simple ssl server

Irfan Gulamali Fri, 17 Jul 2009 22:52:44 -0700

Hi,
 
I'm building a simple ssl server but I'm having trouble getting the handshake 
to work.
I'm using the openssl s_client to verify my tls1 handshake and using the 
server.pem file that came with openssl0.8.9k.
 
I must be missing something critical as I get the alert 40 for failed handshake.
I've included my code below and build instructions for completeness.
 
build: gcc ssls.c -g -o ssls.exe -I. -L"ssllib" -lssl32 -leay32 -lws2_32
 
#include "openssl/ssl.h"
#include 
#include 
#include 
#include


void main()
{
  
  u_long imode = 0;
  SSL_CTX *ctx;
  SSL *ssl;
  char *seed;
  short int seed_sz = 100;
  BIO *sbio, *bbio, *acpt, *out;
  int s, fd;
  SOCKET sk;
  SOCKADDR_IN sa;
  WSADATA neto; 

  SSL_load_error_strings();
  SSL_library_init();
  OpenSSL_add_all_algorithms();
  ctx=SSL_CTX_new(TLSv1_server_method());
  SSL_CTX_use_certificate_file(ctx,"server.pem",SSL_FILETYPE_PEM);
 
  seed = malloc(sizeof(char)*100);
 
  SSL_library_init();
  OpenSSL_add_all_algorithms();
  SSL_load_error_strings();
  
  if(!RAND_seed(seed, seed_sz))
    goto bad_ssl;
 
  ctx=SSL_CTX_new(TLSv1_server_method());
  if(ctx == NULL)
    goto bad_ssl;
  ssl=SSL_new(ctx);
  if(ssl == NULL)
    goto bad_ssl;
  SSL_set_accept_state(ssl);
 
  if(!SSL_CTX_load_verify_locations(ctx, "server.pem", NULL) )
    goto bad_ssl;
  
  if(!SSL_CTX_use_certificate_file(ctx, "server.pem", SSL_FILETYPE_PEM))
    goto bad_ssl;
 
  if(!SSL_CTX_use_PrivateKey_file(ctx, "server.pem", SSL_FILETYPE_PEM))
    goto bad_ssl;
 
  if (!SSL_CTX_check_private_key(ctx))
    goto bad_ssl;
  
  free(seed);
  /* SSL Network stuff */
  /*windows network*/
  if (WSAStartup(MAKEWORD(2,2), &neto)!=0)
    goto bad_ssl;
  sk = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
  if(sk == SOCKET_ERROR)
    goto bad_ssl;
  sa.sin_addr.S_un.S_addr =  INADDR_ANY;
  sa.sin_family = AF_INET;
  sa.sin_port = htons(8080);
  if(bind(sk, (SOCKADDR*)&sa, sizeof(sa))== SOCKET_ERROR)
    goto bad_ssl;
  
  if(listen(sk,5)== SOCKET_ERROR)
    goto bad_ssl;
  fd = accept(sk, (struct sockaddr *)&sa, NULL);
  if(fd == INVALID_SOCKET)
    goto bad_ssl;
  /*END windows network -----------------------*/
  SSL_CTX_set_options(ctx,SSL_OP_ALL);
  SSL_CTX_set_mode(ctx,SSL_MODE_AUTO_RETRY);  
  SSL_accept(ssl);
  if(!SSL_set_fd(ssl,fd))
    goto bad_ssl;
  
  while(1)
    {
      if(SSL_accept(ssl) == 1)
 printf("connected!");
    }
  return;
 bad_ssl:
  free(seed);
  printf("\nError SSL INIT\n");
    
}
_________________________________________________________________
Stay in the loop and chat with friends, right from your inbox!
http://go.microsoft.com/?linkid=9671354______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

simple ssl server

Reply via email to