I got these codes from one of my program where I call console with the program name (.exe) and a command line (like: myprog.exe -d)
and then at the prompt I send the words that i want myprog.exe to decode, this is working perfectly. Now I use these same codes with OpenSSL
and it's not working at all. The call to CreateProcess works fine but the call to SSLUser and the other calls do not execute on the
command line.

When I open cmd.exe and fill it with SSLOpen, SSLUser, SSLPass and TopRetrSSL it works just fine.

Can you tell me what I do wrong?

Thank you

SSLOpen?  ?  db "openssl s_client -connect pop.ipname.ca -quiet",0
SSLUser?  ?  db "user myemail@ipname.ca",13,10,0?  ; my email address
SSLPass?  ?  db "pass mypassword",13,10,0

;after calling SSLPass I get the number of email(s) that I received

TopRetrSSL db?  "retr 1",13,10,0?  ?  ?  ?  ?  ?  ?  ?  ? ;retreiving email 1 if any

SSLQuit db "Quit",13,10,0

SSLOpenproc?  ? proc

LOCAL hChildStdinRd :DWORD, hChildStdinWr, hChildStdinWrDup, hChildStdoutRd, hChildStdoutWr, hChildStdoutRdDup, hStdout,hGetP, dwRead

mov sat.nLength,sizeof SECURITY_ATTRIBUTES
mov sat.lpSecurityDescriptor,NULL
mov sat.bInheritHandle,TRUE

invoke CreatePipe,addr hChildStdoutRd,addr hChildStdoutWr,addr sat,NULL
.if eax==NULL
invoke MessageBox,0,addr PipeFailed,0,0
?  ?  ?  ?  ?  ?  ?  ?  ?  ? 
invoke GetCurrentProcess
mov hGetP,eax

invoke DuplicateHandle,hGetP,hChildStdoutRd,hGetP,addr hChildStdoutRdDup,0,FALSE,DUPLICATE_SAME_ACCESS
.if eax == NULL
invoke MessageBox,0,addr DuplicateHandleFailed,0,0
invoke CloseHandle,hChildStdoutRd

invoke CreatePipe,addr hChildStdinRd,addr hChildStdinWr,addr sat,0
.if eax==NULL
invoke MessageBox,0,addr PipeFailed,0,0

invoke GetCurrentProcess
mov hGetP,eax

invoke DuplicateHandle,hGetP,hChildStdinWr,hGetP,addr hChildStdinWrDup,0,FALSE,DUPLICATE_SAME_ACCESS
.if eax == NULL
invoke MessageBox,0,addr DuplicateHandleFailed,0,0
invoke CloseHandle,hChildStdinWr

mov stinfo.cb,sizeof STARTUPINFO
invoke GetStartupInfo,addr stinfo
mov eax,hChildStdoutWr
mov stinfo.hStdOutput,eax
mov stinfo.hStdError,eax
mov eax,hChildStdinRd
mov stinfo.hStdInput,eax
mov stinfo.wShowWindow,SW_HIDE

invoke CreateProcess,NULL,addr SSLOpen,NULL,NULL,TRUE,0,NULL,NULL,addr stinfo,addr pinfo
.if eax==NULL
invoke MessageBox,0,ProcessFailed,0,0

invoke WaitForSingleObject,pinfo.hProcess,2000

invoke CloseHandle,pinfo.hProcess
invoke CloseHandle,pinfo.hThread

invoke lstrlen,addr SSLUser
mov dwRead,eax
invoke WriteFile,hChildStdinWrDup,addr SSLUser,dwRead,addr dwWritten,NULL ;

invoke lstrlen,addr SSLPass
mov dwRead,eax
invoke WriteFile,hChildStdinWrDup,addr SSLPass,dwRead,addr dwWritten,NULL

;after the above call I shoud get the number of email(s) I received, if any

invoke lstrlen,addr TopRetrSSL ?  ?  ;this should retreived the first email
mov dwRead,eax
invoke WriteFile,hChildStdinWrDup,addr TopRetrSSL,dwRead,addr dwWritten,NULL ;I did not try it yet

invoke CloseHandle,hChildStdinWrDup?  ? 
invoke CloseHandle,hChildStdoutWr

invoke ReadFile,hChildStdoutRdDup,addr szBuffer,5000,addr dwRead,NULL?  ?  ; if there's 1 email I should be able to
invoke WriteFile,hStdout,addr szBuffer,dwRead,addr dwWritten,NULL?  ?  ?  ?  ; read it in szBuffer.

invoke lstrlen,addr SSLQuit
mov dwRead,eax
invoke WriteFile,hChildStdinWrDup,addr SSLQuit,dwRead,addr dwWritten,NULL

SSLOpenproc?  ?  ? endp

Posted on 2006-04-18 13:47:45 by Guy
Ugh, that's a lot of code to look through... Have you tried localizing the problem?

I'd suggest you to step through your program line by line in OllyDbg, checking return values from API calls to see if you're getting problems.

Pretty interesting way of going about this btw., I'd personally prefer using the OpenSSL libraries from my code, but this does seem simpler :)
Posted on 2006-04-18 14:10:41 by f0dder