From 23093b1505260f0f3d589566fb7f9624e7cf18ea Mon Sep 17 00:00:00 2001 From: "Simon V. Lejel" Date: Sun, 11 Feb 2024 22:36:58 +0100 Subject: [PATCH 1/2] =?UTF-8?q?=F0=9F=90=9B=20Fix=20certificate=20errors?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/client/main.cc | 6 +++--- src/server/main.cc | 8 +++----- 2 files changed, 6 insertions(+), 8 deletions(-) diff --git a/src/client/main.cc b/src/client/main.cc index 26b09d7..71aefd9 100644 --- a/src/client/main.cc +++ b/src/client/main.cc @@ -36,8 +36,8 @@ int main() { // Load the server's certificate into context if (SSL_CTX_load_verify_locations( - ctx, "~/git/mogens_og_karen/ssl/server.crt", nullptr) <= 0) { - // TODO Handle error + ctx, "./ssl/server.crt", nullptr) <= 0) { + cout << "SSL load failed" << endl; } // Create SSL object @@ -81,7 +81,7 @@ int main() { cout << endl; message.username = "Client 1"; - SSL_write(ssl, message.toString().data(), 0); + SSL_write(ssl, message.toString().data(), strlen(message.toString().data())); } // Clean up diff --git a/src/server/main.cc b/src/server/main.cc index 3763f79..9064214 100644 --- a/src/server/main.cc +++ b/src/server/main.cc @@ -1,5 +1,4 @@ #include -#include #include #include #include @@ -25,14 +24,13 @@ int main() { } // Load certificate - if (SSL_CTX_use_certificate_file(ctx, - "~/git/mogens_og_karen/ssl/server.crt", + if (SSL_CTX_use_certificate_file(ctx, "./ssl/server.crt", SSL_FILETYPE_PEM) <= 0) { // TODO Handle error } // Load certificate private key - if (SSL_CTX_use_PrivateKey_file(ctx, "~/git/mogens_og_karen/ssl/server.key", + if (SSL_CTX_use_PrivateKey_file(ctx, "./ssl/server.key", SSL_FILETYPE_PEM) <= 0) { // TODO Handle error } @@ -74,7 +72,7 @@ int main() { while (true) { char buffer[1024] = {0}; - SSL_read(ssl, buffer, 0); + SSL_read(ssl, buffer, sizeof(buffer) - 1); if (strlen(buffer) <= 0) { cout << "Client seems to have just straight up left :(" << endl; From cba0ae1da350208cce9daa825aa88f79aa98ad57 Mon Sep 17 00:00:00 2001 From: "Simon V. Lejel" Date: Sun, 11 Feb 2024 22:37:23 +0100 Subject: [PATCH 2/2] =?UTF-8?q?=F0=9F=9A=A7=20Print=20errors?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/client/main.cc | 6 +++--- src/server/main.cc | 30 +++++++++++++++++++++--------- 2 files changed, 24 insertions(+), 12 deletions(-) diff --git a/src/client/main.cc b/src/client/main.cc index 71aefd9..05be09f 100644 --- a/src/client/main.cc +++ b/src/client/main.cc @@ -31,7 +31,7 @@ int main() { // Create new SSL context SSL_CTX *ctx = SSL_CTX_new(TLS_client_method()); if (!ctx) { - // TODO Handle error + cout << "Creation of SSL context failed" << endl; } // Load the server's certificate into context @@ -43,7 +43,7 @@ int main() { // Create SSL object SSL *ssl = SSL_new(ctx); if (!ssl) { - // TODO Handle error + cout << "Failed to create SSL object" << endl; } int clientSocket = socket(AF_INET, SOCK_STREAM, 0); @@ -65,7 +65,7 @@ int main() { // Perform SSL handshake if (SSL_connect(ssl) != 1) { - // TODO Handle error + cout << "SSL Handshake error" << endl; } while (true) { diff --git a/src/server/main.cc b/src/server/main.cc index 9064214..992effc 100644 --- a/src/server/main.cc +++ b/src/server/main.cc @@ -20,25 +20,31 @@ int main() { SSL_CTX *ctx = SSL_CTX_new(TLS_server_method()); if (!ctx) { - // TODO Handle error + cout << "Creation of SSL context failed" << endl; } // Load certificate if (SSL_CTX_use_certificate_file(ctx, "./ssl/server.crt", SSL_FILETYPE_PEM) <= 0) { - // TODO Handle error + unsigned long errCode = ERR_get_error(); + char errBuffer[128]; + ERR_error_string_n(errCode, errBuffer, sizeof(errBuffer)); + cout << "Certificate load failed: " << errBuffer << endl; } // Load certificate private key if (SSL_CTX_use_PrivateKey_file(ctx, "./ssl/server.key", SSL_FILETYPE_PEM) <= 0) { - // TODO Handle error + unsigned long errCode = ERR_get_error(); + char errBuffer[128]; + ERR_error_string_n(errCode, errBuffer, sizeof(errBuffer)); + cout << "Private key load failed: " << errBuffer << endl; } cout << "Initializing server" << endl; int serverSocket = socket(AF_INET, SOCK_STREAM, 0); if (serverSocket == -1) { - // TODO error + cout << "Server socket failed" << endl; } sockaddr_in serverAddress; @@ -49,25 +55,31 @@ int main() { int bindStatus = bind(serverSocket, (struct sockaddr *)&serverAddress, sizeof(serverAddress)); if (bindStatus == -1) { - // TODO error + cout << "Bind failed" << endl; } int listenStatus = listen(serverSocket, 5); if (listenStatus == -1) { - // TODO error + cout << "Listen failed" << endl; } int clientSocket = accept(serverSocket, nullptr, nullptr); if (clientSocket == -1) { - // TODO error + cout << "Client socket failed" << endl; } SSL *ssl = SSL_new(ctx); SSL_set_fd(ssl, clientSocket); // Perform the SSL negotiation - if (SSL_accept(ssl)) { - // TODO Handle error + int sslAcceptCode = SSL_accept(ssl); + if (sslAcceptCode <= 0) { + int sslError = SSL_get_error(ssl, sslAcceptCode); + char *errStr = ERR_error_string(ERR_get_error(), nullptr); + cout << "SSL_accept failed with SSL error: " << sslError << endl; + cout << "OpenSSL error: " << errStr << endl; + } else { + cout << "negotiated SSL" << endl; } while (true) {