[openssl-users] OpenSSL Dragino Yun Issues
Nikola Milev
nikola.n.milev at gmail.com
Thu Sep 1 11:36:02 UTC 2016
Dear OpenSSL community,
I have, because of Matt's suggestion of the origin of error, written a
small C server that uses the same configuration and it works. Can someone
tell me what's going on?
The code is next (fully copied from my editor):
"#include<string.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <stdlib.h>
#include <stdio.h>
#include <netinet/in.h>
#include <errno.h>
#define PROTOCOL IPPROTO_TCP
#define SERV_PORT 8080
#define LISTENQ 1
#define MAXLINE 100
void exit_msg(const char* msg) ;
void str_echo(int sockfd) ;
ssize_t writen(int fd, const void *vptr, size_t n) ;
int main(int argc, char **argv)
{
int listenfd, connfd;
pid_t childpid;
socklen_t clilen;
struct sockaddr_in cliaddr, servaddr;
listenfd = socket (AF_INET, SOCK_STREAM, PROTOCOL);
if(listenfd < 0)
{
exit_msg("socket() error");
}
printf("Created socket!\n");
memset(&servaddr, 0, sizeof(servaddr));
servaddr.sin_family = AF_INET;
servaddr.sin_addr.s_addr = htonl (INADDR_ANY);
servaddr.sin_port = htons (SERV_PORT);
if(bind(listenfd, (const struct sockaddr *) &servaddr,
sizeof(servaddr)) < 0)
{
exit_msg("bind() error");
}
printf("Binded port/socket!\n");
if(listen(listenfd, LISTENQ) < 0)
{
exit_msg("listen() error");
}
printf("Listening!\n");
while(1)
{
clilen = sizeof(cliaddr);
connfd = accept(listenfd, (struct sockaddr *) &cliaddr, &clilen);
if(connfd < 0)
{
exit_msg("accept() error");
}
printf("Accepted!\n");
str_echo(connfd);
close(connfd);
}
}
void str_echo(int sockfd)
{
ssize_t n;
char buf[MAXLINE];
while(1)
{
while ( (n = read(sockfd, buf, MAXLINE)) > 0)
{
writen(sockfd, buf, n);
buf[n]=0;
printf("Echoing %lu bytes: %s\n", n, buf);
}
if (n < 0 && errno == EINTR)
{
continue;
}
else if (n < 0)
{
exit_msg("read() failure");
}
else if(n==0)
{
printf("Client ended!\nListening!\n");
break;
}
}
}
ssize_t writen(int fd, const void *vptr, size_t n)
{
size_t nleft;
ssize_t nwritten;
const char *ptr;
ptr = vptr;
nleft = n;
while (nleft > 0)
{
if ( (nwritten = write(fd, ptr, nleft)) <= 0)
{
if (nwritten < 0 && errno == EINTR)
{
nwritten = 0;
}
else
{
return -1;
}
}
nleft -= nwritten;
ptr += nwritten;
}
return n;
}
void exit_msg(const char* msg)
{
perror(msg);
exit(EXIT_FAILURE);
}"
Best regards,
Nikola Milev
On 1 September 2016 at 00:16, Nikola Milev <nikola.n.milev at gmail.com> wrote:
> To whom it may concern,
>
> I have been experiencing issues with OpenSSL and DraginoYun. If you are
> not the person I should have contacted, please redirect me. Thank you!
>
> Recently, I have tried using OpenSSL to establish a simple server
> application on Dragino Yun version 2.4. First, I tested the code on my Acer
> Aspire 5750ZG running Ubuntu 14.04 and it worked fine. Afterwards, I used
> OpenWrt SDK to cross-compile the application. However, the application is
> unable to bind the socket; the BIO_do_accept function fails. Here is the
> error stack the code provided:
> "2006783048:error:0200407C:lib(2):func(4):reason(124):NA:0:port='5354'
> 2006783048:error:20069076:lib(32):func(105):reason(118):NA:0:"
>
> errstr returned these as answers:
> "$ openssl errstr 0200407C
> error:0200407C:system library:socket:Wrong medium type
> $ openssl errstr 20069076
> error:20069076:BIO routines:BIO_get_accept_socket:unable to create socket
> "
> I suppose that the second one is a product of the first one.
>
> I have checked iptables and I have checked ports that are currently in
> use, all seems to be in order.
>
> However, the OpenSSL s_server (in combination with s_client on the other
> side) works fine.
> May this be an OpenSSL bug? If not, do you have any suggestions?
>
> OpenSSL version on Acer is 1.0.1f 6 Jan 2014 and on Dragino 1.0.1h 5 Jun
> 2014.
>
> In the attachment, I am providing the code(though I am not sure if it is
> available on the list), mostly taken from O'Reilly "Network Security with
> OpenSSL".
>
> All the passkeys are "raspberry". (these certificates and keys were
> generated for testing purposes)
>
> Of course, should you need any additional information, I'd be happy to
> provide it.
>
> I originally addressed Matt Caswell regarding the issue and I am pasting
> his response to my question and my response to that.
>
> His response:
> "Hello,
>
> I'm not really the best person to ask about such low level stuff. The
> best place to raise these questions is on the openssl-users email list.
> It also means any questions/answers are publicly archived and available
> for other users. Details are here:
>
> https://mta.openssl.org
>
> However, I did have a quick look and discovered the following. The code
> that raises this error looks like this:
>
> s = socket(server.sa.sa_family, SOCK_STREAM, SOCKET_PROTOCOL);
> if (s == INVALID_SOCKET) {
> SYSerr(SYS_F_SOCKET, get_last_socket_error());
> ERR_add_error_data(3, "port='", host, "'");
> BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET, BIO_R_UNABLE_TO_CREATE_SOCKET)
> ;
> goto err;
> }
>
> So this is a call to the non-OpenSSL networking function "socket". In
> this context "server.sa.sa_family" has been set to AF_INET a few lines
> above, and "SOCKET_PROTOCOL" is a macro defined at the beginning of the
> file as follows:
>
> # define SOCKET_PROTOCOL IPPROTO_TCP
>
> In other words the function that is failing is doing this:
>
> socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)
>
> This seems like a fairly fundamental failure, and might suggest that the
> platform in question has no TCP/IP support available for some reason?"
>
> My response to his:
> "
> Hi Matt,
>
> The platform supports TCP/IP, if I deduced correctly. I have programmed an
> application similar to the example in Unix Network Programming (a basic
> TCP/IP echo server) and it works without any issues. Also, openssl s_server
> works correctly; I tried using it with openssl s_client on the other
> machine.
> I will forward my question to the email list, including both of our
> responses.
> I am grateful for your quick response.
>
> Best regards,
> Nikola Milev
>
> "
>
> My original mail to him is almost the same as the first part of this mail.
>
> I am thankful for you support!
>
> Best regards,
> Nikola Milev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160901/dc3d4b22/attachment.html>
More information about the openssl-users
mailing list