Hello.
I found someone who suffers from same problem of me in the prvious mailing list
messages.
He asked some advice but I can't find any response.
so I put this request again. =)
I do need answers of this problem..
(ps . when i have modified IE's internet option about security, i can read & write
from IE.)
this below is from previous Messages
-------------------------------------------------------------------------
I am trying to use the serv.cpp in the demos directory to negotiate an SSL
connection with IE 5.5 (on windows 2000) and
then return a hard coded HTTP response.
Here is the screen dump at the server side
Connection from aca5b58f, port 706 //This appears screwed up but I do get apop up
window on the browser regarding the certificate
SSL connection using RC4-MD5
Client does not have certificate.
Got 0 chars:''
The server program exits after this without sending the response to the
browser. Why is that??
Would appreciate help on this.
Thanks
Regards
Vijay
Enclosed below is the server code
/* serv.cpp - Minimal ssleay server for Unix
30.9.1996, Sampo Kellomaki <[EMAIL PROTECTED]> */
/* mangled to work with SSLeay-0.9.0b and OpenSSL 0.9.2b
Simplified to be even more minimal
12/98 - 4/99 Wade Scholine <[EMAIL PROTECTED]> */
/* Headers omitted */
#define CERTF HOME "cacert.pem"
#define KEYF HOME "cakey.pem"
#define CHK_NULL(x) if ((x)==NULL) exit (1)
#define CHK_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
#define CHK_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(2);
}
// required for thw winsock library
void InitTcpComn(WSADATA *wsdata) {
int err;
err = WSAStartup(MAKEWORD(2,0), wsdata);
if((LOBYTE( wsdata->wVersion ) != 2) || (HIBYTE( wsdata->wVersion )
!= 0))
{
fprintf(stderr,"InitSockets: Socket version error
(0x%x)\n", wsdata->wVersion);
WSACleanup();
exit(0);
}
}
void main ()
{
WSADATA wsadata;
int err;
int listen_sd;
int sd;
struct sockaddr_in sa_serv;
struct sockaddr_in sa_cli;
int client_len;
SSL_CTX* ctx;
SSL* ssl;
X509* client_cert;
char* str;
char buf [4096];
SSL_METHOD *meth;
//Hard coded HttpResponse .......
char* HttpResponse = \
"HTTP/1.1 200 OK\r\nDate: Thu, 05 Jul 2001\r\nServer:
Apache/1.3.20 (Unix) PHP/4.0.5 mod_ssl/2.8.4 OpenSSL/0.9.6a\
\r\nLast-Modified: Wed, 23 May 2001 21:36:14 GMT\r\nContent-Type:
text/html\r\n\r\n<html><body>Hello from SSL server</body></html>";
/* SSL preliminaries. We keep the certificate and key with the context. */
SSL_load_error_strings();
SSLeay_add_ssl_algorithms();
meth = SSLv23_server_method();
ctx = SSL_CTX_new (meth);
if (!ctx) {
ERR_print_errors_fp(stderr);
exit(2);
}
if (SSL_CTX_use_certificate_file(ctx, CERTF, SSL_FILETYPE_PEM) <= 0) {
ERR_print_errors_fp(stderr);
exit(3);
}
if (SSL_CTX_use_PrivateKey_file(ctx, KEYF, SSL_FILETYPE_PEM) <= 0) {
ERR_print_errors_fp(stderr);
exit(4);
}
if (!SSL_CTX_check_private_key(ctx)) {
fprintf(stderr,"Private key does not match the certificate public
key\n");
exit(5);
}
//Prepare the winsock library....
InitTcpComn(&wsadata);
/* ----------------------------------------------- */
/* Prepare TCP socket for receiving connections */
listen_sd = socket (AF_INET, SOCK_STREAM, 0); CHK_ERR(listen_sd,
"socket");
memset (&sa_serv, '\0', sizeof(sa_serv));
sa_serv.sin_family = AF_INET;
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (2000); /* Server Port number */
err = bind(listen_sd, (struct sockaddr*) &sa_serv,
sizeof (sa_serv)); CHK_ERR(err, "bind");
/* Receive a TCP connection. */
err = listen (listen_sd, 5); CHK_ERR(err, "listen");
client_len = sizeof(sa_cli);
sd = accept (listen_sd, (struct sockaddr*) &sa_cli, &client_len);
CHK_ERR(sd, "accept");
closesocket (listen_sd);
printf ("Connection from %lx, port %x\n",
sa_cli.sin_addr.s_addr, sa_cli.sin_port);
/* ----------------------------------------------- */
/* TCP connection is ready. Do server side SSL. */
ssl = SSL_new (ctx); CHK_NULL(ssl);
SSL_set_fd (ssl, sd);
err = SSL_accept (ssl); CHK_SSL(err);
/* Get the cipher - opt */
printf ("SSL connection using %s\n", SSL_get_cipher (ssl));
/* Get client's certificate (note: beware of dynamic allocation) - opt */
client_cert = SSL_get_peer_certificate (ssl);
if (client_cert != NULL) {
printf ("Client certificate:\n");
str = X509_NAME_oneline (X509_get_subject_name (client_cert), 0, 0);
CHK_NULL(str);
printf ("\t subject: %s\n", str);
free (str);
str = X509_NAME_oneline (X509_get_issuer_name (client_cert), 0, 0);
CHK_NULL(str);
printf ("\t issuer: %s\n", str);
free (str);
/* We could do all sorts of certificate verification stuff here before
deallocating the certificate. */
X509_free (client_cert);
} else
printf ("Client does not have certificate.\n");
/* DATA EXCHANGE - Receive message and send reply. */
err = SSL_read (ssl, buf, sizeof(buf) - 1);
CHK_SSL(err);
buf[err] = '\0';
printf ("Got %d chars:'%s'\n", err, buf);
err = SSL_write (ssl, HttpResponse, strlen(HttpResponse)); CHK_SSL(err);
/* Clean up. */
closesocket (sd);
SSL_free (ssl);
SSL_CTX_free (ctx);
}
/* EOF - serv.cpp */
kim
===================================================================
¿ì¸® ÀÎÅͳÝ, Daum http://www.daum.net
ȲöÇÑ ¿ø¼¦ °Ë»ö! Daum°Ë»ö ÄíÄ¡·Î ãÀÚ!
¢Ñ°Ë»öÇϱâ http://search.daum.net
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
