Re: Error using SSL_accept (unknown cause)

Mon, 26 Aug 2002 22:16:24 -0700 

John don't if this has aleady been answered but u might be missing
SSL_set_fd and SSL_set_accept_state(Function Name may not be correct but 
is somewhere around this)
SSL_set_fd will be set with the sockfd which ur socketcall returned
a -1 by SSL_Accept generally means that the lower layer (socket layer) 
has not been properly initialized

though SSLv2_server_method() might do what SSL_set_acceptstate will do 
try explicitly setting it to server mode


-SIGTERM
amit


John Cronin wrote:

>I have a server program running, which basically executes the following
>
>SSLCTX *sslctx;
>SSL *sslcon;
>STACK_OF(X509_NAME) *cert_names;
>
>socket()
>bind()
>listen()
>accept()
>SSL_load_error_strings()
>SSL_library_init()
>sslctx = SSL_CTX_new(SSLv2_server_method())
>sslcon = SSL_new(sslctx)
>SSL_use_PrivateKey_file(sslcon, "servkey.pem", SSL_FILETYPE_PEM)
>SSL_use_certificate_file(sslcon, "servcert.pem", SSL_FILETYPE_PEM)
>cert_names = SSL_load_client_CA_file("cacert.pem")
>SSL_set_client_CA_list(sslcon, cert_names)
>SSL_accept(sslcon)
>
>now SSL_accept fails with the following:
>
>return value of SSL_accept = -1
>SSL_get_error returned 5 (SSL_ERROR_SYSCALL)
>ERR_get_error returned 0
>errno is 0
>
>I have tried this with OpenSSL 0.9.6a 5 Apr 2001 (as preinstalled by my
>distribution (slackware 8.0)) and again after installing 0.9.6e with no
>change (openssl version reports that the new version is being used)
>
>I cant seem to use gdb to enter any of the SSL routines (do they use secured
>memory?)
>
>Thanks in advance,
>John
>[EMAIL PROTECTED]
>
>
>______________________________________________________________________
>OpenSSL Project                                 http://www.openssl.org
>User Support Mailing List                    [EMAIL PROTECTED]
>Automated List Manager                           [EMAIL PROTECTED]
>
>
>
>
>

-- 
As flies to wanton boys are we to the gods; they kill us for their sport.
                -- Shakespeare, "King Lear"




______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to