ssl problem

I am attaching ssl to an http stream using comm:attach-ssl (used by 
Edi's drakma).

In the listener everything is fine but when I deliver it as an image, I 
get the error:

error:14077417:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert illegal 
parameter

Any hints what I have to do?

thanks jens

_______________________________________________
Lisp Hug - the mailing list for LispWorks users
lisp-hug@lispworks.com
http://www.lispworks.com/support/lisp-hug.html

Re: ssl problem

This could probably be due to a SSL version mismatch.

On Sun, Jan 19, 2014 at 10:33 PM, Jens Teich <info@jensteich.de> wrote:

I am attaching ssl to an http stream using comm:attach-ssl (used by Edi's drakma).

In the listener everything is fine but when I deliver it as an image, I get the error:

error:14077417:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert illegal parameter

Any hints what I have to do?

thanks jens

_______________________________________________
Lisp Hug - the mailing list for LispWorks users
lisp-hug@lispworks.com
http://www.lispworks.com/support/lisp-hug.html

Re: ssl problem

For my amazon ses library I do it like this on Windows:

(comm:set-ssl-library-path '("c:/lib/libeay32.dll"
"c:/lib/libssl32.dll"))
(comm:ensure-ssl)

See http://www.obrezan.com/lisp/aws-ses/index.htm if someone is
interested.

For Linux (I use Ubuntu servers) I do nothing. It just works without
(set-ssl-library-path) and (ensure-ssl).

Best,
 Art

On Tue, Jan 21, 2014, at 02:03 PM, Edi Weitz wrote:
> 
> On Windows, you might need a list of two strings, libeay32.dll and
> libssl32.dll - see 21.6.9.2 and the documentation for
> SET-SSL-LIBRARY-PATH.
> 
> However, a better solution might be to install the necessary library
> in the same folder as the delivered executable.

_______________________________________________
Lisp Hug - the mailing list for LispWorks users
lisp-hug@lispworks.com
http://www.lispworks.com/support/lisp-hug.html

Re: ssl problem

On my MacBook Pro, running 10.9, /usr/lib/libssl.dylib is a symlink to /usr/lib/libssl.0.9.8.dylib (or something very similar). "file" tells me that this contains 32- and 64-bit x86 architectures (just like the result that Tim got).

I just checked the Lispworks documentation, and it appears that the parameter(s) to comm:set-ssl-library-path are not filenames, but link flags (or whatever you call it). For Mac, the default value for ensure-ssl is "-lssl"; for Windows, it is '("libeay32.dll" "libssl32.dll") - see http://www.lispworks.com/documentation/lw61/LW/html/lw-481.htm#74340 .

On Wed, Jan 22, 2014 at 11:13 AM, Tim Bradshaw <tfb@cley.com> wrote:

On 21 Jan 2014, at 21:07, Jens Teich wrote:

>
> I can't figure out how to tell the image to use the correct version of ssl. I'm on MacOSX 10.8 and Win7. LW 6.1 32bit.
>
> Tried with
> (comm:set-ssl-library-path
> #+:win32 "c:/Windows/System32/libssl.dll"
> #+:darwin "/usr/bin/libssl.dylib")
>
> But Win says `can't load', Mac says `wrong architecture'.
>
> Any hints?

I presume you have the path wrong for OSX above? For the right path, what does

file /usr/lib/libssl.dylib

say? It needs to have a version of the same bitness as your LW, at any rate. For me, on 10.7, it says:

$ file /usr/lib/libssl.dylib
/usr/lib/libssl.dylib: Mach-O universal binary with 2 architectures
/usr/lib/libssl.dylib (for architecture x86_64): Mach-O 64-bit dynamically linked shared library x86_64
/usr/lib/libssl.dylib (for architecture i386): Mach-O dynamically linked shared library i386

But this is the sort of thing that Apple might easily have just later broken by leaving out the 32bit version for instance: that's the sort of thing they tend to enjoy I think.

_______________________________________________
Lisp Hug - the mailing list for LispWorks users
lisp-hug@lispworks.com
http://www.lispworks.com/support/lisp-hug.html

Re: ssl problem

Unable to parse email body. Email id is 12779