Search:

Type: Posts; User: couttsj

Page 1 of 13 1 2 3 4

Search: Search took 0.10 seconds.

  1. Replies
    9
    Views
    414

    Re: Gmail Authentication?

    Thanks for the information. That is a lot of screwing around for such a simple task. I have a number of other things to do, and I will take a further look at it later.

    J.A. Coutts
  2. Replies
    9
    Views
    414

    Re: Gmail Authentication?

    So where do I find this Google API, and how do I access it?

    J.A. Coutts
  3. Replies
    9
    Views
    414

    Re: Gmail Authentication?

    Yah, that's what I meant.

    The ISP/ESP has not been very forthcoming with the detail, hence all my questions. The new email service will be via G-Suite rather than freebie, and I assume the actual...
  4. Replies
    9
    Views
    414

    Re: Gmail Authentication?

    App Passwords requires dual authentication, which I am not keen on doing. If my ESP enforces full authentication, I may be forced to go that route, but for now I do not want to mess with my wife's...
  5. Replies
    9
    Views
    414

    [RESOLVED] Gmail Authentication?

    I have come to the conclusion that I have a complete lack of understanding in how Gmail provides authentication. I added TLS 1.3 to my email client program and was able to connect with the Gmail POP...
  6. Replies
    58
    Views
    4,056

    Re: Simulate TLS 1.3

    In the process of testing connectivity to Gmail, I removed various elements of the Client Hello one at a time in order to produce a minimum. The one element that I wanted to eliminate was the SNI,...
  7. Replies
    5
    Views
    344

    Re: Email Client issue

    Thanks wqweto;
    I was hoping that was the case, as it will make my job easier. Things are confusing enough without having to dive back into TLS 1.2. The Client Handshake Request certainly is a...
  8. Replies
    5
    Views
    344

    Re: Email Client issue

    SMTP - Port 587
    POP3 - Port 995
    That is the only information that I have been provided so far. Webmail is accessed through the browser, which may be my only option until I can sort this thing out....
  9. Replies
    5
    Views
    344

    [RESOLVED] Email Client issue

    I just received word that my ESP (Email Service Provider) is migrating to a Gmail platform. That means trouble for me as Gmail enforces TLS. So I have had to divert my attention to addressing this...
  10. Replies
    58
    Views
    4,056

    Re: Simulate TLS 1.3

    On the off chance that FireFox would not accept the second key that they offered in the Client Hello (secp256r1), I decided to try a Hello Retry. I had to yet implement it in the Server software, so...
  11. Replies
    58
    Views
    4,056

    Re: Simulate TLS 1.3

    I have overcome the last obstacle in the Client program, and this was a tough one. When I attempted to send an HTML request to OpenSSL, it would return an "unexpected message" error. Not knowing what...
  12. Replies
    58
    Views
    4,056

    Re: Simulate TLS 1.3

    The problem was that when I clicked on the "Advanced" button, there was no scroll bar presented. So I could not scroll down to accept the self signed certificate. I had to use the middle mouse scroll...
  13. Replies
    58
    Views
    4,056

    Re: Simulate TLS 1.3

    Yet another dumb mistake. When I reworked the Server Hello, I set the extension length to 00:4E instead of 00:4F.

    Now all I have to do is figure out how to get FireFox to accept self signed...
  14. Replies
    58
    Views
    4,056

    Re: Simulate TLS 1.3

    I developed my own packet trace program:
    https://www.vbforums.com/showthread.php?783709-VB6-Packet-Ananlyzer
    It uses the Windows Packet Filter Kit 3.2.3 from NT Kernel Resources. I originally...
  15. Replies
    58
    Views
    4,056

    Re: Simulate TLS 1.3

    That is the standard packet header containing such things as the source and destination MAC, IP, & port, and various packet control information. For TCP packets, the data will generally start at byte...
  16. Replies
    58
    Views
    4,056

    Re: Simulate TLS 1.3

    Prompted by the packet traces that you pointed to, I decided to run my own packet traces. After receiving the Client Hello from FireFox, the Server sends it's own Server hello:


    6 ...
  17. Replies
    58
    Views
    4,056

    Re: Simulate TLS 1.3

    FireFox sent both x25519 and secp256r1 public keys. From that I assumed (rightly or wrongly) that it was prepared to accept either. The RFC is not clear on that. Why would it send both if it was not...
  18. Replies
    58
    Views
    4,056

    Re: Simulate TLS 1.3

    When I attempt to connect to my server software using FireFox V82, it returns a message saying that the Server Hello is malformed. As far as I can see the Hello is not malformed, but I recognize that...
  19. Replies
    58
    Views
    4,056

    Re: Simulate TLS 1.3

    It turns out that the problem was with the Sequence Number. It was getting reset when the Handshake data was sent in a single record, but not when it was sent in individual records. I still don't...
  20. Replies
    9
    Views
    654

    Re: WebSocket Secure (wss) Server in vb6.

    I am currently in the process of trying to create a simple secure Web Server, but it is proving to be anything but simple. I will post it in the CodeBank once I get the bugs worked out. I have chosen...
  21. Replies
    7
    Views
    3,246

    Re: VB^ - SimpleServer

    PhuongNam;

    A Variant Array is simply a pointer to a descriptor. When utilized within the same machine that descriptor is common to all routines, but when sent to another machine over the network,...
  22. Replies
    9
    Views
    654

    Re: WebSocket Secure (wss) Server in vb6.

    As wqweto has stated, the Hex dump you provided is a Client Hello, and is not encrypted. Encryption occurs only after the Client and Server Hellos. Below is a breakdown of the information provided....
  23. Re: Determine Who's Dropping My Server Connection

    This will occur anytime there is a break in the connection and the server attempts to send a packet to your machine. If your system goes to sleep during the period you are away, the network...
  24. Thread: Spam Tracking

    by couttsj
    Replies
    6
    Views
    264

    Re: Spam Tracking

    Because these spammers are using different IP addresses on server farms, Black Lists are totally ineffective. They use one address until their abuse is about to be detected by the provider, and then...
  25. Thread: Spam Tracking

    by couttsj
    Replies
    6
    Views
    264

    Re: Spam Tracking

    For a while I thought that too. I blame the service providers who rent by the time or MB, with Limestone Networks being the worst offender. There are some that suggest the spammers are using stolen...
  26. Thread: Spam Tracking

    by couttsj
    Replies
    6
    Views
    264

    Re: Spam Tracking

    I tried that, and many other searches as well. None of them that I found do a comprehensive job of it. There does not seem to be any kind of central agency that tracks this kind of stuff.

    These...
  27. Thread: Spam Tracking

    by couttsj
    Replies
    6
    Views
    264

    Spam Tracking

    Some time ago, I posted here about 2 separate spammers that had been bombarding my mailbox for more than a year.

    The first one used hijacked personal computers from world wide locations. All of...
  28. Replies
    58
    Views
    4,056

    Re: Simulate TLS 1.3

    Updated again!

    It did not take as long as I thought it would.

    J.A. Coutts
  29. Replies
    58
    Views
    4,056

    Re: Simulate TLS 1.3

    Getting it to work with everything in one record, or getting it to work with separate records was relatively easy. Getting it to work in an either/or situation is proving to be a lot more difficult....
  30. Replies
    58
    Views
    4,056

    Re: Simulate TLS 1.3

    Used OpenSSL supplied in post #9.


    openssl s_server -key ecprivkey.pem -cert eccert.pem -accept 443 -www -debug

    There is a code flow error in the current download when the Encrypted...
  31. Replies
    58
    Views
    4,056

    Re: Simulate TLS 1.3

    The last download (Post #12) has been upgraded. Several bugs were discovered in the Client Hello. As well, a New Session Key is now sent from the server after the Handshake is complete.

    As in the...
  32. Replies
    58
    Views
    4,056

    Re: Simulate TLS 1.3

    I chose to use a 12 byte array as the Sequence Number. I used 12 bytes instead of 8 because it simplified the XOR operation. I have overcome the problem with the RFC 8448 New Session Ticket, but not...
  33. Replies
    58
    Views
    4,056

    Re: Simulate TLS 1.3

    Something you said above triggered me to question the value of the Sequence Numbers. When I reset those numbers to zero, the encrypted value of the New Session Ticket matched RFC 8448. Once I knew...
  34. Replies
    58
    Views
    4,056

    Re: Simulate TLS 1.3

    wqweto;

    Without decrypting the record, we do not know the record type. Without knowing what kind of record it is, it is difficult to ignore. I went so far as to use the data supplied by RFC 8448....
  35. Replies
    58
    Views
    4,056

    Re: Simulate TLS 1.3

    After ignoring the 1 byte record, I ran into an authentication error after receiving the encrypted Extensions, Certificate, and Certificate Verify records. Through a process of elimination, I found...
  36. Replies
    58
    Views
    4,056

    Re: Simulate TLS 1.3

    wqweto;

    After the Server Hello, what is the 1 byte Type 20 record for?


    14 03 03 00 01
    01

    My client program was expecting encrypted data directly after the Server Hello. Type 20 (0x14) is...
  37. Replies
    7
    Views
    3,246

    Re: VB^ - SimpleServer

    I don't know what "vArray" is, but it sounds like it might be a Variant Array. SimpleServer and SimpleSock only understand Byte Arrays. I have provided routines to convert ASCII text and Unicode...
  38. Replies
    58
    Views
    4,056

    Re: Simulate TLS 1.3

    Nice catch! That wasn't the only problem with the Client Hello. That's what I get for copying code for the record header (5 byte header vs 4 bytes required). It did not make any difference with my...
  39. Replies
    58
    Views
    4,056

    Re: Simulate TLS 1.3

    I finally got around to utilizing the info you supplied to generate an ECC Certificate. The very first command produced:


    openssl ecparam -name prime256v1 -genkey -noout -out ecprivkey.pem
    The...
  40. Replies
    40
    Views
    18,402

    Re: VB6 - Yet Another Web Server

    Once again, thank you for the info. You seem to be quite knowledgeable with reference to HTML code. What I hear you saying about this particular item, is that it is not really necessary to support...
Results 1 to 40 of 500
Page 1 of 13 1 2 3 4



Click Here to Expand Forum to Full Width