I am unable to create a listening SSL socket that requests the OS to
pick the listening port (empirical port)
According to the documentation:
BIO_set_accept_port() uses the string name to set the accept port. The
port is represented as a string of the form "host:port", where "host"
is the interface to use and "port" is the port. Either or both values
can be "*" which is interpreted as meaning any interface or port
respectively...
However using the following results in an error:
BIO *bio, *acceptBio;
SSL * ssl = SSL_new(sslCtx);
bio = BIO_new_ssl(sslCtx, 0);
BIO_get_ssl(bio, &ssl);
SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
acceptBio = BIO_new(BIO_s_accept());
BIO_set_accept_port(acceptBio, "*:*");
BIO_set_accept_bios(acceptBio, bio);
if(BIO_do_accept(acceptBio) <= 0) { // first accept call does listening
fprintf(stderr, "Unable to setup listen on secure port\n");
fprintf(stderr, "SSL Error: %s\n",
ERR_error_string(ERR_get_error(), NULL));
exit(255);
}
Upon running this results in the error:
SSL Error: error:02003000:system library:getservbyname:system library
This is caused because a port specified as "*" is not handled properly.
b_sock.c
int BIO_get_port(const char *str, unsigned short *port_ptr)
The method lacks logic to handle a port of "*" and since it hands off
resolution to getservbyname it fails.
This affects all versions of OpenSSL. I tested on Ubuntu 8.04.4 32-bit.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
