Hi,
My application is very simple, a client that connects to a server and
they verify each other's identity. Right now I'm just trying to get them
to connect. I'm using OpenSSL 0.9.7. I started with the example
application in the O'Reilly "Network Security with OpenSSL" book. I was
able to integrate the client portion of the code in my application (with
some mods). I tested it with the server they provided which demonstrated
that the client code worked.
When I integrated the server code into the application I had to make
some serious mods because my server need only handle one connection
(strange, but true). Anyway, it doesn't work and I can't figure out why.
Here's the relevant client code:
init_OpenSSL();
logInfo("Initialized OpenSSL library\n");
/* IMPORTANT!
* This must be properly seeded to ensure security.
* look in chapter 4 for details on how to this.
*/
seed_prng();
ctx = setup_client_ctx();
logInfo("Loaded private key(s) and passphrase\n");
conn = BIO_new_connect(SERVER ":" PORT);
if (!conn)
log_error("Error creating connection to BIO");
if (BIO_do_connect(conn) <= 0)
log_error("Error connecting to remote machine");
if (!(ssl = SSL_new(ctx)))
log_error("Error creating an SSL context");
SSL_set_bio(ssl, conn, conn);
/* wait for eauth -s to become ready to establish SSL handshake */
if (SSL_connect(ssl) <= 0) {
logInfo("Error connecting to SSL object\n");
}
And here's the relevant server code. I suspect that the problem is here
since the client used to work. The last thing I see in my logfile is
"step5":
init_OpenSSL();
logInfo("Initialized OpenSSL library\n");
seed_prng();
ctx = setup_server_ctx();
logInfo("Loaded private key(s) and passphrase\n");
acc = BIO_new_accept(PORT);
logInfo("step1\n");
if (!acc)
log_error("Error creating server socket");
logInfo("step2\n");
if (BIO_do_accept(acc) <= 0)
log_error("Error binding server socket");
logInfo("step3\n");
if (!(ssl = SSL_new(ctx)))
log_error("Error creating SSL context");
logInfo("step4\n");
SSL_set_bio(ssl, acc, acc);
logInfo("step5\n");
if (SSL_accept(ssl) <= 0)
log_error("Error accepting SSL connection");
else
logInfo("SSL connection opened\n");
err = SSL_read(ssl, sslbuf, sizeof(sslbuf));
Can anyone see any problems here? Probably something obvious that I'm
missing?
One more thing - the client is invoked up to one second before the
server is invoked. Perhaps the client is attempting to connect before
the server is ready? I tried the following but it never connected:
if (SSL_connect(ssl) <= 0) {
logInfo("Error connecting to SSL object\n");
}
Is there any way to see --exactly-- what's going on? To log exactly
what's going on during the connection/handshake procedure?
Thank you very much,
Robert Stober
Senior Systems Engineer
Platform Computing, Inc.
209-986-9298
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
