[gnutls-help] No such file or directory on handshake?

[Matt Robinson]

I'm trying to do a simple TLS handshake, and I get a "No such file or
directory" error when attempting to do so. I ran strace on my code, and
this was the output:

open("/etc/gnutls/pkcs11.conf", O_RDONLY) = -1 ENOENT (No such file or
directory)

I'm wondering what that file is, and what I can do to fix it. Here's the
rest of my code, in case there's something wrong with it.

#include <stdio.h>#include <stdlib.h>#include <strings.h>#include
<sys/types.h>#include <sys/socket.h>#include <netinet/in.h>#include
<netdb.h>#include <gnutls/gnutls.h>
void error(char* msg) {
    perror(msg);
    exit(1);}
int main(){
    int sockfd;
    int portno = 64738;
    struct sockaddr_in serv_addr;
    struct hostent* server;

    //set up socket
    server = gethostbyname("localhost");
    bzero(&serv_addr, sizeof(serv_addr));
    serv_addr.sin_family = AF_INET;
    bcopy(server->h_addr,
          &serv_addr.sin_addr.s_addr,
          server->h_length);
    serv_addr.sin_port = htons(portno);
    if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) < 0)
        error("Couldn't create socket");
    if (connect(sockfd, &serv_addr, sizeof(serv_addr)) < 0 )
        error("Connection error");

    //global init
    if (gnutls_global_init() < 0)
        error("Could not globally initialize TLS");

    //session init
    gnutls_session_t* session = malloc(sizeof(gnutls_session_t));
    if (gnutls_init(session, GNUTLS_CLIENT) != GNUTLS_E_SUCCESS)
        error("Could not initialize TLS session");

    //Should eventually use certs, but I don't know how right now
    //gnutls_certificate_credentials_t cert_cred =
malloc(sizeof(gnutls_certificate_credentials_t));
    //if (gnutls_credentials_set(*session, GNUTLS_CRD_CERTIFICATE,
cert_cred) != GNUTLS_E_SUCCESS)
    //
    //For now do it anonymously
    gnutls_anon_client_credentials_t* anon_cred =
malloc(sizeof(gnutls_anon_client_credentials_t));
    if (gnutls_credentials_set(*session, GNUTLS_CRD_ANON, anon_cred)
!= GNUTLS_E_SUCCESS)
        error("Could not set credentials");
    if (gnutls_anon_allocate_client_credentials(anon_cred) != GNUTLS_E_SUCCESS)
        error("Could not allocate credentials");

    //set up socket for tls
    gnutls_transport_set_int(*session, sockfd);

    //do the handshake
    if (gnutls_handshake(*session) != GNUTLS_E_SUCCESS)
        error("TLS handshake failed");

    //deinit
    gnutls_global_deinit();
    printf("Success\n");
    return 0;}


Sorry if I'm not supposed to post code likethis in the middle of an
email, I don't exactly know the protocol for something like this.

-Matt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20140228/f70393c1/attachment.html>