[openssl-users] [Version-2] Sequence of steps to initialize a ssl-session (only client-mode)
Ajay Garg
ajaygargnsit at gmail.com
Mon Oct 10 05:56:09 UTC 2016
Damn the semicolon at the end :(
Sorry for the noise.
Thanks and Regards,
Ajay
On Mon, Oct 10, 2016 at 11:23 AM, Ajay Garg <ajaygargnsit at gmail.com> wrote:
> [Thanks Viktor, I made the change as suggested by you in the other
> incomplete email that I sent accidentally].
>
>
> Hi All.
>
> We are just dealing with the client-side, and following are the steps ::
>
> ############################################################
> #####################################
> SSL_library_init();
> OpenSSL_add_ssl_algorithms();
> OpenSSL_add_all_algorithms();
> SSL_load_error_strings();
> ERR_load_crypto_strings();
>
> solitary_ssl_ctx = SSL_CTX_new(SSLv23_client_method());
> if(solitary_ssl_ctx == NULL)
> {
> // Control does not reach here.
> }
>
> if(!SSL_CTX_use_certificate_file(solitary_ssl_ctx,
> "/path/of/certificate", SSL_FILETYPE_PEM))
> {
> // Control does not reach here.
> }
>
> if(!SSL_CTX_use_PrivateKey_file(solitary_ssl_ctx, "/path/of/key",
> SSL_FILETYPE_PEM))
> {
> // Control does not reach here.
> }
>
> socket->ssl = SSL_new(solitary_ssl_ctx);
> if(socket->ssl == NULL)
> {
> // Control does not reach here.
> }
>
> if (!BIO_new_bio_pair(&(socket->inter_bio), SSL_BUFFER_SIZE,
> &(socket->network_bio), SSL_BUFFER_SIZE));
> {
> // *CONTROL REACHES HERE*
> }
>
> socket->ssl_bio = BIO_new(BIO_f_ssl());
> if (!(socket->ssl_bio))
> {
> // Status Unknown
> }
>
> SSL_set_connect_state(socket->ssl);
> SSL_set_bio(socket->ssl, socket->inter_bio, socket->inter_bio);
> (void)BIO_set_ssl(socket->ssl_bio, socket->ssl, BIO_NOCLOSE);
> ############################################################
> #####################################
>
>
>
>
> The socket structure has the following ::
>
> ############################################################
> #####################################
> SSL *ssl;
>
> BIO *ssl_bio; // app-payload-bytes will be
> written by app into it.
> BIO *inter_bio; // intermediate-bio, have no idea
> what it really is used for.
> BIO *network_bio; // app-payload-encrypted-bytes will
> "emerge" from this bio, ready to be written over the wire
> ############################################################
> #####################################
>
>
>
> I have followed the minimal steps (only for client-mode) as per
> http://opensource.apple.com/source/OpenSSL096/OpenSSL096-
> 6.2/openssl/ssl/ssltest.c
> So, what am I missing which is causing
>
> BIO_new_bio_pair
>
> to fail?
>
>
> Thanks and Regards,
> Ajay
>
>
--
Regards,
Ajay
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20161010/a4c30025/attachment.html>
More information about the openssl-users
mailing list