From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail2-relais-roc.national.inria.fr (mail2-relais-roc.national.inria.fr [192.134.164.83]) by walapai.inria.fr (8.13.6/8.13.6) with ESMTP id p1PLTef0019062 for ; Fri, 25 Feb 2011 22:29:40 +0100 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AuwBAK+tZ01KfVI0kGdsb2JhbACXeI48CBUBAQEBCQkMBxEEIaJojDwBBY1lAQSFYIwhiE46 X-IronPort-AV: E=Sophos;i="4.62,227,1297033200"; d="scan'208";a="92114234" Received: from mail-ww0-f52.google.com ([74.125.82.52]) by mail2-smtp-roc.national.inria.fr with ESMTP/TLS/RC4-SHA; 25 Feb 2011 22:29:35 +0100 Received: by wwi14 with SMTP id 14so2279778wwi.9 for ; Fri, 25 Feb 2011 13:29:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=acunu.com; s=google; h=domainkey-signature:subject:mime-version:content-type:from :in-reply-to:date:cc:content-transfer-encoding:message-id:references :to:x-mailer; bh=2vdodoeuAezUj79yuOGCWZQ8BBy6wQJG1PeNjzbGkeQ=; b=J0VZWNQwaeHJcOCnK6k4niCKEWRA48c98HCgww3D2fYp7kISzPDRm/ftMnBhx4+Bry BIdhpi5DuVBgRomHwvoIgneDMAV3bjNXnSydO3tUk201/IT0fbdYDA754/4MLBDLINsT 01PRkGkqY/6bupLcnhUviafn5l/0o9/LVY6lQ= DomainKey-Signature: a=rsa-sha1; c=nofws; d=acunu.com; s=google; h=subject:mime-version:content-type:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to:x-mailer; b=bGPYq6MvRrKRhthulCRHN8Ls2if3Rc7VfCP4gJ1Keu5vBmAAJilzTKfE0dFCtQ4e36 82SPgNYeU0cz4v4cET0UWpZvjFqVPOzW+cubLZwF7sgCkvuZmnE8qFavTe/x7ZSlfQc1 oMAHhppdICCzor5G/nC27zHns8UyMJjngaiDo= Received: by 10.227.137.19 with SMTP id u19mr2617439wbt.51.1298669375015; Fri, 25 Feb 2011 13:29:35 -0800 (PST) Received: from weems.theisland.acunu.com ([91.143.78.44]) by mx.google.com with ESMTPS id y29sm898938wbd.4.2011.02.25.13.29.33 (version=TLSv1/SSLv3 cipher=OTHER); Fri, 25 Feb 2011 13:29:34 -0800 (PST) Mime-Version: 1.0 (Apple Message framework v1082) Content-Type: text/plain; charset=us-ascii From: Tom Wilkie In-Reply-To: <72F1256E-1783-45EC-8A18-EA286B290E51@free.fr> Date: Fri, 25 Feb 2011 21:29:32 +0000 Cc: Tom Wilkie , caml-list@inria.fr Message-Id: <1FC332F1-8F6C-49B2-8224-368EB1A4B602@acunu.com> References: <72F1256E-1783-45EC-8A18-EA286B290E51@free.fr> To: Pierre Chopin X-Mailer: Apple Mail (2.1082) Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by walapai.inria.fr id p1PLTef0019062 Subject: Re: [Caml-list] ocaml-ssl You shouldn't do the first accept; I think you should do it like this in the server: let fd = Unix.socket Unix.PF_UNIX Unix.SOCK_STREAM 0 in Unix.bind fd addr; Unix.listen fd 10; while true do let sock, _ = Unix.accept fd in let ssl = Ssl.embed_socket sock ctx in Ssl.accept ssl; Ssl.read ssl etc... done And the client should do: let fd = Unix.socket Unix.PF_UNIX Unix.SOCK_STREAM 0 in Unix.connect fd address; let ssl = Ssl.embed_socket fd context in Ssl.connect ssl; Ssl.write ssl etc... HTH Tom On 24 Feb 2011, at 19:11, Pierre Chopin wrote: > Hi, > > I am trying to get familiar with the ocaml-ssl bindings for Opensll. > > Thus, I am trying to establish an SSL connection between a server and a client which are on my computer. > > I therefore create two sockets, establish a tcp connection between then, and then fail to establish SSL communication. > > The function Ssl.accept on the server will return Accept_error Error_want_read, which I believe is due to the fact that somehow the socket is used in non-blocking mode. > > I therefore made a loop to constantly check for accepting connection. I am not familiar with non blocking mode so I don't know if it is right. Here is the code for the server. > > > (* > #directory "/opt/local/lib/ocaml/site-lib/ssl/";; > #load "ssl.cma" ;; > #load "unix.cma" > *) > > open Ssl ;; > open Unix;; > init () ;; > let domain = PF_INET ;; > let ty = SOCK_STREAM ;; > > let usock = socket domain ty 0;; > let name =Unix.gethostname () ;; > let h = Unix.gethostbyname name ;; > let inet = h.h_addr_list.(0) ;; > let cont = create_context SSLv3 Server_context ;; > let sock_addr = Unix.ADDR_INET (inet,22211) ;; > bind usock sock_addr ;; > listen usock 3 ;; > accept usock ;; > print_string "TCP connection established\n" ;; > Pervasives.flush Pervasives.stdout ;; > let sock = embed_socket usock cont ;; > > > > while true do > try > Ssl.accept sock ;; > print_endline "bing" ; > Pervasives.flush Pervasives.stdout > with Ssl.Accept_error Error_want_read -> > sleep 1; > print_endline "looping" ;Pervasives.flush Pervasives.stdout > done; > > > > Concerning the client, it's pretty much a mirror of the server, except for the loop: > > > #directory "/opt/local/lib/ocaml/site-lib/ssl/";; > #load "/opt/local/lib/ocaml/site-lib/ssl/ssl.cma" ;; > #load "unix.cma" > > open Ssl ;; > open Unix;; > init () ;; > let domain = PF_INET ;; > let ty = SOCK_STREAM ;; > let usock = socket domain ty 0;; > let name =Unix.gethostname () ;; > let h = Unix.gethostbyname name ;; > let inet = h.h_addr_list.(0) ;; > let cont = create_context SSLv3 Client_context ;; > let sock_addr = Unix.ADDR_INET (inet,22211) ;; > connect usock sock_addr;; > > let sock =embed_socket usock cont ;; > let usock2 = file_descr_of_socket sock ;; > Ssl.connect sock ;; > > That last function never returns, and the server keeps "looping", until i kill the process. Any idea why? > > Sincerly, Pierre > > > > > -- > Caml-list mailing list. Subscription management and archives: > https://sympa-roc.inria.fr/wws/info/caml-list > Beginner's list: http://groups.yahoo.com/group/ocaml_beginners > Bug reports: http://caml.inria.fr/bin/caml-bugs >