Re: unexpected SSL_ERROR_ZERO_RETURN
In my case (not Md Lazreg) I can control only client part of connection. I use heavily patched OpenSSL 0.9.8d The sever side use some version of MS WIndows. I believe it MS Server 2003 or newer. I was hoping that the solution for Md Lazreg will help in my case. Kyle Hamilton пишет: Specifically, what versions of the MS operating system are you running on the servers? -Kyle H On Wed, Jan 7, 2009 at 4:44 AM, Andrey Koltsov kolt...@cyberplat.com wrote: I have the same problem with my client Openssl application. The server side is MS IIS. And all other parties use Microsoft based clients and have no such problems. It seems that a client side is a source of trouble not a server side. Suggestions from anyone are welcome. Hi, I have an SSL server handling many clients successfully using openssl-0.9.8e. From time to time however, there are some clients that fail to connect to it. Debugging shows that the problem happens when the client attempts the first SSL_read, which unexpectedly returns 0. Checking then for the SSL error shows that it has the value SSL_ERROR_ZERO_RETURN. According to the SSL documentation this should happen only if the SSL connection has been closed. I do know that my server is not closing it since it is handling many other clients correctly, I also know that for the clients facing this problem, the handshake phase is done correctly it is only when the first SSL_read happens that somehow the connection is dropped I have no idea why if anyone can help me. Thanks __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: unexpected SSL_ERROR_ZERO_RETURN
I have solved my problem. The problem in my case was a server one. I use a non-blocking socket for the server to receive information from the clients, so the server performs a select with a timeout of 1 second to read information. It turns out that when they are network issues, 1 second is not enough and the select times out with a 0 return value, so the server was assuming that the client is gone and closes the connection Now, when the select times out I check the errno and if it is EAGAIN, I try select again... This solved the problem and all clients now are handled correctly... What confused me is the man select documentation which states that select sets errno only if the return value is -1... it seems that even if it returns 0 errno might be set... I have seen this problem on Linux and Hp platforms... Thanks On Wed, Jan 7, 2009 at 1:44 PM, Andrey Koltsov kolt...@cyberplat.comwrote: I have the same problem with my client Openssl application. The server side is MS IIS. And all other parties use Microsoft based clients and have no such problems. It seems that a client side is a source of trouble not a server side. Suggestions from anyone are welcome. Hi, I have an SSL server handling many clients successfully using openssl-0.9.8e. From time to time however, there are some clients that fail to connect to it. Debugging shows that the problem happens when the client attempts the first SSL_read, which unexpectedly returns 0. Checking then for the SSL error shows that it has the value SSL_ERROR_ZERO_RETURN. According to the SSL documentation this should happen only if the SSL connection has been closed. I do know that my server is not closing it since it is handling many other clients correctly, I also know that for the clients facing this problem, the handshake phase is done correctly it is only when the first SSL_read happens that somehow the connection is dropped I have no idea why if anyone can help me. Thanks __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: unexpected SSL_ERROR_ZERO_RETURN
* Md Lazreg wrote on Thu, Jan 08, 2009 at 15:11 +0100: The problem in my case was a server one. I use a non-blocking socket for the server to receive information from the clients, so the server performs a select with a timeout of 1 second to read information. It turns out that when they are network issues, 1 second is not enough and the select times out with a 0 return value, so the server was assuming that the client is gone and closes the connection Now, when the select times out I check the errno and if it is EAGAIN, I try select again... This solved the problem and all clients now are handled correctly... What confused me is the man select documentation which states that select sets errno only if the return value is -1... it seems that even if it returns 0 errno might be set... I have seen this problem on Linux and Hp platforms... errno always has a value. It might be defined (if a function returned -1) or a `random' value (such as 11, EAGAIN or whatever, usually highly predictable :)). My man page seems to be very clear about select timing out with a 0 return value: RETURN VALUE On success, select and pselect return the number of descriptors contained in the descriptor sets, which may be zero if the timeout expires before anything interesting happens. I think usually the `client is gone', `connection closed' or `end of file' situation is when select(2) does return `read for read' for this file descriptor and read(2) returns zero [from man 2 read: `On success, the number of bytes read is returned (zero indicates end of file)']. oki, Steffen -- [end of message. please ignore the rest of this mail] ---8=== About Ingenico: Ingenico is the world's leading provider of payment solutions, with over 15 million terminals deployed across the globe. Delivering the very latest secure electronic payment technologies, transaction management and the widest range of value added services, Ingenico is shaping the future direction of the payment solutions market. Leveraging on its global presence and local expertise, Ingenico is reinforcing its leadership by taking banks and businesses beyond payment through offering comprehensive solutions, a true source of differentiation and new revenues streams. This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation. P Please consider the environment before printing this e-mail __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: unexpected SSL_ERROR_ZERO_RETURN
I have the same problem with my client Openssl application. The server side is MS IIS. And all other parties use Microsoft based clients and have no such problems. It seems that a client side is a source of trouble not a server side. Suggestions from anyone are welcome. Hi, I have an SSL server handling many clients successfully using openssl-0.9.8e. From time to time however, there are some clients that fail to connect to it. Debugging shows that the problem happens when the client attempts the first SSL_read, which unexpectedly returns 0. Checking then for the SSL error shows that it has the value SSL_ERROR_ZERO_RETURN. According to the SSL documentation this should happen only if the SSL connection has been closed. I do know that my server is not closing it since it is handling many other clients correctly, I also know that for the clients facing this problem, the handshake phase is done correctly it is only when the first SSL_read happens that somehow the connection is dropped I have no idea why if anyone can help me. Thanks __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: unexpected SSL_ERROR_ZERO_RETURN
Specifically, what versions of the MS operating system are you running on the servers? -Kyle H On Wed, Jan 7, 2009 at 4:44 AM, Andrey Koltsov kolt...@cyberplat.com wrote: I have the same problem with my client Openssl application. The server side is MS IIS. And all other parties use Microsoft based clients and have no such problems. It seems that a client side is a source of trouble not a server side. Suggestions from anyone are welcome. Hi, I have an SSL server handling many clients successfully using openssl-0.9.8e. From time to time however, there are some clients that fail to connect to it. Debugging shows that the problem happens when the client attempts the first SSL_read, which unexpectedly returns 0. Checking then for the SSL error shows that it has the value SSL_ERROR_ZERO_RETURN. According to the SSL documentation this should happen only if the SSL connection has been closed. I do know that my server is not closing it since it is handling many other clients correctly, I also know that for the clients facing this problem, the handshake phase is done correctly it is only when the first SSL_read happens that somehow the connection is dropped I have no idea why if anyone can help me. Thanks __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
