Hello, I'm wondering if someone can help me with a "no shared cipher" error occurring when I attempt SSL_accept? I'll try to explain what's being done as succinctly as possible:
1. There are two classes, SocketListener and SocketClient. Each does the following as part of SSL initialization (pseudocode here): context = SSL_CTX_new(TLSv1_method()); connection = SSL_new(context); SSL_CTX_use_certificate_file(context, path_to_cert, SSL_FILETYPE_PEM); SSL_CTX_use_PrivateKey_file(context, path_to_key, SSL_FILETYPE_PEM); SSL_CTX_check_private_key(context); SSL_set_cipher_list(connection, "ALL:eNULL"); 2. The Listener calls all the Init stuff, calls SSL_set_fd(connection, fd), does normal socket bind() and listen(), calls SSL_set_accept_state() and then waits on accept(). 3. The Client calls all of this Init stuff, does it's normal TCP connect, calls SSL_set_fd(connection, fd) and then calls SSL_set_connect_state() and finally SSL_connect(). 4. When the client connection comes in, accept returns, and inside the listener object we create a new Client with the file descriptor returned from accept, and then call SSL_set_accept_state(newclient->connection, newclient->fd), and finally SSL_accept(newclient->connection). It's on the SSL_accept that I get the error. So I have two questions, does this sound like an otherwise correct procedure for establishing a basic SSL connection? and, what might be causing the shared cipher error? Any help is appreciated. -Dan
