[openssl-dev] openssl (lib and application) localhost problems.

Sat Mar 7 18:48:33 UTC 2015

On Thu, Mar 05, 2015 at 12:18:34PM +0530, dE wrote:

>     printf ("error no. is %ld\n", ERR_peek_last_error());

Hex would be more useful than decimal: 0x1408f10b
Also the version of OpenSSL you're running (I'll assume for
the moment 1.0.1<something>).

This encodes the library number, function and line number.

>From crypto/err/err.h:

    # define ERR_LIB_SSL             20

    # define ERR_GET_LIB(l)          (int)((((unsigned long)l)>>24L)&0xffL)
    # define ERR_GET_FUNC(l)         (int)((((unsigned long)l)>>12L)&0xfffL)
    # define ERR_GET_REASON(l)       (int)((l)&0xfffL)
    # define ERR_FATAL_ERROR(l)      (int)((l)&ERR_R_FATAL)

So 0x14 is libssl, the function is 0x08f or 143 and the reason is
0x10b or 267.

    $ egrep -w '(267|143)' ssl/ssl.h
    ...
    # define SSL_F_SSL3_GET_RECORD                            143
    ...
    # define SSL_R_WRONG_VERSION_NUMBER                       267
    ...

You'd have figured all this out if you had actually loaded the
error strings and used the OpenSSL error decoding interface to
print the error details.  This of course is not suprising:

    server.sin_family = AF_INET;
    server.sin_port = htons(80);
    server.sin_addr.s_addr = inet_addr ("104.68.173.123");

Why would you expect TLS on port 80???  You'd probably have more
luck with port 443, and probably with SSLv23_client_method(), rather
than TLSv1_2_method().

As for why the error is 0 with localhost, what is listening on port
80 on localhost?  Is it an SSL service?

When I run your code against 80 on localhost it fails with the same
"wrong version" error.  When I change 80 to 443, I get error 0.

It sure seems you're barking up the wrong tree...

-- 
	Viktor.