2

I am preparing a sample C application to stream file from one remote(FTP) location to another remote location(HTTP). In the application I want to download file using curl API & uploading the downloaded content using ssl API. I am getting segmentation-fault in SSL_connect(), Here is the init code,

SSL* ssl = NULL;//Global variable
SSL_CTX* ssl_ctx = NULL;//Global variable
/* initialize OpenSSL first */
SSL_library_init();
SSL_load_error_strings();

do
{
    ssl_ctx = SSL_CTX_new(SSLv23_client_method());
    if (!ssl_ctx)
    {
        fprintf(stderr, "Failed to SSL_CTX_new\n");
        break;
    }
    SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_NONE, NULL);
    ssl = SSL_new(ssl_ctx);
    if (!ssl)
    {
        fprintf(stderr, "Failed to SSL_new\n");
        break;
    }
    if (SSL_set_fd(ssl, sock) != 1)
    {
        fprintf(stderr, "Failed to SSL_set_fd\n");
        break;
    }
    int err = SSL_connect(ssl);
    if (err != 1)
    {
        fprintf(stderr, "Failed to SSL_connect\n");
        break;
    }

    return_code = 0;
} while(0);

Here 'sock' is open socket connected with remote opened before this call. I verified pointers passing & type-casting, Looks good to me. Can anyone suggest any break-through? Thanks in advance.

Dixit
  • 73
  • 10
  • Failing SSL_connect, Getting Error "Failed to SSL_connect" – Dixit Jul 08 '20 at 11:41
  • curl --version-> curl 7.66.0 (arm-oe-linux-gnueabi) libcurl/7.66.0 OpenSSL/1.0.2h zlib/1.2.8 nghttp2/1.22.0 Release-Date: 2019-09-11 Protocols: file ftp ftps http https Features: AsynchDNS HTTP2 HTTPS-proxy IPv6 libz NTLM NTLM_WB SSL TLS-SRP UnixSockets – Dixit Jul 08 '20 at 11:46

1 Answers1

1

Try running gdb and set up a breakpoint at the line int err = SSL_connect(ssl);, check if ss1 is correctly initialized. Here is a simple tutorial on how to use gdb: https://cseweb.ucsd.edu/classes/fa09/cse141/tutorial_gcc_gdb.html

Jean Baptiste Fleury
  • 9
  • 3
  • Thanks @Jean Baptiste Fleury. I just found the root-cause of crash(it was due to multiple SSL_free(ssl)). Now the binary is not crashing but SSL_connect is failing. Any suggestion? – Dixit Jul 08 '20 at 14:17
  • I am not very familiar with openSSL but from what I am reading from [SSL_connect documentation](https://www.openssl.org/docs/man1.0.2/man3/SSL_connect.html), try to call `SSL_get_error(err)` right after your call to `SSL_connect` and check the [meaning](https://www.openssl.org/docs/man1.0.2/man3/SSL_get_error.html) of its return value – Jean Baptiste Fleury Jul 09 '20 at 09:49
  • Thanks Jean Baptiste Fleury. SSL_connect returns 0 & shows `Success` as perror. printing error using SSL_get_error(err) shows ssl_err 5. that is similar behaviour as http://openssl.6102.n7.nabble.com/SSL-Connect-return-0-with-error-5-td48592.html What we can call it? – Dixit Jul 16 '20 at 05:14