SSL_connect fails on systemd socket
Tiwari, Hari Sahaya
hari-sahaya.tiwari at hpe.com
Tue Jan 28 14:03:09 UTC 2020
Hi,
I am trying to implement a client server program over SSL through systemd.
Here I have a TCP systemd socket (listening on a predefined port) and its associated service.
systemd socket file:-
# cat /usr/lib/systemd/system/test_ssl.socket
[Unit]
Description=Test socket
[Socket]
ListenStream=2000
Accept=true
MaxConnections=900
[Install]
WantedBy=sockets.target
systemd service file:-
# cat /usr/lib/systemd/system/test_ssl at .service
[Unit]
Description= Test Service
Requires=test_ssl.socket
[Service]
ExecStart=/home/SSL/server
StandardInput=socket
KillMode=process
[Install]
WantedBy=multi-user.target
The service file invoke the binary /home/SSL/server.
Here is it a very simple client server program, where
1. Server binds and listens on a port number.
2. Client first connects to server with normal connect (server will do accept)
3. Once it gets the fd, client does the SSL_connect over same connection. (server will do SSL_accept)
4. After that it will be SSL_read & SSL_write.
Once, I start the systemd socket I can see the systemd starts listening on port 2000.
# systemctl start test_ssl.socket
# netstat -an | grep 2000
tcp6 0 0 :::2000 :::* LISTEN
Post than when executing client, SSL_conect fails.
# ./client localhost 2000
OpenConnection succedeed. << normal connect succeeds.
SSL_connect failed.
140691172779952:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:365:
Here client is able to do normal connect, post that SSL_connect fails.
This client server program works well outside of systemd.
Do I need to add some extra steps to get this working?
Any help or reference would be appreciated.
Thanks & Regards,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20200128/d014798f/attachment-0001.html>
More information about the openssl-users
mailing list