[9fans] ftpd on 9front problems with TLS

[9fans] ftpd on 9front problems with TLS

[Garry]

[-- Attachment #1: Type: text/plain, Size: 1864 bytes --]

Hello, I'm trying set up ftpd to use TLS, but cannot get it to work. The ftpd service runs and accepts connections with 

Connected to temeraire.
220 Plan 9 FTP server ready.

But TLS doesn't seem to work.

This is how I made my certificate:

ramfs -p
cd /tmp
auth/rsagen -t 'service=tls role=client host=temeraire' > key
chmod 600 key
cp key /sys/lib/tls/key # or: store key in secstore
auth/rsa2x509 'C=AU CN=temeraire' /sys/lib/tls/key | auth/pemencode CERTIFICATE > /sys/lib/tls/cert

My tcp21 file looks like this:
#!/bin/rc
exec /bin/ip/ftpd -d -c/sys/lib/tls/cert $*


My /cfg/temeraire/cpustart file looks like this and the key appears to exist in factotum.
bind -a '#l0' /net
ip/ipconfig
ip/ipconfig ether /net/ether0
cat /net/ndb

cat /sys/lib/tls/key >>/mnt/factotum/ctl

Attempting to debug the connection with OpenSSL gives me this:

openssl s_client -connect temeraire:21 -starttls ftp -servername temeraire
CONNECTED(00000004)
100000000A000000:error:0A000410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:ssl/record/rec_layer_s3.c:1605:SSL alert number 40
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 55 bytes and written 325 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)

Apologies for the text dump, I just wanted to be clear about what my setup is like.

Does anybody have any ideas what I've left out, or got wrong here?

Thank you

Garry
------------------------------------------
9fans: 9fans
Permalink: https://9fans.topicbox.com/groups/9fans/T086867ac9995804e-M999bbe4d92fc8b5c836b9bf4
Delivery options: https://9fans.topicbox.com/groups/9fans/subscription

[-- Attachment #2: Type: text/html, Size: 3883 bytes --]