Hi,
 
Thank you for the input; I now have a working simple server.
I've attached it for future references if anyone is interested in this form.

Irfan



----------------------------------------
> Subject: RE: simple ssl server
> Date: Fri, 17 Jul 2009 23:49:35 -0700
> From: viv...@chelsio.com
> To: openssl-users@openssl.org
>
> Y are u initializing the ssl lib twice(SSL_library_init()). Go through
> the txt document that i have attached to this mail. That should help
> you. U need to set ssl to fd(SSL_set_fd) before calling SSL_accept().
>
> -----Original Message-----
> From: owner-openssl-us...@openssl.org
> [mailto:owner-openssl-us...@openssl.org] On Behalf Of Irfan Gulamali
> Sent: 18 July 2009 11:19
> To: openssl-users@openssl.org
> Subject: simple ssl server
>
>
> Hi,
>
> I'm building a simple ssl server but I'm having trouble getting the
> handshake to work.
> I'm using the openssl s_client to verify my tls1 handshake and using the
> server.pem file that came with openssl0.8.9k.
>
> I must be missing something critical as I get the alert 40 for failed
> handshake.
> I've included my code below and build instructions for completeness.
>
> build: gcc ssls.c -g -o ssls.exe -I. -L"ssllib" -lssl32 -leay32 -lws2_32
>
> #include "openssl/ssl.h"
> #include
> #include
> #include
> #include
>
> void main()
> {
>
> u_long imode = 0;
> SSL_CTX *ctx;
> SSL *ssl;
> char *seed;
> short int seed_sz = 100;
> BIO *sbio, *bbio, *acpt, *out;
> int s, fd;
> SOCKET sk;
> SOCKADDR_IN sa;
> WSADATA neto;
>
> SSL_load_error_strings();
> SSL_library_init();
> OpenSSL_add_all_algorithms();
> ctx=SSL_CTX_new(TLSv1_server_method());
> SSL_CTX_use_certificate_file(ctx,"server.pem",SSL_FILETYPE_PEM);
>
> seed = malloc(sizeof(char)*100);
>
> SSL_library_init();
> OpenSSL_add_all_algorithms();
> SSL_load_error_strings();
>
> if(!RAND_seed(seed, seed_sz))
> goto bad_ssl;
>
> ctx=SSL_CTX_new(TLSv1_server_method());
> if(ctx == NULL)
> goto bad_ssl;
> ssl=SSL_new(ctx);
> if(ssl == NULL)
> goto bad_ssl;
> SSL_set_accept_state(ssl);
>
> if(!SSL_CTX_load_verify_locations(ctx, "server.pem", NULL) )
> goto bad_ssl;
>
> if(!SSL_CTX_use_certificate_file(ctx, "server.pem", SSL_FILETYPE_PEM))
> goto bad_ssl;
>
> if(!SSL_CTX_use_PrivateKey_file(ctx, "server.pem", SSL_FILETYPE_PEM))
> goto bad_ssl;
>
> if (!SSL_CTX_check_private_key(ctx))
> goto bad_ssl;
>
> free(seed);
> /* SSL Network stuff */
> /*windows network*/
> if (WSAStartup(MAKEWORD(2,2), &neto)!=0)
> goto bad_ssl;
> sk = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
> if(sk == SOCKET_ERROR)
> goto bad_ssl;
> sa.sin_addr.S_un.S_addr = INADDR_ANY;
> sa.sin_family = AF_INET;
> sa.sin_port = htons(8080);
> if(bind(sk, (SOCKADDR*)&sa, sizeof(sa))== SOCKET_ERROR)
> goto bad_ssl;
>
> if(listen(sk,5)== SOCKET_ERROR)
> goto bad_ssl;
> fd = accept(sk, (struct sockaddr *)&sa, NULL);
> if(fd == INVALID_SOCKET)
> goto bad_ssl;
> /*END windows network -----------------------*/
> SSL_CTX_set_options(ctx,SSL_OP_ALL);
> SSL_CTX_set_mode(ctx,SSL_MODE_AUTO_RETRY);
> SSL_accept(ssl);
> if(!SSL_set_fd(ssl,fd))
> goto bad_ssl;
>
> while(1)
> {
> if(SSL_accept(ssl) == 1)
> printf("connected!");
> }
> return;
> bad_ssl:
> free(seed);
> printf("\nError SSL INIT\n");
>
> }
> _________________________________________________________________
> Stay in the loop and chat with friends, right from your inbox!
> http://go.microsoft.com/?linkid=9671354_________________________________
> _____________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@openssl.org
> Automated List Manager majord...@openssl.org
_________________________________________________________________
More storage. Better anti-spam and antivirus protection. Hotmail makes it 
simple.
http://go.microsoft.com/?linkid=9671357

Attachment: ssls.c
Description: Binary data

Reply via email to