Re: connecting to TLS server using TLS package

fleet_captain@hotmail.com wrote:
> I am trying to implement a client (not neccessary a web client)
> that talks to a SSL enabled server, I was experimenting
> with TLS package and used my https server as a server.
>
> Forgive my ignorance in TLS, I am obviously not very
> knowledgable in it. But the help page seems
> to suggest that I should be able to use tls::socket
> in place of socket command and I'll be fine (without even using
> tls::import)
>
> I've tied communicating with a (not neccessary OPENSSL) SSL
> enabled web sever, I did:
>
> (bin) 25 % package require tls
> 1.5.0
> (bin) 26 % set s [::tls::socket $addr 443]
> sock188
> (bin) 27 % ::tls::handshake $s
> 1
> <snip>
>
> I am not sure what I did wrong at all, but the last
> gets $s just hangs there.. seemingly I have not established
> the connection, but tls::status $s returns all the good
> stuff...

If you use tls::socket then you don't need to tls::handshake manually
since it is done automatically for you. You're probably doing the
handshake twice confusing the server side SSL socket.

The following code is what I've always used:

  proc verifyCmd {op sock args} {
    # do some SSL verification, I just return 1 since I don't care
    return 1
  }
  set s [tls::socket -command verifyCmd $address $port]
  puts $s "GET / HTTP/1.0\r\n"
Received on Sun Apr 30 02:18:15 2006