Reputation: 14839
boost asio SSL server error: called a function you should not call
I am using the example from boost with three minor differences:
- I use threads to process
io_service - I have limited the protocol to
> TLS v1.1 - There is no password callback, because the cert key has no password
The threads simply process various connections in parallel
void server::start()
{
for (std::size_t i = 0; i < thread_pool_size_; i++) {
threads_.push_back(std::thread([&]() {
io_service_.run();
}));
}
for (auto & t : threads_) {
t.join();
}
}
The context arguments are:
ctx.set_options(boost::asio::ssl::context::default_workarounds
|boost::asio::ssl::context::no_sslv2
|boost::asio::ssl::context::no_sslv3
|boost::asio::ssl::context::no_tlsv1
|boost::asio::ssl::context::no_tlsv1_1
|boost::asio::ssl::context::single_dh_use);
Apart from that, a connection class controls internally a ssl_socket,
which follows the following callback chain:
ctor
-> start
-> async_handshake
-> read_header
-> async_read_until
-> process_header
...
If I replace the SSL socket with a plaintext socket ip::tcp::socket then everything works fine.
When using the SSL socket, I keep getting called a function you should not call.
GDB shows that this originates from async_handshake. After reading this SO post I managed to obtain the error code:
(20,197,66) error:140C5042:SSL routines:ssl_undefined_function:called a function you should not call.
I'm using Boost 1.58 on Ubuntu 16.04. Any help as to why this is happening, what might be causing it, or what I could possibly have done wrong?
If it matters, I am testing with curl using the -insecure flag.
EDIT
Did try without the restrictive protocol flags, and by setting a password callback - problem still persists.
Upvotes: 1
Views: 1762
Answers (1)
Reputation: 14839
Seems that the following line triggers the problem:
context_(io_service, boost::asio::ssl::context::tlsv12_client)
I should have paid more attention to my code (copy-paste is the root of all evil):
The offending line was in the context constructor:
ctx_(io_service, boost::asio::ssl::context::tlsv12_client)
I've replaced with the server version:
context_(io_service, boost::asio::ssl::context::tlsv12_server)
The full list is hidden in the implementation header of boost. Insert big facepalm here :-)
Upvotes: 4
Related Questions
- Exception running boost asio ssl example
- boost::asio ssl linking error
- Can't implement boost::asio::ssl::stream<boost::asio::ip::tcp::socket> reconnect to server
- boost ssl connection procedure fails
- boost::asio with SSL - problems after SSL error
- Boost::Asio, SSL Connection Problems
- boost::asio convert socket to secure
- Boost asio & ssl & error code
- Boost ASIO: SSL handshake() never finishes
- boost asio ssl stream socket compilation issue