Hi
I'm have some problems getting a client to connect to a server using
DTLS. My code is based on Robin Seggelmann's DTLSv1 example at
fh-muenster.de. I'm implementing it on a point-point network only (data
connection between 2 radios), IP4 over udp so I've stripped it down a bit.
In my server, the return from DTLSv1_listen (which is based on
SSL_accept() I believe) is -1, and when I supply SSL_get_error with the
ssl and that return I get a value of 2. Passing that value to
strerror() returns "No such file or directory" but I think that's a red
herring and what really is going on is that the return val of 2 means
SSL_ERROR_WANT_READ - is this correct? If so, what am I supposed to do
about it - read something from the underlying bio? If so, how do I find
out how much is in the bio so that I can make a call to BIO_read()?
Hopefully someone can see where I'm going wrong either in my code or in
my thinking...?
This is how I currently have my server:
int rcdh_startTlsServer(void)
{
int ret = 1, err = 0;
SOCKET hSock = 0,client_fd = 0;
SSL *ssl;
BIO *bio;
struct timeval timeout;
struct sockaddr_in client_addr,server_addr;
memset(&server_addr, 0, sizeof(struct sockaddr_storage));
memset(&client_addr, 0, sizeof(struct sockaddr_storage));
/* Open an UDP listening socket for this server*/
server_addr.sin_family = AF_INET;
server_addr.sin_addr.s_addr = htonl(INADDR_ANY);
server_addr.sin_port = htons(PEDH_PORT);
hSock = socket(AF_INET, SOCK_DGRAM, 0);
if (hSock < 0) {
printf("socket error\n");
}
bind(hSock, (const struct sockaddr *) &server_addr, sizeof(struct
sockaddr_in));
/* Create BIO */
bio = BIO_new_dgram(hSock, BIO_NOCLOSE);
/* Set and activate timeouts */
timeout.tv_sec = 1;
timeout.tv_usec = 0;
BIO_ctrl(bio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout);
/* Create a new SSL structure for this connection*/
ssl = SSL_new(sslctxBob);
if (ssl == NULL) {
printf( "Server: Error setting up SSL\n");
ret = 0;
}
SSL_set_bio(ssl, bio, bio);
printf("Server: Waiting for incoming connection...\n");
while ((ret = DTLSv1_listen(ssl, &client_addr)) <= 0)
{
if (ret <0)
{
err = SSL_get_error(ssl,ret);
printf("Server: SSL_accept ret=%d, error %d:\"%s\"
\n",ret,err,strerror(err)); //***
if (err == 2)
{
//do something about SSL_ERROR_WANT_READ
}
}
}
printf("Server: ret=%d. received connection attempt from
%x:%d.\n",ret,client_addr.sin_addr.s_addr,client_addr.sin_port);
}
It never gets to the last printf() and the output from *** is :
Server: SSL_accept ret=-1, error 2:"No such file or directory"
repeated about every second...
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
