Note in that file there is an extra free!! :( sry.

--Irfan





----------------------------------------
> From: irfan.gulam...@hotmail.com
> To: openssl-users@openssl.org
> Subject: RE: simple ssl server
> Date: Sat, 18 Jul 2009 16:37:29 -0400
>
>
> Hi,
>
> Thank you for the input; I now have a working simple server.
> I've attached it for future references if anyone is interested in this form.
>
> Irfan
>
>
>
> ----------------------------------------
>> Subject: RE: simple ssl server
>> Date: Fri, 17 Jul 2009 23:49:35 -0700
>> From: viv...@chelsio.com
>> To: openssl-users@openssl.org
>>
>> Y are u initializing the ssl lib twice(SSL_library_init()). Go through
>> the txt document that i have attached to this mail. That should help
>> you. U need to set ssl to fd(SSL_set_fd) before calling SSL_accept().
>>
>> -----Original Message-----
>> From: owner-openssl-us...@openssl.org
>> [mailto:owner-openssl-us...@openssl.org] On Behalf Of Irfan Gulamali
>> Sent: 18 July 2009 11:19
>> To: openssl-users@openssl.org
>> Subject: simple ssl server
>>
>>
>> Hi,
>>
>> I'm building a simple ssl server but I'm having trouble getting the
>> handshake to work.
>> I'm using the openssl s_client to verify my tls1 handshake and using the
>> server.pem file that came with openssl0.8.9k.
>>
>> I must be missing something critical as I get the alert 40 for failed
>> handshake.
>> I've included my code below and build instructions for completeness.
>>
>> build: gcc ssls.c -g -o ssls.exe -I. -L"ssllib" -lssl32 -leay32 -lws2_32
>>
>> #include "openssl/ssl.h"
>> #include
>> #include
>> #include
>> #include
>>
>> void main()
>> {
>>
>> u_long imode = 0;
>> SSL_CTX *ctx;
>> SSL *ssl;
>> char *seed;
>> short int seed_sz = 100;
>> BIO *sbio, *bbio, *acpt, *out;
>> int s, fd;
>> SOCKET sk;
>> SOCKADDR_IN sa;
>> WSADATA neto;
>>
>> SSL_load_error_strings();
>> SSL_library_init();
>> OpenSSL_add_all_algorithms();
>> ctx=SSL_CTX_new(TLSv1_server_method());
>> SSL_CTX_use_certificate_file(ctx,"server.pem",SSL_FILETYPE_PEM);
>>
>> seed = malloc(sizeof(char)*100);
>>
>> SSL_library_init();
>> OpenSSL_add_all_algorithms();
>> SSL_load_error_strings();
>>
>> if(!RAND_seed(seed, seed_sz))
>> goto bad_ssl;
>>
>> ctx=SSL_CTX_new(TLSv1_server_method());
>> if(ctx == NULL)
>> goto bad_ssl;
>> ssl=SSL_new(ctx);
>> if(ssl == NULL)
>> goto bad_ssl;
>> SSL_set_accept_state(ssl);
>>
>> if(!SSL_CTX_load_verify_locations(ctx, "server.pem", NULL) )
>> goto bad_ssl;
>>
>> if(!SSL_CTX_use_certificate_file(ctx, "server.pem", SSL_FILETYPE_PEM))
>> goto bad_ssl;
>>
>> if(!SSL_CTX_use_PrivateKey_file(ctx, "server.pem", SSL_FILETYPE_PEM))
>> goto bad_ssl;
>>
>> if (!SSL_CTX_check_private_key(ctx))
>> goto bad_ssl;
>>
>> free(seed);
>> /* SSL Network stuff */
>> /*windows network*/
>> if (WSAStartup(MAKEWORD(2,2), &neto)!=0)
>> goto bad_ssl;
>> sk = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
>> if(sk == SOCKET_ERROR)
>> goto bad_ssl;
>> sa.sin_addr.S_un.S_addr = INADDR_ANY;
>> sa.sin_family = AF_INET;
>> sa.sin_port = htons(8080);
>> if(bind(sk, (SOCKADDR*)&sa, sizeof(sa))== SOCKET_ERROR)
>> goto bad_ssl;
>>
>> if(listen(sk,5)== SOCKET_ERROR)
>> goto bad_ssl;
>> fd = accept(sk, (struct sockaddr *)&sa, NULL);
>> if(fd == INVALID_SOCKET)
>> goto bad_ssl;
>> /*END windows network -----------------------*/
>> SSL_CTX_set_options(ctx,SSL_OP_ALL);
>> SSL_CTX_set_mode(ctx,SSL_MODE_AUTO_RETRY);
>> SSL_accept(ssl);
>> if(!SSL_set_fd(ssl,fd))
>> goto bad_ssl;
>>
>> while(1)
>> {
>> if(SSL_accept(ssl) == 1)
>> printf("connected!");
>> }
>> return;
>> bad_ssl:
>> free(seed);
>> printf("\nError SSL INIT\n");
>>
>> }
>> _________________________________________________________________
>> Stay in the loop and chat with friends, right from your inbox!
>> http://go.microsoft.com/?linkid=9671354_________________________________
>> _____________________________________
>> OpenSSL Project http://www.openssl.org
>> User Support Mailing List openssl-users@openssl.org
>> Automated List Manager majord...@openssl.org
> _________________________________________________________________
> More storage. Better anti-spam and antivirus protection. Hotmail makes it 
> simple.
> http://go.microsoft.com/?linkid=9671357
_________________________________________________________________
Send and receive email from all of your webmail accounts.
http://go.microsoft.com/?linkid=9671356______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to