I am using the following version of perl modules. Net SSLeay version is 1.08 IO::Socket::SSL version is 0.96 I have the following requirement i need to extend SSL capability to my application. I have designed + it as following. On the server side. I have a tcp server and when a request for any new connection occurs I accept the connection an +d spawn thread ( using pthread api) and in the thread i do the ssl related initialization and bloc +k on SSL_accept On the client side I have created a tcp socket using Net::Telnet api and then using the $sock = IO::Socket::SSL->start_SSL( $sock, 'SSL_passwd_cb' => sub{return "abc"}, 'SSL_version' => 'SSLv2', #'SSL_startHandshake' => 0 ) || die "Encountered an SSL handshake problem:".IO::Socket::SSL::errstr(); $sock->connect_SSL; I have follosing questions 1. Is my desing correct? 2. when ever i try to connect i get the following error "SSL connect attempt failederror:00000000:lib(0):func(0):reason(0) at ./ssl_client2.pl" + , is this error has any thing to do with the version of the modules +i am using. 3. Can you please tell How to desing a skeleton for small echo client and server using the perl SS +L module. Any doc which explain this flow is greatly appreciated. Thanks Amar

Thanks for your valuable suggestions and quick reply. I still have one issue, I have update the script as per your suggestion but still seeing the same p +roblem. here is my client perl script $sock = IO::Socket::INET->new( PeerAddr => '12.31.22.14', PeerPort => 38752, Proto => "tcp", Type => SOCK_STREAM, ); IO::Socket::SSL->start_SSL( $sock, 'SSL_startHandshake' => 0 ) || die "Encountered an SSL handshake problem:".IO::Socket::SSL::errstr(); this fails with the following erro "Encountered an SSL handshake problem:SSL connect attempt failed error:00000000:lib(0):func(0):re +ason(0) at " The server code is /* initialize SSL library */ (void)SSL_library_init(); SSL_load_error_strings(); ssl_ctx = SSL_CTX_new(SSLv23_server_method()); (void)SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL); ssl = SSL_new(ssl_ctx); (void)set_debug_state(ssl_ctx, NULL); SSL_set_accept_state(ssl); (void)SSL_set_session(ssl, NULL); (void)SSL_clear(ssl); ssl_bio = sslc_BIO_new_socket(acceptfd, BIO_NOCLOSE); ssl_err = sslc_SIO_socket_ioctl(acceptfd, FIONBIO, &non_block); /* 1 = non-blocking */ SSL_set_bio(ssl, ssl_bio, ssl_bio); if ( (ssl_err = SSL_do_handshake(ssl)) != 1) the above if condition fails with the following message, SSL_ERROR_WANT_READ: I have handled the exceptions appropriately and loaded the server certificates using one of our Api. The version of the modules I am using are Net::SSLeay '1.08' IO::Socket::SSL '0.96' DO I need to upgrade the above Perl modules. Thanks Amar

Hi, Thanks for your suggestions and I found the issue was the server was not blocking , once I s +et the block option for the server socket it started working. I have couple of questions 1. what apis do I use for reading and writing. As with the Openssl we have SSL_read and SSL_wri +te are there any similar apis in Perl that need to be used to make the secure transaction. 2. I am using sysread for reading the data. I was able to read max of 16k, even if I specify the + size more than 16k. I have even set the socket option for increasing the receive buffer , still s +eeing the same result. I am missing some thing here. the sample code sock->sockopt(SO_RCVBUF,32768); sysread(sock,$res_buf,32768); Max data read was 16k even though the sender is sending more that 16k. If I make multiple reads, I am able to fetch the data properly. Can you please suggest any inputs. My heart felt thanks for all the replies you have given and I greatly appreciate the quick respon +ses from you. Thanks Amar