Hi,
I need help deciphering why I am getting this error.
Below is the scenario which is not a common implementation ( well not that I
have been able to fine on the net).

What I am doing is using bio  memory buffers (BIO_s_mem() ) at an embedded
level away from the connection( currently tcpip).
So there is not sockets tied to the ssl.

As well, I am only utilizing encryption with only providing the client side
with CA certificate and the server has a server certificate.
On load everything appear to load correctly ( certifcates).

As well, I have set the verify context to SSL_VERIFY_NONE.

The server starts and loads its server certicate and private key
successfully.
The client starts and load the CA certificate sucessfully.

The following code illustrate the ssl setup:

setup_function(connection &self, context *c)
{

 SSL_load_error_strings();
 SSL_library_init();

 _ssl = SSL_new(c->_impl->_ctx);
 if( _ssl==0 )
  throw logic_error("unable to create osa::ssl::connection");

 //our io mechanism is through memory buffers
 _in  = BIO_new(BIO_s_mem());
 _out = BIO_new(BIO_s_mem());

 SSL_set_bio(_ssl, _in, _out);

 //TODO: this is either accept or connect based upon the role
 //from the context

 if(c->get_role() == ssl::role_server)
 {
  SSL_set_accept_state(_ssl);
 }
 else
 {
  SSL_set_connect_state(_ssl);
 }
}


 The next this that I do is start sending data from client. First a
connection has been established at the tcpip but ssl is unaware of this
connection because this layer again is embedded.  On the client side raw
data is written to the ssl structure using SSL_write().  Of course I recieve
an SSL_ERROR_WANT_READ, but that is because I have to read it out of memory
using BIO_read() and this  reads the data into buffer that is sent on the
tcpip communication line.

This actaully seems to work, and the data is encrypted and looks ok ( I
think).

The server is where I have problems.

The server recieves the  encrypted data and  sends to the lower level and
where it is pumped into the SSL structure ( which is using these memory
buffers) using the BIO_write call ( I acutally see that bytes are written
into it) and the buffer looks good.  I then go and do an SSL_read() and I
get nothing except  SSL_ERRO_WANT_READ. I do see that a session has been
established and that the packet member actually contains the data I want
access to....but the member state=8576 and rstate=240.

What am I missing????
Is it somthing to do this the handshake that I am missing or the readinf of
the data.

I have been working on this for a while and am at a stale mate......please
help!!!

Reply via email to