Note in that file there is an extra free!! :( sry. --Irfan
---------------------------------------- > From: irfan.gulam...@hotmail.com > To: openssl-users@openssl.org > Subject: RE: simple ssl server > Date: Sat, 18 Jul 2009 16:37:29 -0400 > > > Hi, > > Thank you for the input; I now have a working simple server. > I've attached it for future references if anyone is interested in this form. > > Irfan > > > > ---------------------------------------- >> Subject: RE: simple ssl server >> Date: Fri, 17 Jul 2009 23:49:35 -0700 >> From: viv...@chelsio.com >> To: openssl-users@openssl.org >> >> Y are u initializing the ssl lib twice(SSL_library_init()). Go through >> the txt document that i have attached to this mail. That should help >> you. U need to set ssl to fd(SSL_set_fd) before calling SSL_accept(). >> >> -----Original Message----- >> From: owner-openssl-us...@openssl.org >> [mailto:owner-openssl-us...@openssl.org] On Behalf Of Irfan Gulamali >> Sent: 18 July 2009 11:19 >> To: openssl-users@openssl.org >> Subject: simple ssl server >> >> >> Hi, >> >> I'm building a simple ssl server but I'm having trouble getting the >> handshake to work. >> I'm using the openssl s_client to verify my tls1 handshake and using the >> server.pem file that came with openssl0.8.9k. >> >> I must be missing something critical as I get the alert 40 for failed >> handshake. >> I've included my code below and build instructions for completeness. >> >> build: gcc ssls.c -g -o ssls.exe -I. -L"ssllib" -lssl32 -leay32 -lws2_32 >> >> #include "openssl/ssl.h" >> #include >> #include >> #include >> #include >> >> void main() >> { >> >> u_long imode = 0; >> SSL_CTX *ctx; >> SSL *ssl; >> char *seed; >> short int seed_sz = 100; >> BIO *sbio, *bbio, *acpt, *out; >> int s, fd; >> SOCKET sk; >> SOCKADDR_IN sa; >> WSADATA neto; >> >> SSL_load_error_strings(); >> SSL_library_init(); >> OpenSSL_add_all_algorithms(); >> ctx=SSL_CTX_new(TLSv1_server_method()); >> SSL_CTX_use_certificate_file(ctx,"server.pem",SSL_FILETYPE_PEM); >> >> seed = malloc(sizeof(char)*100); >> >> SSL_library_init(); >> OpenSSL_add_all_algorithms(); >> SSL_load_error_strings(); >> >> if(!RAND_seed(seed, seed_sz)) >> goto bad_ssl; >> >> ctx=SSL_CTX_new(TLSv1_server_method()); >> if(ctx == NULL) >> goto bad_ssl; >> ssl=SSL_new(ctx); >> if(ssl == NULL) >> goto bad_ssl; >> SSL_set_accept_state(ssl); >> >> if(!SSL_CTX_load_verify_locations(ctx, "server.pem", NULL) ) >> goto bad_ssl; >> >> if(!SSL_CTX_use_certificate_file(ctx, "server.pem", SSL_FILETYPE_PEM)) >> goto bad_ssl; >> >> if(!SSL_CTX_use_PrivateKey_file(ctx, "server.pem", SSL_FILETYPE_PEM)) >> goto bad_ssl; >> >> if (!SSL_CTX_check_private_key(ctx)) >> goto bad_ssl; >> >> free(seed); >> /* SSL Network stuff */ >> /*windows network*/ >> if (WSAStartup(MAKEWORD(2,2), &neto)!=0) >> goto bad_ssl; >> sk = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); >> if(sk == SOCKET_ERROR) >> goto bad_ssl; >> sa.sin_addr.S_un.S_addr = INADDR_ANY; >> sa.sin_family = AF_INET; >> sa.sin_port = htons(8080); >> if(bind(sk, (SOCKADDR*)&sa, sizeof(sa))== SOCKET_ERROR) >> goto bad_ssl; >> >> if(listen(sk,5)== SOCKET_ERROR) >> goto bad_ssl; >> fd = accept(sk, (struct sockaddr *)&sa, NULL); >> if(fd == INVALID_SOCKET) >> goto bad_ssl; >> /*END windows network -----------------------*/ >> SSL_CTX_set_options(ctx,SSL_OP_ALL); >> SSL_CTX_set_mode(ctx,SSL_MODE_AUTO_RETRY); >> SSL_accept(ssl); >> if(!SSL_set_fd(ssl,fd)) >> goto bad_ssl; >> >> while(1) >> { >> if(SSL_accept(ssl) == 1) >> printf("connected!"); >> } >> return; >> bad_ssl: >> free(seed); >> printf("\nError SSL INIT\n"); >> >> } >> _________________________________________________________________ >> Stay in the loop and chat with friends, right from your inbox! >> http://go.microsoft.com/?linkid=9671354_________________________________ >> _____________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List openssl-users@openssl.org >> Automated List Manager majord...@openssl.org > _________________________________________________________________ > More storage. Better anti-spam and antivirus protection. Hotmail makes it > simple. > http://go.microsoft.com/?linkid=9671357 _________________________________________________________________ Send and receive email from all of your webmail accounts. http://go.microsoft.com/?linkid=9671356______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
