You can't use strerror for OpenSSL errors. Look into ERR_get_error() and
ERR_error_string().
I think what's happening with your code is that you set a recv timeout on
the listen socket, so you listen for one second and then hit the timeout
and the socket returns EWOULDBLOCK/EAGAIN to OpenSSL which causes OpenSSL
to return SSL_ERROR_WANT_READ. So do whatever you wanted to do if the
timeout expired, or don't set one.
On Sun, Feb 17, 2013 at 7:40 PM, T J <jordan.tre...@gmail.com> wrote:
> Hi
>
> I'm have some problems getting a client to connect to a server using DTLS.
> My code is based on Robin Seggelmann's DTLSv1 example at fh-muenster.de.
> I'm implementing it on a point-point network only (data connection between
> 2 radios), IP4 over udp so I've stripped it down a bit.
>
> In my server, the return from DTLSv1_listen (which is based on
> SSL_accept() I believe) is -1, and when I supply SSL_get_error with the ssl
> and that return I get a value of 2. Passing that value to strerror()
> returns "No such file or directory" but I think that's a red herring and
> what really is going on is that the return val of 2 means
> SSL_ERROR_WANT_READ - is this correct? If so, what am I supposed to do
> about it - read something from the underlying bio? If so, how do I find out
> how much is in the bio so that I can make a call to BIO_read()?
>
> Hopefully someone can see where I'm going wrong either in my code or in my
> thinking...?
>
> This is how I currently have my server:
>
> int rcdh_startTlsServer(void)
> {
> int ret = 1, err = 0;
> SOCKET hSock = 0,client_fd = 0;
> SSL *ssl;
> BIO *bio;
> struct timeval timeout;
> struct sockaddr_in client_addr,server_addr;
>
> memset(&server_addr, 0, sizeof(struct sockaddr_storage));
> memset(&client_addr, 0, sizeof(struct sockaddr_storage));
>
> /* Open an UDP listening socket for this server*/
> server_addr.sin_family = AF_INET;
> server_addr.sin_addr.s_addr = htonl(INADDR_ANY);
> server_addr.sin_port = htons(PEDH_PORT);
> hSock = socket(AF_INET, SOCK_DGRAM, 0);
> if (hSock < 0) {
> printf("socket error\n");
> }
> bind(hSock, (const struct sockaddr *) &server_addr, sizeof(struct
> sockaddr_in));
>
>
> /* Create BIO */
> bio = BIO_new_dgram(hSock, BIO_NOCLOSE);
>
>
> /* Set and activate timeouts */
> timeout.tv_sec = 1;
> timeout.tv_usec = 0;
> BIO_ctrl(bio, BIO_CTRL_DGRAM_SET_RECV_**TIMEOUT, 0, &timeout);
>
>
> /* Create a new SSL structure for this connection*/
> ssl = SSL_new(sslctxBob);
> if (ssl == NULL) {
> printf( "Server: Error setting up SSL\n");
> ret = 0;
> }
>
>
> SSL_set_bio(ssl, bio, bio);
>
>
> printf("Server: Waiting for incoming connection...\n");
> while ((ret = DTLSv1_listen(ssl, &client_addr)) <= 0)
> {
> if (ret <0)
> {
> err = SSL_get_error(ssl,ret);
> printf("Server: SSL_accept ret=%d, error %d:\"%s\"
> \n",ret,err,strerror(err)); //***
> if (err == 2)
> {
> //do something about SSL_ERROR_WANT_READ
> }
> }
> }
>
> printf("Server: ret=%d. received connection attempt from
> %x:%d.\n",ret,client_addr.sin_**addr.s_addr,client_addr.sin_**port);
> }
>
> It never gets to the last printf() and the output from *** is :
>
> Server: SSL_accept ret=-1, error 2:"No such file or directory"
>
> repeated about every second...
> ______________________________**______________________________**__________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@openssl.org
> Automated List Manager majord...@openssl.org
>
