On Sun Sep 15 14:53:12 2013, dmy...@frankopak.com wrote: > > I have discussed this situation with some Squid developers and we > decided - after SSL error 1408F10B calling standard/raw read() > instead of SSL_read() for empty socket buffer and this patch > stopped crash Squid. >
In general you can't assume OpenSSL will continue reading data from the underlying transport after it has sent a fatal alert. > But the question remains - why crashed, what happened in OpenSSL lib? > Maybe you help more understanding, i would be very grateful to you. > I've just noticed that this is the same issue as mentioned in PR#3200. The workaround (fix being worked on) is the same: http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0294b2be5f4c11 Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org