Hello List,
I am trying to write a simple SSL server in C but keep getting
a "no shared cipher" error. I'm fairly certain the key and certificates
are OK because they work with openssl s_server.
I have been playing with this code for several days and am at a loss to
figure what the problem is.
The code below produces this:
accept status -1
error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher
Any help would be greatly appreciated.
thanks,
Bill G.
#include <openssl/ssl.h>
#include <openssl/err.h>
int status ;
int ssl_err;
char *certificatefile = "/root/dummy.pem";
char *keyfile = "/root/key.pem";
void *ssl_init(int socket)
{
SSL_load_error_strings();
SSL_library_init() ;
ctx = SSL_CTX_new(SSLv23_server_method()) ;
if ( ctx == NULL ){
fprintf(stderr,"context create failed\n");
ssl_err = ERR_get_error();
fprintf(stderr,"%s\n",ERR_error_string(ssl_err,NULL));
exit(0);
}
s_handle = SSL_new(ctx) ;
if ( s_handle == NULL ){
fprintf(stderr,"handle create failed\n");
exit(0);
}
SSL_set_fd(s_handle,socket);
/* private key */
status = SSL_use_RSAPrivateKey_file(s_handle,keyfile,SSL_FILETYPE_PEM);
if ( ! status ){
fprintf(stderr,"keyfile error %d\n",status);
ssl_err = ERR_get_error();
fprintf(stderr,"%s\n",ERR_error_string(ssl_err,NULL));
exit(0) ;
}
/* certificate */
status = SSL_CTX_use_certificate_file(ctx,certificatefile,SSL_FILETYPE_PEM)
;
if ( ! status ){
fprintf(stderr,"certifiate error %d\n",status);
ssl_err = ERR_get_error();
fprintf(stderr,"%s\n",ERR_error_string(ssl_err,NULL));
exit(0) ;
}
status = SSL_accept(s_handle);
if ( status <= 0 ){
fprintf(stderr,"accept status %d\n",status);
ssl_err = ERR_get_error();
fprintf(stderr,"%s\n",ERR_error_string(ssl_err,NULL));
exit(0) ;
}
}
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
