a 2a b0 89 99 V..*.p..sB..*...
0060 - 0a 97 a7 3d 07 12 ad 4c-8c 6b 43 8e 1c 66 78 1a ...=...L.kC..fx.
0070 - e3 2a ce c8 1e 8b 42 1b-ea 21 a3 f3 5c 60 09 64 .*....B..!..\`.d
0080 - 28 78 50 86 f7 12 e0 8c-74 be d4 47 19 2c ef a7 (xP.....t..G.,..
0090 - e9 36 7f b7 ec e5 f8 92-2a 2c 19 a9 d6 1c .6......*,....
read from 0x3a4460 [0x3c9afb] (5 bytes => 5 (0x5))
0000 - 14 03 03 00 01 .....
read from 0x3a4460 [0x3c9b00] (1 bytes => 1 (0x1))
0000 - 01 .
read from 0x3a4460 [0x3c9afb] (5 bytes => 5 (0x5))
0000 - 16 03 03 00 24 ....$
read from 0x3a4460 [0x3c9b00] (36 bytes => 36 (0x24))
0000 - bc 4a 79 4f 16 2a 6f 77-b7 7c 73 02 1b 1a ff ae .JyO.*ow.|s.....
0010 - c5 af 24 05 82 b8 81 e3-bd e3 d2 05 d2 0f 25 2a ..$...........%*
0020 - 70 a9 c9 ca p...
---
Certificate chain
0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=www.google.com
i:/C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
1 s:/C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIDITCCAoqgAwIBAgIQT52W2WawmStUwpV8tBV9TTANBgkqhkiG9w0BAQUFADBM
MQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkg
THRkLjEWMBQGA1UEAxMNVGhhd3RlIFNHQyBDQTAeFw0xMTEwMjYwMDAwMDBaFw0x
MzA5MzAyMzU5NTlaMGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh
MRYwFAYDVQQHFA1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKFApHb29nbGUgSW5jMRcw
FQYDVQQDFA53d3cuZ29vZ2xlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC
gYEA3rcmQ6aZhc04pxUJuc8PycNVjIjujI0oJyRLKl6g2Bb6YRhLz21ggNM1QDJy
wI8S2OVOj7my9tkVXlqGMaO6hqpryNlxjMzNJxMenUJdOPanrO/6YvMYgdQkRn8B
d3zGKokUmbuYOR2oGfs5AER9G5RqeC1prcB6LPrQ2iASmNMCAwEAAaOB5zCB5DAM
BgNVHRMBAf8EAjAAMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwudGhhd3Rl
LmNvbS9UaGF3dGVTR0NDQS5jcmwwKAYDVR0lBCEwHwYIKwYBBQUHAwEGCCsGAQUF
BwMCBglghkgBhvhCBAEwcgYIKwYBBQUHAQEEZjBkMCIGCCsGAQUFBzABhhZodHRw
Oi8vb2NzcC50aGF3dGUuY29tMD4GCCsGAQUFBzAChjJodHRwOi8vd3d3LnRoYXd0
ZS5jb20vcmVwb3NpdG9yeS9UaGF3dGVfU0dDX0NBLmNydDANBgkqhkiG9w0BAQUF
AAOBgQAhrNWuyjSJWsKrUtKyNGadeqvu5nzVfsJcKLt0AMkQH0IT/GmKHiSgAgDp
ulvKGQSy068Bsn5fFNum21K5mvMSf3yinDtvmX3qUA12IxL/92ZzKbeVCq3Yi7Le
IOkKcGQRCMha8X2e7GmlpdWC1ycenlbN0nbVeSv3JUMcafC4+Q==
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=Mountain View/O=Google Inc/CN=www.google.com
issuer=/C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
---
No client certificate CA names sent
---
SSL handshake has read 2130 bytes and written 444 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-RC4-SHA
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-RC4-SHA
Session-ID: 223F357A4EBDAC093F5B28B38DF9E1A47CB9D5D5B2C92D9D19051F0986F753CF
Session-ID-ctx:
Master-Key: 1EAA3DE4162BA8A67E29235851050395378D792D006EE50864E80B9991FEC9AB2EC355061CC1DCA3B6B28F3F712A0F4B
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 100800 (seconds)
TLS session ticket:
0000 - 6f 9a 0a 40 f0 84 89 ce-1e d4 ac 63 f4 2d 50 93 o..@.......c.-P.
0010 - 3a 2b 8d 71 53 4d e5 5d-13 52 61 d7 8c d3 b0 85 :+.qSM.].Ra.....
0020 - 3b a3 39 67 7e 53 c7 6a-59 91 a5 be 1c 2d 9e 51 ;.9g~S.jY....-.Q
0030 - 1a 41 b4 d8 48 d3 b7 57-24 25 fd 77 79 56 ea 90 .A..H..W$%.wyV..
0040 - 16 bc 3b ad 33 73 56 ea-2e 2a 9c 70 0e d6 73 42 ..;.3sV..*.p..sB
0050 - 7f 8a 2a b0 89 99 0a 97-a7 3d 07 12 ad 4c 8c 6b ..*......=...L.k
0060 - 43 8e 1c 66 78 1a e3 2a-ce c8 1e 8b 42 1b ea 21 C..fx..*....B..!
0070 - a3 f3 5c 60 09 64 28 78-50 86 f7 12 e0 8c 74 be ..\`.d(xP.....t.
0080 - d4 47 19 2c ef a7 e9 36-7f b7 ec e5 f8 92 2a 2c .G.,...6......*,
0090 - 19 a9 d6 1c ....

Start Time: 1358048744
Timeout : 300 (sec)
Verify return code: 20 (unable to get local issuer certificate)
---
HTTP/1.0 400 Bad Request
Content-Type: text/html; charset=UTF-8
Content-Length: 925
Date: Sun, 13 Jan 2013 01:52:33 GMT
Server: GFE/2.0

<!DOCTYPE html>
<html lang=en>
<meta charset=utf-8>
<meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">
<title>Error 400 (Bad Request)!!1</title>
<style>
*{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}
</style>
<a href=//www.google.com/><img src=//www.google.com/images/errors/logo_sm.gif alt=Google></a>
<p><b>400.</b> <ins>That�s an error.</ins>
<p>Your client has issued a malformed or illegal request. <ins>That�s all we know.</ins>
read:errno=0
write to 0x3a4460 [0x3ce053] (30 bytes => 30 (0x1E))
0000 - 17 03 03 00 19 19 2c ff-07 1e ac 4c a5 de 03 39 ......,....L...9
0010 - 90 e4 75 06 81 93 07 52-b6 56 b3 4c 0f e7 ..u....R.V.L..
read from 0x3a4460 [0x3c9afb] (5 bytes => 5 (0x5))
0000 - 17 03 03 04 40 ....@
read from 0x3a4460 [0x3c9b00] (1088 bytes => 1088 (0x440))
0000 - 7b 9e ec de 3d 02 94 36-98 3a 1a da e7 09 60 44 {...=..6.:....`D
0010 - 9f b9 68 0e f8 57 47 50-4d e6 4f 4d 68 83 e7 6c ..h..WGPM.OMh..l
0020 - 06 91 65 4d 73 99 d3 0f-60 94 d8 3c 84 c4 a4 a1 ..eMs...`..<....
0030 - 98 69 02 50 49 69 7f f3-52 a7 e9 46 55 c8 6e b9 .i.PIi..R..FU.n.
0040 - 49 30 41 76 96 7e c9 28-cb 83 c7 d9 2f e3 00 bc I0Av.~.(..../...
0050 - 6f aa 8b 00 02 eb 01 b3-6c 4b 6b ef cc 55 af 91 o.......lKk..U..
0060 - 39 e2 70 f3 81 24 13 86-c0 72 1f 3f 37 05 48 df 9.p..$...r.?7.H.
0070 - e3 46 cf 23 e9 f0 a4 b6-9e e1 1d 21 fd 41 37 87 .F.#.......!.A7.
0080 - 51 4f 8d 56 ab 5e 2c de-23 72 26 67 d3 b5 ef 6e QO.V.^,.#r&g...n
0090 - 57 ca 80 bb d8 63 ac ec-98 91 6c 1c 97 46 81 08 W....c....l..F..
00a0 - 0a f5 a7 40 6d ce ae 23-17 a0 72 e9 ec 53 88 7e ...@m..#..r..S.~
00b0 - 6f 8a 54 b2 51 7b db 95-c0 1f 2d 36 9b 1c 88 51 o.T.Q{....-6...Q
00c0 - b8 8e 7a 6c 67 4b 4f 95-59 fe ed e6 09 a6 06 8a ..zlgKO.Y.......
00d0 - cf 2b 91 1a 5d 52 e5 e3-5d 30 4c 5d 0e 3d 90 48 .+..]R..]0L].=.H
00e0 - 6b 42 67 df 78 8e 1d ac-dc 67 c3 58 72 33 97 47 kBg.x....g.Xr3.G
00f0 - bc 0b da 44 68 bd 9f e9-7b 39 a8 a5 d7 53 92 15 ...Dh...{9...S..
0100 - 9d 85 a1 26 3c 6f f6 5d-a8 e3 f9 ea eb e1 b2 79 ...&<o.].......y
0110 - 5b 1e db 95 1d 1f 09 86-44 3c d0 51 20 34 eb 6d [.......D<.Q 4.m
0120 - cb 1b e5 66 f8 85 10 94-ce 80 9a 71 ca c2 45 bb ...f.......q..E.
0130 - b3 8a 8f 26 dc ea d9 07-29 e6 f6 5c 4b 0e 42 d1 ...&....)..\K.B.
0140 - e9 35 7d cc 25 1a 75 67-9a be f9 52 5f ac 08 8b .5}.%.ug...R_...
0150 - ab 10 f1 67 9d 09 a8 2d-26 34 3c b6 75 f6 0a 5e ...g...-&4<.u..^
0160 - 35 7a 67 c9 64 b4 46 f6-ec 86 49 13 bf cb d2 96 5zg.d.F...I.....
0170 - 3f d9 0b 42 93 7c e5 ab-bd 6e 4b 22 5f d7 df ff ?..B.|...nK"_...
0180 - c1 30 52 3a bf bd b0 93-d8 a0 8e 2c bc 09 2e 4d .0R:.......,...M
0190 - 80 c6 72 c2 50 4a 66 bf-cf af f1 35 6e b2 38 9b ..r.PJf....5n.8.
01a0 - 78 34 fb 6d 0c 20 a7 11-59 06 6a aa 31 66 0e f1 x4.m. ..Y.j.1f..
01b0 - f7 a8 9e e1 4d 7f 4f b2-ff 80 43 ad 9f 59 7f bb ....M.O...C..Y..
01c0 - bd e8 3a e8 85 9a dd 8b-78 f8 25 75 1b 47 f4 95 ..:.....x.%u.G..
01d0 - ac bd d1 5c 61 f9 ea ae-44 8c 2c 00 9f 51 cd 3a ...\a...D.,..Q.:
01e0 - 02 8a 6d 57 d8 6d 80 6f-f1 7f ed d0 e5 75 02 5b ..mW.m.o.....u.[
01f0 - 57 9c 6b 18 15 e6 64 c3-fd e6 71 06 45 15 ef 04 W.k...d...q.E...
0200 - 18 98 a6 87 1d 8d 04 e3-78 07 8b d8 5a c0 b5 b5 ........x...Z...
0210 - fc 7e 06 12 32 87 16 69-82 81 93 20 68 63 c2 0f .~..2..i... hc..
0220 - 17 10 16 fe f7 2e 59 7e-f3 96 79 d2 a6 a0 11 86 ......Y~..y.....
0230 - 46 d6 67 48 ca 62 0c f4-10 13 90 23 a7 62 d6 5f F.gH.b.....#.b._
0240 - e5 b2 6b c7 e6 66 d9 7d-fb bd a5 b0 9e 09 02 af ..k..f.}........
0250 - 2c a4 c1 00 02 c0 82 03-b9 96 bf 77 0c fb 77 62 ,..........w..wb
0260 - 11 0d fb 4e 52 fc b3 53-27 cb f8 0a 24 5a 82 de ...NR..S'...$Z..
0270 - b2 a5 ff 35 39 e1 95 3d-b6 f7 06 ee e7 6a 0a 6e ...59..=.....j.n
0280 - e6 41 6b d8 33 55 02 e7-88 61 88 29 7b 18 18 19 .Ak.3U...a.){...
0290 - a5 0c 35 0c 10 4f b7 17-4a 00 54 2f 0e 97 7b 72 ..5..O..J.T/..{r
02a0 - 86 ef ee 8b 91 c6 57 86-b8 15 d0 e6 a7 5a 87 87 ......W......Z..
02b0 - c4 75 9d 0e 48 58 41 37-ed 32 af 78 17 14 ad 54 .u..HXA7.2.x...T
02c0 - 3f e9 0c 32 2b 37 8e 9d-58 cc c6 80 2e fe f8 0c ?..2+7..X.......
02d0 - 51 b3 e6 8a 1f c0 ae d4-49 99 cb af 4e ff b5 63 Q.......I...N..c
02e0 - d3 12 5c cf 40 46 4b b4-c4 39 f8 1d f0 66 94 20 ..\.@FK..9...f.
02f0 - 4d 53 a0 31 64 2b 4d dc-85 f8 cc 33 3b f2 93 05 MS.1d+M....3;...
0300 - a4 bc 93 79 90 a9 d7 a5-84 a4 4a 95 c8 42 c8 7f ...y......J..B..
0310 - ab f4 54 58 29 8e 45 b2-8f ee 40 8f cb ae b0 5c ..TX).E...@....\
0320 - f7 61 e4 1a 9e 56 a0 d5-f6 98 59 11 8a c2 46 19 .a...V....Y...F.
0330 - 10 e3 30 d2 92 03 47 a8-3f 80 c4 04 79 ed 22 ac ..0...G.?...y.".
0340 - cf 69 49 96 75 0e 98 48-73 3e 41 34 4b 7d c2 30 .iI.u..Hs>A4K}.0
0350 - 72 f5 53 b4 b9 3a 34 ec-ec 4e 79 d5 ac 03 80 85 r.S..:4..Ny.....
0360 - b5 72 0f 27 76 c4 01 87-42 a3 05 d8 a8 29 c2 c7 .r.'v...B....)..
0370 - 02 f6 05 4c bd f6 ce de-60 96 e6 f7 25 a3 e0 ce ...L....`...%...
0380 - 45 8f 21 cd 9f ad f5 ad-a7 bb fc 66 1e f8 87 5c E.!........f...\
0390 - 03 8c ea da 27 7f 6a bd-86 fb 85 9a 16 41 d2 53 ....'.j......A.S
03a0 - dc 22 2a e6 f6 b0 0a fc-79 4c 35 e2 75 71 55 72 ."*.....yL5.uqUr
03b0 - 55 31 37 45 5b 32 f6 be-3e 15 68 1e b3 2a 7e 13 U17E[2..>.h..*~.
03c0 - 99 b3 c0 84 48 0d 6f f0-65 d1 75 b6 54 81 c2 a8 ....H.o.e.u.T...
03d0 - 07 f0 0d 45 ed 0c b8 36-3b e9 cf 20 fa 93 81 0d ...E...6;.. ....
03e0 - 84 7d 61 96 42 f9 42 36-53 a0 76 c3 55 67 e0 69 .}a.B.B6S.v.Ug.i
03f0 - aa 3b 15 9c b0 d6 06 68-f3 33 cc ac 1d 73 70 0c .;.....h.3...sp.
0400 - 78 6c b7 ee 83 72 9a cc-04 d6 01 97 57 03 be e5 xl...r......W...
0410 - b2 68 7f c9 9e 0b 24 5b-73 8b 7d 18 fe 2f ba bb .h....$[s.}../..
0420 - 2a db a3 7d 8f 2a 82 ad-64 08 0d 67 40 29 d0 c7 *..}.*..d..g@)..
0430 - 67 9a 5a 96 a0 0b 64 77-d8 93 cc 61 3c cd 52 13 g.Z...dw...a<.R.
read from 0x3a4460 [0x3c9afb] (5 bytes => 0 (0x0))
write to 0x3a4460 [0x3ce053] (27 bytes => -1 (0xFFFFFFFF))
---------- OUTPUT END ----------

Again, I do not fully understand all this, but I think openssl.exe gets a
connection to www.google.com. I do not have any special certificates and
I do not how to create them. Neitherless this shows that the port works
__IF AND ONLY IF__ it is compiled with a working version of Watt-32.
Due to this reason I have decided to upload my build of Watt-32. It can be
downloaded as:
<ftp://ftp.delorie.com/pub/djgpp/current/v2tk/wat3222b.zip>
<ftp://ftp.delorie.com/pub/djgpp/current/v2tk/wat3222s.zip>
<ftp://ftp.delorie.com/pub/djgpp/beta/v2tk/wat3222b.zip>
If that Watt-32 port is not used, I will not be able to answer questions
and give any support.


4) I have never tried any of the of the sample code that is delivered with
OpenSSL. Here you are alone, but I think that with some adjustments it
should work.


All this leads me to the conclusion that both ports, the Watt-32 and the OpenSSL
works flawlessly. But it is escential not to mix libraries compiled with
different compilers. Watt-32 seem to be tailored to be build with gcc 2.7.2 and
to use coff debug format. This no longer works with the gcc 4.N.N compilers.
Also the configuration like environmet variables and configuration files watt.cfg
and other reflecting the network hardwire is crucial. User errors have serious
consequences. If more info or test needs to be done, let my know.


Regards,
Juan M. Guerrero

0
Juan
1/13/2013 4:09:43 PM
Hi Juan,

thank you very much for looking into this! I downloaded your WAT3222b.zip and want to use that now. Will this work with djdev204 and my gcc 4.5.3? Or is this compiled for djdev203 and gcc 2.7.2?

Georg
0
dosusb
1/13/2013 4:36:02 PM
I withdraw my question. Just saw in your tcpinfo output:
Version info : Watt-32 (2.2.10), GNU-C 4.7.2 (Pent), djgpp 2.04, Jan 12 2013 

Georg
0
dosusb
1/13/2013 5:03:06 PM
Am 13.01.2013 17:36, schrieb dosusb@googlemail.com:
> Hi Juan,
>
> thank you very much for looking into this! I downloaded your WAT3222b.zip and want to use that now. Will this work with djdev204 and my gcc 4.5.3? Or is this compiled for djdev203 and gcc 2.7.2?
>
> Georg
>
  <ftp://ftp.delorie.com/pub/djgpp/current/v2tk/wat3222b.zip>
is the version intended for use with DJGPP 2.03 (patchlevel2)
and has been compiled using djdev203, gcc472 and bnu2231 all available at:
  <ftp://ftp.delorie.com/pub/djgpp/current>

  <ftp://ftp.delorie.com/pub/djgpp/beta/v2tk/wat3222b.zip>
is the version intended for use with DJGPP 2.04 (beta)
and has been compiled using djdev204, gcc472 and bnu2231 all available at:
  <ftp://ftp.delorie.com/pub/djgpp/beta>


I do not have any gcc version less than gcc344 so I will not support gcc 2.N.N
at all.  Using gcc 4.5.3 is OK.

If you want to use Watt-32 in your project, you need to set some environment
variables.  You can unzip wat3222b.zip where you like.  There is no need to
unzip it in the DJGPP installation tree but I will assume this case in the
following example.  DJGPP 2.04 is installed in c:/djgpp-2.04 and you unzip
wat3222b.zip in this top installation directory.  Then the /net/watt directory
will be created.  In this directory, the three directories /bin, /inc and /lib
will be created.  To be able to compile you application using this library
the following environment variables must be set:
   set WATT_ROOT=c:\djgpp-2.04\net\watt
   set C_INCLUDE_PATH=c:/djgpp-2.04/net/watt/inc
   set LIBRARY_PATH=c:/djgpp-2.04/net/watt/lib

The last two are gcc environment variables that tell the compiler where to
search for headers and libraries apart from the places defined in djgpp.env.
After having set this three variables you will be able to compile and link
your application.

To run your application you need to set at least the following the following
environment variable:
   set WATTCP.CFG=c:\djgpp-2.04\net\watt\bin
The value of the variable is arbitrary but it must point to the wattcp.cfg file
to be used by yor application.  The /bin directory contains all configuration
files delivered by watt32b-2.2-dev.10.zip.  The most important is probably
wattcp.cfg.  You must carefully adjust it to reflect your network hardware
and network configuration.  Here you are alone.
There are other configuration files there like smb.cfg, ppp.cfg, etc. that
may require adjustments to be useful for your application.

All documentation is stored in c:\djgpp-2.04\net\watt.  Please read it to
become familiar with the library.  Especially the install file tells a lot
about environment variables required to run an application linked with
this library.


The bottom line is:  if you prefer DJGPP 2.03 download and install
   ftp://ftp.delorie.com/pub/djgpp/current/v2tk/wat3222b.zip
but if you prefer DJGPP 2.04 download and install
   ftp://ftp.delorie.com/pub/djgpp/beta/v2tk/wat3222b.zip

Any gcc4NN version will work.  Probably also all gcc3NN versions will work
but I have not tested it.  From my experience with Watt-32 the real important
issue is not to mix object file and libraries that have been compiled using
different debug information formats like coff debug and dwarf2 debug format.

I had submitted an announcement email for wat3222b.zip to the announcement
mailing list but it seems that it is still in the pipe.


Regards,
Juan M. Guerrero

0
Juan
1/13/2013 6:26:24 PM
Hi Juan,

1. I thought I had downloaded my previous version of OpenSSL from the DJGPP=
 site but I guess I must have gotten it from some place else.

I hope I have not confused the libssl.a/libcrypto.a files. The ones compile=
d on 22.09.2012 - 02.03 are for djdev203 and the ones compiled on 22.09.201=
2 - 02.04 are for djdev204, is this correct?

2. I do not know what I changed but it now finds the openssl.cnf file.=20

3. I found that I can use the rand_seed command instead of noise.sys and th=
us run a openssl application in a Windows XP DOS box. See the example below=
..

Yes, the command below does establish an SSL connection to Google:
openssl s_client -no_ssl2 -debug -host www.google.com -port 443 -state=20

4. I compiled the example below with your watt32 and libssl.a/libcrypto.a a=
nd it worked now. I was using a different libwatt.a before which did not wo=
rk with your libssl.a version.

However, my Dillo version does not work at all when compiled with your libw=
att.a now. This is probably due to the different error codes returned by a =
libwatt.a compiled for djdev203 versus djdev204. I was happy that I got it =
to run at all and did ignore the warning. I will try to get Dillo to run wi=
th your libwatt.a.

For what its worth, here is my example code that downloads a https page fro=
m www.openssl.org and prints it to stdout. I found it on the net and adapte=
d it to djgpp:

/*
This example adapted to djgpp by Georg Potthast - Jan 2013

gcc -o SSL_demo.exe SSL_demo.c -L/djgpp/lib -lssl -lcrypto -lwatt  -lz

may need 'set C_INCLUDE_PATH=3DC:\net\watt\inc' or set WATT_ROOT
load packet driver and set WATTCP.CFG to run

The original authors comments below:
__________________________________________________________

Quickly using OpenSSL in C

A little while ago, I was working on a client/server communication module, =
and I wanted it to be secure. Looking at the documentation I could find, I =
quickly figured out that it wouldn't necessarily be easy to do.

Amongst the first issues are the validity of the server's certificate, whic=
h, as I didn't want to battle with this, I decided to skip

The example below shows how to connect and send/receive data on an SSL-encr=
ypted socket

http://savetheions.com/2010/01/16/quickly-using-openssl-in-c/

*/

#include <sys/socket.h>
#include <sys/types.h>
#include <netinet/in.h>
#include <netdb.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <unistd.h>
#include <errno.h>

#include <openssl/rand.h>
#include <openssl/ssl.h>
#include <openssl/err.h>

// Simple structure to keep track of the handle, and
// of what needs to be freed later.
typedef struct {
    int socket;
    SSL *sslHandle;
    SSL_CTX *sslContext;
} connection;

#define SERVER  "www.openssl.org"
//#define SERVER  "www.google.com"
#define PORT 443 //for https

/* Globals */
char sslerr[120];

/* Print SSL errors and exit */
void error_exit(char* text) {
	printf("\n\n%s: ",text);
	ERR_error_string(ERR_get_error(), sslerr);
	printf("ERR: %s\n",sslerr);
	exit(1);
}
/* Print Non-SSL errors and exit */
void print_error(char* text){
	printf("\n\n%s\n",text);
	exit(1);
}

// Establish a regular tcp connection
int tcpConnect ()
{
  int error, handle;
  struct hostent *host;
  struct sockaddr_in server;

  host =3D gethostbyname (SERVER);
  handle =3D socket (AF_INET, SOCK_STREAM, 0);
  if (handle =3D=3D -1) {=20
      handle =3D 0;=20
  } else {
      server.sin_family =3D AF_INET;
      server.sin_port =3D htons (PORT);
      server.sin_addr =3D *((struct in_addr *) host->h_addr);
      bzero (&(server.sin_zero), 8);

      error =3D connect (handle, (struct sockaddr *) &server,
                       sizeof (struct sockaddr));
      if (error =3D=3D -1) handle =3D 0;
  }
  return handle;
}

// Establish a connection using an SSL layer
connection *sslConnect (void)
{
  connection *c;
  int seedbytes;

  c =3D malloc (sizeof (connection));
  c->sslHandle =3D NULL;
  c->sslContext =3D NULL;

  c->socket =3D tcpConnect ();
  if (c->socket =3D=3D 0){
	  print_error("Connect failed");
	  exit(1);
  }
  =20
  // Register the error strings for libcrypto & libssl
  SSL_load_error_strings ();
 =20
  // Register the available ciphers and digests
  SSL_library_init ();
 =20
  // use RAND_seed instead of noise.sys -  string  is not secure, just test=
ing
  // will allow to run in Win XP DOS box - may use RAND_load_file() instead
  RAND_seed("2029848ftrzh58hzju69ifduzurasdfasdf",32);
 =20
  // New context saying we are a client, and using SSL 2 or 3
  c->sslContext =3D SSL_CTX_new (SSLv23_client_method ());
  if (c->sslContext =3D=3D NULL)
      error_exit ("Failed to create context");
 =20
  // Create an SSL struct for the connection
  c->sslHandle =3D SSL_new (c->sslContext);
  if (c->sslHandle =3D=3D NULL)
     error_exit ("Failed to create SSL structure");
 =20
  // Connect the SSL struct to our connection
  if (!SSL_set_fd (c->sslHandle, c->socket))
     error_exit ("Failed to connect SSL structure to socket");
 =20
  // Initiate SSL handshake
  int retval =3D SSL_connect(c->sslHandle);
  if (retval !=3D 1) { //retrieve SSL error first for SSL_connect()
      ERR_error_string(SSL_get_error(c->sslHandle,retval), sslerr);
      printf("\nSSL ERROR: %s\n",sslerr);
      error_exit ("SSL handshake failed");
  }

  return c;
}

// Disconnect & free connection struct
void sslDisconnect (connection *c)
{
  if (c->socket)
    close (c->socket);
  if (c->sslHandle)
    {
      SSL_shutdown (c->sslHandle);
      SSL_free (c->sslHandle);
    }
  if (c->sslContext)
    SSL_CTX_free (c->sslContext);

  free (c);
}

// Read all available text from the connection
char *sslRead (connection *c)
{
  const int readSize =3D 1024;
  char *rc =3D NULL;
  int received, count =3D 0;
  char buffer[1024];

  if (c)
    {
      while (1)
        {
          if (!rc)
            rc =3D malloc (readSize * sizeof (char) + 1);
          else
            rc =3D realloc (rc, (count + 1) *
                          readSize * sizeof (char) + 1);

          received =3D SSL_read (c->sslHandle, buffer, readSize);
          buffer[received] =3D '\0';

          if (received > 0)
            strcat (rc, buffer);

          if (received < readSize)
            break;
          count++;
        }
    }

  return rc;
}

// Write text to the connection
void sslWrite (connection *c, char *text)
{
  if (c)=20
    SSL_write (c->sslHandle, text, strlen (text));
}

// Very basic main: we send 'GET /' and print the response.
int main (int argc, char **argv)
{
  connection *c;
  char *response;

  c =3D sslConnect ();

  sslWrite (c, "GET /\r\n\r\n");
  response =3D sslRead (c);
  //print web page received to stdout
  printf ("%s\n", response);

  sslDisconnect (c);
  free (response);

  return 0;
}

0
dosusb
1/13/2013 6:29:39 PM
On 13 Jan., 19:29, dos...@googlemail.com wrote:
> 1. I thought I had downloaded my previous version of OpenSSL from the DJGPP site but I guess I must have gotten it from some place else.
>
> I hope I have not confused the libssl.a/libcrypto.a files. The ones compiled on 22.09.2012 - 02.03 are for djdev203 and the ones compiled on 22.09.2012 - 02.04 are for djdev204, is this correct?
>

Yes, for all the ports I have upload I have used the time stamp to
encode the version.  The only exception to this rule was the watt32
port.
Here you should pay attention not to use the 2.03 version when
compiling an 2.04 application and vice versa.  Better be save.


> 3. I found that I can use the rand_seed command instead of noise.sys and thus run a openssl application in a Windows XP DOS box. See the example below.
>
> Yes, the command below does establish an SSL connection to Google:
> openssl s_client -no_ssl2 -debug -hostwww.google.com-port 443 -state
>
> 4. I compiled the example below with your watt32 and libssl.a/libcrypto.a and it worked now. I was using a different libwatt.a before which did not work with your libssl.a version.

These particular libraries should not be mixed.
I have tried your sample code and it worked for my.
It downloaded a sample page.


Regards,
Juan M. Guerrero
0
Juan
1/14/2013 7:17:39 PM
Reply: