Thank you Andrea - I always know this issue. Net::SSLeay takes care about
the lowlevel errors. It is not important for assp to know the lowlevel
error on an unaccepted socket. ASSP can't do anything on it. We have to
trust Net::SSLeay and have to hope, it will fix the socket error within
the timeout value while assp tries the accept again and again (which is
the required action). If not, we'll get back the 'want read/write first'
(or any other) error from the SSL layer.
The lowlevel error would be important, if there would be a fallback option
to plain text for the socket - but this is a SSL only socket - so this
makes no sense.
In case of STARTTLS assp offers the client the option to fall back to
plain text. But most times (I never really saw this in production mode)
the failed SSL handshake (accept) leaves the socket on any site in an
unrecoverable state, which make a fall back impossible.
Thomas
Von: Grayhat <gray...@gmx.net>
An: assp-test@lists.sourceforge.net
Datum: 11.05.2016 17:30
Betreff: Re: [Assp-test] SSL wants a read first
:: On Wed, 11 May 2016 13:57:47 +0200
::
<titc.69398d02e6.of230c5677.fd351fd1-onc1257fb0.0040f36a-c1257fb0.0041b...@thockar.com>
::
Thomas Eckardt <thomas.ecka...@thockar.com> wrote:
> >Error: Worker_2 accept_SSL .... SSL wants a read first
>
> Accept failes because there are data at the socket which have to be
> read first. But there is nobody who can read this data (without an
> accept) except the Net::SSLeay layer itself.
> IMHO the client sends a sequence that can't be processed by the SSL
> layer
> - for example plain data.
Not sure these are related, but may be worth checking
https://github.com/libwww-perl/net-http/pull/11
https://www.mail-archive.com/openssl-users@openssl.org/msg74631.html
------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data
untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
DISCLAIMER:
*******************************************************
This email and any files transmitted with it may be confidential, legally
privileged and protected in law and are intended solely for the use of the
individual to whom it is addressed.
This email was multiple times scanned for viruses. There should be no
known virus in this email!
*******************************************************
------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
