<div dir="ltr"><div><div><div><div>Dear OpenSSL community,<br><br></div>I have, because of Matt's suggestion of the origin of error, written a small C server that uses the same configuration and it works. Can someone tell me what's going on?<br></div>The code is next (fully copied from my editor):<br><br>"#include<string.h><br>#include <sys/types.h><br>#include <sys/socket.h><br>#include <stdlib.h><br>#include <stdio.h><br>#include <netinet/in.h><br>#include <errno.h><br><br>#define PROTOCOL IPPROTO_TCP<br>#define SERV_PORT 8080<br>#define LISTENQ 1<br>#define MAXLINE 100<br><br>void exit_msg(const char* msg) ;<br>void str_echo(int sockfd) ;<br>ssize_t writen(int fd, const void *vptr, size_t n) ;<br><br><br>int main(int argc, char **argv)<br>{<br> int listenfd, connfd;<br> pid_t childpid;<br> socklen_t clilen;<br> struct sockaddr_in cliaddr, servaddr;<br> listenfd = socket (AF_INET, SOCK_STREAM, PROTOCOL);<br> if(listenfd < 0)<br> {<br> exit_msg("socket() error");<br> }<br> printf("Created socket!\n");<br> memset(&servaddr, 0, sizeof(servaddr));<br> servaddr.sin_family = AF_INET;<br> servaddr.sin_addr.s_addr = htonl (INADDR_ANY);<br> servaddr.sin_port = htons (SERV_PORT);<br><br> if(bind(listenfd, (const struct sockaddr *) &servaddr, sizeof(servaddr)) < 0)<br> {<br> exit_msg("bind() error");<br> }<br> printf("Binded port/socket!\n");<br><br> if(listen(listenfd, LISTENQ) < 0)<br> {<br> exit_msg("listen() error");<br> }<br> printf("Listening!\n");<br><br> while(1)<br> {<br> clilen = sizeof(cliaddr);<br> connfd = accept(listenfd, (struct sockaddr *) &cliaddr, &clilen);<br> if(connfd < 0)<br> {<br> exit_msg("accept() error");<br> }<br> printf("Accepted!\n");<br> str_echo(connfd);<br><br> close(connfd);<br> }<br>}<br><br>void str_echo(int sockfd)<br>{<br> ssize_t n;<br> char buf[MAXLINE];<br><br> while(1)<br> {<br> while ( (n = read(sockfd, buf, MAXLINE)) > 0)<br> {<br> writen(sockfd, buf, n);<br> buf[n]=0;<br> printf("Echoing %lu bytes: %s\n", n, buf);<br> }<br> if (n < 0 && errno == EINTR)<br> {<br> continue;<br> }<br> else if (n < 0)<br> {<br> exit_msg("read() failure");<br> }<br> else if(n==0)<br> {<br> printf("Client ended!\nListening!\n");<br> break;<br> }<br> }<br>}<br><br>ssize_t writen(int fd, const void *vptr, size_t n)<br>{<br> size_t nleft;<br> ssize_t nwritten;<br> const char *ptr;<br> ptr = vptr;<br> nleft = n;<br> while (nleft > 0)<br> {<br> if ( (nwritten = write(fd, ptr, nleft)) <= 0)<br> {<br> if (nwritten < 0 && errno == EINTR)<br> {<br> nwritten = 0;<br> }<br> else<br> {<br> return -1;<br> }<br> }<br> nleft -= nwritten;<br> ptr += nwritten;<br> }<br> return n;<br>}<br><br>void exit_msg(const char* msg)<br>{<br> perror(msg);<br> exit(EXIT_FAILURE);<br>}"<br><br></div>Best regards,<br></div>Nikola Milev<br><div class="gmail_extra"><br><div class="gmail_quote">On 1 September 2016 at 00:16, Nikola Milev <span dir="ltr"><<a href="mailto:nikola.n.milev@gmail.com" target="_blank">nikola.n.milev@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="HOEnZb"><div class="h5"><p dir="ltr">To whom it may concern,</p>
<p dir="ltr">I have been experiencing issues with OpenSSL and DraginoYun. If you are not the person I should have contacted, please redirect me. Thank you!</p>
<p dir="ltr">Recently, I have tried using OpenSSL to establish a simple server application on Dragino Yun version 2.4. First, I tested the code on my Acer Aspire 5750ZG running Ubuntu 14.04 and it worked fine. Afterwards, I used OpenWrt SDK to cross-compile the application. However, the application is unable to bind the socket; the BIO_do_accept function fails. Here is the error stack the code provided:<br>
"2006783048:error:0200407C:<wbr>lib(2):func(4):reason(124):NA:<wbr>0:port='5354'<br>
2006783048:error:20069076:lib(<wbr>32):func(105):reason(118):NA:<wbr>0:"</p>
<p dir="ltr">errstr returned these as answers:<br>
"$ openssl errstr 0200407C<br>
error:0200407C:system library:socket:Wrong medium type<br>
$ openssl errstr 20069076<br>
error:20069076:BIO routines:BIO_get_accept_<wbr>socket:unable to create socket<br>
"<br>
I suppose that the second one is a product of the first one.</p>
<p dir="ltr">I have checked iptables and I have checked ports that are currently in use, all seems to be in order.</p>
<p dir="ltr">However, the OpenSSL s_server (in combination with s_client on the other side) works fine.<br>
May this be an OpenSSL bug? If not, do you have any suggestions?</p>
<p dir="ltr">OpenSSL version on Acer is 1.0.1f 6 Jan 2014 and on Dragino 1.0.1h 5 Jun 2014.</p>
<p dir="ltr">In the attachment, I am providing the code(though I am not sure if it is available on the list), mostly taken from O'Reilly "Network Security with OpenSSL".</p>
<p dir="ltr">All the passkeys are "raspberry". (these certificates and keys were generated for testing purposes)</p>
<p dir="ltr">Of course, should you need any additional information, I'd be happy to provide it.</p>
<p dir="ltr">I originally addressed Matt Caswell regarding the issue and I am pasting his response to my question and my response to that.</p>
<p dir="ltr">His response:<br>
"Hello,</p>
<p dir="ltr">I'm not really the best person to ask about such low level stuff. The<br>
best place to raise these questions is on the openssl-users email list.<br>
It also means any questions/answers are publicly archived and available<br>
for other users. Details are here:</p>
<p dir="ltr"><a href="https://mta.openssl.org/" target="_blank">https://mta.openssl.org</a></p>
<p dir="ltr">However, I did have a quick look and discovered the following. The code<br>
that raises this error looks like this:</p>
<p dir="ltr"> s = socket(server.sa.sa_family, SOCK_STREAM, SOCKET_PROTOCOL);<br>
if (s == INVALID_SOCKET) {<br>
SYSerr(SYS_F_SOCKET, get_last_socket_error());<br>
ERR_add_error_data(3, "port='", host, "'");<br>
BIOerr(BIO_F_BIO_GET_ACCEPT_<wbr>SOCKET, BIO_R_UNABLE_TO_CREATE_SOCKET)<wbr>;<br>
goto err;<br>
}</p>
<p dir="ltr">So this is a call to the non-OpenSSL networking function "socket". In<br>
this context "server.sa.sa_family" has been set to AF_INET a few lines<br>
above, and "SOCKET_PROTOCOL" is a macro defined at the beginning of the<br>
file as follows:</p>
<p dir="ltr"># define SOCKET_PROTOCOL IPPROTO_TCP</p>
<p dir="ltr">In other words the function that is failing is doing this:</p>
<p dir="ltr">socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)</p>
<p dir="ltr">This seems like a fairly fundamental failure, and might suggest that the<br>
platform in question has no TCP/IP support available for some reason?"</p>
<p dir="ltr">My response to his:<br>
"<br>
Hi Matt,</p>
<p dir="ltr">The platform supports TCP/IP, if I deduced correctly. I have programmed an application similar to the example in Unix Network Programming (a basic TCP/IP echo server) and it works without any issues. Also, openssl s_server works correctly; I tried using it with openssl s_client on the other machine.<br>
I will forward my question to the email list, including both of our responses.<br>
I am grateful for your quick response.</p>
<p dir="ltr">Best regards,<br>
Nikola Milev</p>
<p dir="ltr">"</p>
<p dir="ltr">My original mail to him is almost the same as the first part of this mail.</p>
<p dir="ltr">I am thankful for you support!</p>
<p dir="ltr">Best regards,<br>
Nikola Milev</p>
</div></div></blockquote></div><br></div></div>