Hi all, I'm new to C++ and libssl, but nevertheless trying to write an SSH server. I have gone through tutorials and believe I have a working server that initializes and SSL context, binds and listens on a TCP socket, and accepts a connection. Using a debugger I see that if I try to "ssh myserver -p myport", the process hangs on the call to SSL_accept. I figure this is because the ssh client needs to do something before calling SSL_connect. I don't need authentication, I just want to use ssh kind of like a secure telnet. Here's my code, any advice is appreciated:
bool SecureServer::Start () { SSL_CTX *ctx = SSL_CTX_new(SSLv23_server_method()); if (SSL_CTX_use_certificate_file(ctx, "conf/ssl/server.crt", SSL_FILETYPE_PEM) <= 0) { Error("failed to load server cert"); return false; } if (SSL_CTX_use_PrivateKey_file(ctx, "conf/ssl/server.key", SSL_FILETYPE_PEM) <= 0) { Error("failed to load server private key"); return false; } SSL *ssl = SSL_new(ctx); SocketType listen_sock = socket(AF_INET, SOCK_STREAM, 0); if (listen_sock <= 0) { Error("failed creating socket"); return false; } sockaddr_in sa_serv, sa_cli; sa_serv.sin_family = AF_INET; sa_serv.sin_addr.s_addr = INADDR_ANY; sa_serv.sin_port = htons(2002); /* Server Port number */ if (bind(listen_sock, (struct sockaddr*) ((&sa_serv)), sizeof(sa_serv)) < 0) { Error("bind failed"); return false; } /* Receive a TCP connection. */ if (listen(listen_sock, 5) < 0) { Error("listen failed"); return false; } socklen_t clientLen = sizeof(sa_cli); SocketType sock = accept(listen_sock, (struct sockaddr*) ((&sa_cli)), &clientLen); printf("Connection from %x, port %x\n", sa_cli.sin_addr.s_addr, sa_cli.sin_port); SSL_set_fd(ssl, sock); if (SSL_accept(ssl) <= 0) { Error("SSL handshake failed"); return false; } char *message = "Hello SSL"; if (SSL_write(ssl, message, sizeof(message)) <= 0) { Error("error on ssl write"); } return true; } Thanks, Dave ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org