problem connecting to ssl server

Wed, 13 May 2009 09:24:07 -0700 

Hi,

I have an ssl server. Really simple;

        // init
        SSL_library_init();
        SSL_load_error_strings();
        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
        meth = SSLv23_server_method();
        ctx = SSL_CTX_new(meth);
        SSL_CTX_use_certificate_chain_file(ctx, 
"/home/folkert/Personal/src/server.pem");

        // accept
        socket_h_from = accept();
        sbio = BIO_new_socket(socket_h_from, BIO_NOCLOSE);
        ssl_h_from = SSL_new(server_ctx);
        SSL_set_bio(ssl_h_from, sbio, sbio);
        int rc = SSL_accept(ssl_h_from);

Now when I connect using telnet -z ssl to that port, the connection is
dropped.
I did a debug-session with openssl and got this:

folk...@belle:~$ openssl s_client -connect localhost:996 -state -debug
CONNECTED(00000003)
SSL_connect:before/connect initialization
write to 0x1923850 [0x1924d40] (118 bytes => 118 (0x76))
0000 - 80 74 01 03 01 00 4b 00-00 00 20 00 00 39 00 00 .t....K...  ..9..
0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0 8..5............
0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 05 00 ..3..2../.......
0030 - 00 04 01 00 80 00 00 15-00 00 12 00 00 09 06 00 ................
0040 - 40 00 00 14 00 00 11 00-00 08 00 00 06 04 00 80 @...............
0050 - 00 00 03 02 00 80 ad 40-e1 d0 43 ad a8 5b 4d d5 .......@..c..[m.
0060 - 68 a3 b0 b0 45 38 d8 0d-0d cf 5a 90 bc 3e e3 37 h...E8....Z..>.7
0070 - 19 71 17 2d 0a 09                                 .q.-..
SSL_connect:SSLv2/v3 write client hello A
read from 0x1923850 [0x192a2a0] (7 bytes => 7 (0x7))
0000 - 15 03 01 00 02 02 28                              ......(
SSL3 alert read:fatal:handshake failure
SSL_connect:error in SSLv2/v3 read server hello A
32584:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake 
failure:s23_clnt.c:578:

What is it that I'm doing wrong here?

Thanks.


Folkert van Heusden

-- 

Multitail - gibkaja utilita po sledovaniju log-fajlov i vyvoda
kommand. Fil'trovanie, raskrašivanie, slijanie, vizual'noe sravnenie,
i t.d.  http://www.vanheusden.com/multitail/
----------------------------------------------------------------------
Phone: +31-6-41278122, PGP-key: 1F28D8AE, www.vanheusden.com
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to