Hi,
Can you help to figure out what's wrong with the following TLS test code?
It's just a echo server, the expected result is to get echo string from
server, but client always gets nothing.
client.go:
===============================================================
package main
import ( "fmt" ; "crypto/tls"; "os" )
func main() {
conn , err := tls.Dial("tcp", "127.0.0.1:8000", nil)
if err != nil {
fmt.Println("Fatal error ", err.String())
os.Exit(1)
}
defer conn.Close()
state := conn.ConnectionState()
fmt.Println("handshaked: ", state.HandshakeComplete)
fmt.Println("NegotiatedProtocolIsMutual: ",
state.NegotiatedProtocolIsMutual)
fmt.Println("local address: ", conn.LocalAddr())
conn.Write([]byte("Hello"))
var retbuf []byte
// conn.SetReadTimeout(1000000)
n, error := conn.Read(retbuf)
fmt.Println(n, " bytes read from socket", error)
fmt.Println(string(retbuf))
server.go
===============================================================
package main
import ("fmt"; "os"; "crypto/tls"; "net"; "crypto/rand"; "time")
func main() {
cert, err :=
tls.LoadX509KeyPair("/etc/ssl/certs/ssl-cert-snakeoil.pem",
"/etc/ssl/private/ssl-cert-snakeoil.key")
//cert, err := tls.LoadX509KeyPair("jan.newmarch.name.pem",
"private.pem")
checkError(err)
config := tls.Config {Certificates: []tls.Certificate {cert}}
now := time.Seconds()
config.Time = func() int64 { return now }
config.Rand = rand.Reader
service := "0.0.0.0:8000"
listener, err := tls.Listen("tcp", service, &config)
checkError(err)
fmt.Println("Listening")
for {
conn, err := listener.Accept()
if err != nil {
fmt.Println(err.String())
continue
}
fmt.Println("Accepted")
//tlsConn := tls.Server(conn, &config)
go handleClient(conn)
}
defer conn.Close()
var buf [512]byte
for {
fmt.Println("Trying to read")
n, err := conn.Read(buf[0:])
if err != nil {
return
}
fmt.Println(string(buf[0:100]))
_, err2 := conn.Write(buf[0:n])
if err2 != nil {
return
}
fmt.Println("Echo done")
// time.Sleep(5000000);
}
if err != nil {
fmt.Println("Fatal error ", err.String())
os.Exit(1)
}
Use the following openssl test tool can always get correct result.
openssl s_client -tls1 -connect localhost:8000
Thanks,
-Jon.
jon....@gmail.com
有疑问加站长微信联系(非本文作者)