[英]OpenSSL in C - routines:ssl3_get_record:wrong version number when trying to connect to server using TLS1_2
我正在嘗試制作一個“curl”客戶端,可以向 C 中的服務器發送請求。 我已經創建了一個 TCP 插座(使用大學的幻燈片,經過測試):
int connect_to_host(char * hostname, int port) {
// AF_INET: create socket that uses IPv4; SOCK_STREAM: type of sequenced, reliable
// 2-way connection-based byte streams ~ TCP (as opposed to datagrams ~ UDP)
int socket_fd;
struct sockaddr_in server_addr;
struct hostent * hp;
if ((socket_fd = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
return -1; // remember to broadcast error, saved in errno (extern int errno)
}
// geting address (contained in struct hostent) from DNS
if ((hp = gethostbyname(hostname)) == NULL) {
return -2; // can't find hostname from DNS
}
// per documentation, must zero out bytes in the 'server' socket address before filling values
bzero((char *)&server_addr, sizeof(server_addr));
// filling necessary values of the 'server' socket address
server_addr.sin_family = AF_INET; // using IPv4
server_addr.sin_port = htons(port); // assign port value, remember to change int (host order byte)
// to network order byte. htons = host-to-network-short (short int)
bcopy((char *)hp->h_addr_list[0], (char *)&server_addr.sin_addr.s_addr, hp->h_length); // IP address, got from DNS
if (connect(socket_fd, (struct sockaddr *)&server_addr, sizeof(server_addr)) < 0) {
return -1; // error, as above
}
return socket_fd;
}
並創建了一個 TLS 版本靈活的 SSL/TLS 上下文:
SSL_CTX * init_CTX() {
SSL_METHOD * method;
SSL_CTX * ctx;
OpenSSL_add_all_algorithms(); // Load cryptos, et.al.
SSL_load_error_strings(); // Bring in and register error messages
method = TLS_client_method(); // create new client-method instance
if ((ctx = SSL_CTX_new(method)) == NULL) {; // create new context
return NULL;
}
return ctx;
}
My next step is to create an SSL connection state and "bind" it with the file descriptor return by the TCP function (connect_to_host()) above. 然后我會嘗試制作 SSL_connect()
if (*tls_mode == 1) {
ctx = init_CTX();
ssl = SSL_new(ctx); // create new SSL connection state
SSL_set_fd(ssl, clientfd); // bind socket descriptor to ssl state
if (SSL_connect(ssl) == -1) {
printf("SSL connection failed\n");
ERR_print_errors_fp(stderr);
return -1;
}
printf("debug tls: connect\n");
if (show_cert) SSL_show_certs(ssl);
}
此時我收到標題中的錯誤。 我檢查了 stackoverflow 和位置,但我沒有看到使用 C 和 OpenSSL 庫的問題。 如果有人可以給我一個提示,我將不勝感激。
因此,對於稍后檢查此內容的任何人,我的端口號出錯,並連接到端口 80 而不是 443,從而導致錯誤。
SMTPS:OpenSSL - SSL例程:SSL23_GET_SERVER_HELLO:未知協議s23_clnt.c:787:
[英]SMTPS: OpenSSL - SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol s23_clnt.c:787:
使用C例程和openssl dgst,rsautl命令時的不同簽名
[英]Different signatures when using C routines and openssl dgst, rsautl commands
Openssl - 無法設置使用 libssl (C++) 時要使用的特定 TLS 版本
[英]Openssl - Unable to set specific TLS version to be used when using libssl (C++)
C程序卷曲:(35)錯誤:14077410:SSL例程:SSL23_GET_SERVER_HELLO:sslv3警報握手失敗
[英]C Program curl: (35) error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
處理Node.js TLS服務器和C TLS客戶端(openSSL)連接的正確方法
[英]Correct way of handling Node.js TLS server and C TLS client (openSSL) connections
使用openssl的服務器程序在嘗試連接Linux中的標准客戶端時顯示錯誤
[英]server program using openssl shows error while trying to connect with a standard client in Linux
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.