c++ - OpenSSL "No Shared cipher"

Question

I know there is a barrage of questions (and answers) but I couldn't find one that moved me on...

I am trying to create an SSL client/server app and getting:

SSL_accept() returned -1

Error in SSL_accept(): 1

Error: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher

I really don't understand what I have done wrong :(

Both call before any OpenSSL call

SSL_load_error_strings();

SSL_library_init();

ERR_load_BIO_strings();

OpenSSL_add_all_algorithms();

Server (snipped to make shorter):

<Created socket and set it to listen to port 8888>

<Bind and make it listen>

while (1) 
{
    client = accept( server, (sockaddr*) &clientsockaddrin, &len );

    SSL_CTX *ctx = SSL_CTX_new( SSLv3_server_method() );

    BIO* bio = BIO_new_file( "dh1024.pem", "r" );

    DH* ret = PEM_read_bio_DHparams( bio, NULL, NULL, NULL );

    BIO_free( bio );

    SSL_CTX_set_tmp_dh( ctx, ret );

    RSA* rsa = RSA_generate_key( 1024, RSA_F4, NULL, NULL );

    SSL_CTX_set_tmp_rsa( ctx, rsa );

    SSL_CTX_set_cipher_list( ctx, "ALL" );

    SSL* ssl = SSL_new(ctx);

    BIO* sslclient = BIO_new_socket(client, BIO_NOCLOSE);

    SSL_set_bio(ssl, sslclient, sslclient);

    int r = SSL_accept( ssl );

    if (r != 1) 
    {
        printf("SSL_accept() returned %d\n", r);
        printf("Error in SSL_accept(): %d\n", SSL_get_error(ssl, r));
        char error[65535];
        ERR_error_string_n(ERR_get_error(), error, 65535);
        printf("Error: %s\n\n", error);
        ERR_print_errors(sslclient);
        int err = WSAGetLastError();
        printf("WSA: %d\n", err);
        // We failed to accept this client connection.
        // Ideally here you'll drop the connection and continue on.
        break;
    }
}

Client is:

SSLSocket *sslSocket = NULL;
SSL_CTX *ctx = NULL;

ctx = SSL_CTX_new( SSLv3_client_method() );

adaptor->SetCipherList( ctx, std::string( "ALL" ) );

sslSocket = static_cast<SSLSocket *>( adaptor->Connect( ctx, "localhost", 8888 ) );

if ( sslSocket == NULL )
{
    std::cout << "Unable to connect to service... aborting!" << std::endl;
    return;
}

I have spent days pulling (whats left of my hair) out, so any help would be gratefully accepted!!

Answer 1

很抱歉将此作为“答案”发布，因为这更像是对您寻找答案的询问。我会注意到RFC 4492需要一个兼容曲线列表，它是 OpenSSL 椭圆曲线支持的集合的子集，因此提供非 TLSv1.2 兼容曲线可能是问题的一部分，但据我所见不可能。（抱歉头脑风暴）。

我想知道您是否能够克服这个问题，如果可以，如何解决？希望你这样做是为了你，也是为了我。