> The best I can tell, the snapshot is broken. At this point, I wouldn't be surprised.
Update: I made some (major) changes to my example code based on the SRP code in ssltest.c. Mainly, I implemented and used all the SRP callback functions. Previously, I was setting the userId and password parameters explicitly thinking I shouldn't need the callbacks. Now I get past the previous error and move on to this error on the server: SSL_accept failed, error=SSL_ERROR_SSL Details: error:0D06703E:asn1 encoding routines:a2i_ASN1_STRING:asn1 length mismatch ssl_asn1.c at 641 On the client all I get is this: SSL_connect failed, error=SSL_ERROR_SYSCALL SSL_connect, errno=0, Error 0 This looks like the server is not liking something in a TLS extension used by SRP. Any clues on how to get past this one? Norm ----- Original Message ----- > From: "Jeffrey Walton" <noloa...@gmail.com> > To: openssl-users@openssl.org > Sent: Wednesday, October 26, 2011 11:46:32 PM > Subject: Re: OpenSSL 1.0.1 example with SRP > > On Wed, Oct 26, 2011 at 10:28 PM, Norm Green <no...@vmware.com> > wrote: > > Is there no one that can help me get a simple SRP test case > > working? Or should I conclude SRP is broken in OpenSSL 1.0.1? > > > > From the output below, it appears the client and server support no > > less than 9 ciphers in common. Why then do I get the "no shared > > cipher" error? > > > > I rebuilt the library with -DCIPHER_DEBUG and now get the following > > output from the handshake: > > > The best I can tell, the snapshot is broken. > > Jeff > > === System === > uname -a > Linux studio 2.6.32-34-generic #77-Ubuntu SMP Tue Sep 13 19:39:17 UTC > 2011 x86_64 GNU/Linux > > === Server === > openssl-1.0.1-stable-SNAP-20111027$ ./apps/openssl s_server -cipher > SRP -nocert -tls1 -accept 57784 -debug > WARNING: can't open config file: /usr/local/ssl/openssl.cnf > Using default temp DH parameters > Using default temp ECDH parameters > ACCEPT > > === Client === > openssl-1.0.1-stable-SNAP-20111027$ ./apps/openssl s_client -srpuser > SystemUser -srppass stdin -tls1 -cipher SRP -connect studio:57784 > -debug > WARNING: can't open config file: /usr/local/ssl/openssl.cnf > *** <hang> *** > > === GDB === > ps -a > ... > gdb attach 29478 > GNU gdb (GDB) 7.3.1 > ... > attach: No such file or directory. > Attaching to process 29478 > ... > Loaded symbols for /lib/libc.so.6 > Reading symbols from /lib64/ld-linux-x86-64.so.2...(no debugging > symbols found)...done. > Loaded symbols for /lib64/ld-linux-x86-64.so.2 > 0x00007f3be499a4a0 in read () from /lib/libc.so.6 > (gdb) where > #0 0x00007f3be499a4a0 in read () from /lib/libc.so.6 > #1 0x00007f3be4935348 in _IO_file_underflow () from /lib/libc.so.6 > #2 0x00007f3be4936eee in _IO_default_uflow () from /lib/libc.so.6 > #3 0x00007f3be492b43e in _IO_getline_info () from /lib/libc.so.6 > #4 0x00007f3be492a329 in fgets () from /lib/libc.so.6 > #5 0x00000000004d31b5 in file_gets () > #6 0x00000000004d09f9 in BIO_gets () > #7 0x0000000000438072 in app_get_pass () > #8 0x0000000000438325 in app_passwd () > #9 0x000000000042859d in s_client_main () > #10 0x0000000000402d50 in do_cmd () > #11 0x00000000004036ff in main () > (gdb) > ______________________________________________________________________ > OpenSSL Project > http://www.openssl.org > User Support Mailing List > openssl-users@openssl.org > Automated List Manager > majord...@openssl.org > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
