CN (Common Name) identifies a single domain in an SSL/TLS certificate. It could be name with wildcard symbols. While SAN (Subject Alternative Name) can provide list multiple different domain names and subdomains on one certificate. Modern web browsers can read and utilize the Subject Alternative Name. .Net and openssl API can also extract SAN information… Read More »
I previously installed Powershell on CentOS. That time for Ubuntu I started from Microsoft repositories too and began to add Microsoft repository as well. I checked Microsoft repositories for Ubuntu. First I download prod.list info /etc/apt/sources.d directory: $ cd /etc/apt/sources.list.d/ $ sudo curl -O https://packages.microsoft.com/config/ubuntu/24.04/prod.list The prod.list looks like: $ cat /etc/apt/sources.list.d/prod.list deb [arch=amd64,arm64,armhf signed-by=/usr/share/keyrings/microsoft-prod.gpg]… Read More »
SIGPIPE signal happens on attempt to write to closed or broken pipe. In this situation process is terminated and returns error code 141. It is possible to simulate this signal by creating not correct output redirection. Example below shows that tee command output to stdout and file a.a and returns 0: # echo -n ladydebug.com… Read More »
SNMP++v3.x is free open source c++ API library which may be used in different operating systems such as Linux, FreeBSD, Mac OS X, Solaris and Windows. Initially it was developed by Hewlett-Packard, but currently maintained by AGENTPP. I started to use it beginning from version snmp++-3.2.17 and time by time upgrading to newer one. Usually… Read More »
Windows Subsystem for Linux (WSL) is new feature of Microsoft Windows 10 and 11. It look as light weight implementation of virtualization and alternative to Virtual box and/or HyperV. WSL is Windows feature with must be turned on. Go to Control Panel=>Programs and Features=>Turn Windows features on and off. Scroll down, find Windows Subsystem for… Read More »
This post is related to “How to get openssl cipher list programmatically” post. That post contains example written in C, current post presents example in Go which duplicates sequence of openssl API calls used by previous post. The Go example uses CGO package that enables interaction with C code of openssl shared libraries. package main… Read More »
It was continuation of “Calculate MD5 programmatically (c++ and golang)” post. That post contains example of MD5 calculation written in Go. The Go example small and tidy, the new example contains significantly more line of code and looks cumbersome, however in demonstrate how to use openssl API from Go and includes multiple samples of CGO… Read More »
This test was created when I worked with CVE-2002-20001 vulnerability. The vulnerability is about diffie-hellman-group-exchange-sha256 key exchange algorithm with high computational complexity which is using long exponents that arguably make certain calculations unnecessarily expensive. To test the issue I created small bash script ddosssh.sh to simulate DDoS attack on ssh server using different key exchange… Read More »
This post is continuation of 2 previous ones. It demonstrates how to send Online Certificate Status Protocal (OCSP) request to CA server about certificate revocation status using openssl terminal commands. The procedure consists of the same steps as it was presented in c++ and c# codes: find OCSP URL, get server certificate and certificate chain,… Read More »
It is functionally similar OCSP (Online Certificate Status Protocol) client as presented in previous post “Windows OCSP Client based on BouncyCastle.Crypto.dll” but oriented for Linux OS and written on C++ using openssl API. The code was tested on Ubuntu 22.04 and CentOS 8 only, but I hope it should be compatible with other Linux OS… Read More »