writing an SSH server

Thu, 27 Oct 2011 13:49:20 -0700 

Hi all,

I'm new to C++ and libssl, but nevertheless trying to write an SSH
server.  I have gone through tutorials and believe I have a working
server that initializes and SSL context, binds and listens on a TCP
socket, and accepts a connection.  Using a debugger I see that if I
try to "ssh myserver -p myport", the process hangs on the call to
SSL_accept.  I figure this is because the ssh client needs to do
something before calling SSL_connect.  I don't need authentication, I
just want to use ssh kind of like a secure telnet.  Here's my code,
any advice is appreciated:


bool SecureServer::Start ()
{
  SSL_CTX *ctx = SSL_CTX_new(SSLv23_server_method());
  if (SSL_CTX_use_certificate_file(ctx, "conf/ssl/server.crt",
SSL_FILETYPE_PEM) <= 0)
  {
    Error("failed to load server cert");
    return false;
  }

  if (SSL_CTX_use_PrivateKey_file(ctx, "conf/ssl/server.key",
SSL_FILETYPE_PEM) <= 0)
  {
    Error("failed to load server private key");
    return false;
  }

  SSL *ssl = SSL_new(ctx);

  SocketType listen_sock = socket(AF_INET, SOCK_STREAM, 0);
  if (listen_sock <= 0)
  {
    Error("failed creating socket");
    return false;
  }

  sockaddr_in sa_serv, sa_cli;

  sa_serv.sin_family = AF_INET;
  sa_serv.sin_addr.s_addr = INADDR_ANY;
  sa_serv.sin_port = htons(2002); /* Server Port number */
  if (bind(listen_sock, (struct sockaddr*) ((&sa_serv)), sizeof(sa_serv)) < 0)
  {
    Error("bind failed");
    return false;
  }
  /* Receive a TCP connection. */
  if (listen(listen_sock, 5) < 0)
  {
    Error("listen failed");
    return false;
  }
  socklen_t clientLen = sizeof(sa_cli);
  SocketType sock = accept(listen_sock, (struct sockaddr*)
((&sa_cli)), &clientLen);

  printf("Connection from %x, port %x\n", sa_cli.sin_addr.s_addr,
sa_cli.sin_port);
  SSL_set_fd(ssl, sock);

  if (SSL_accept(ssl) <= 0)
  {
    Error("SSL handshake failed");
    return false;
  }

  char *message = "Hello SSL";
  if (SSL_write(ssl, message, sizeof(message)) <= 0)
  {
    Error("error on ssl write");
  }

  return true;
}



Thanks,
Dave
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [email protected]
Automated List Manager                           [email protected]

Reply via email to