Hi, I believe that this document would provide a possible insight to what might have happened.
http://www.openssl.org/docs/ssl/SSL_accept.html#NOTES Regards, Senaka On Thu, 2007-10-25 at 15:19 -0700, Dumindu Pallewela (JIRA) wrote: > [ > https://issues.apache.org/jira/browse/AXIS2C-728?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12537749 > ] > > Dumindu Pallewela commented on AXIS2C-728: > ------------------------------------------ > > I couldn't look in to this in detail, but going through the description, I > sense that this is potentially a bug (Last time I tested it worked!). Could > you please provide some more details on how this bug can be reproduced? Were > you using Apache2 as your server? And the rest of the configuration? > (mod_ssl, openssl, etc version) > > > SSL client authenticate failed > > ------------------------------ > > > > Key: AXIS2C-728 > > URL: https://issues.apache.org/jira/browse/AXIS2C-728 > > Project: Axis2-C > > Issue Type: Bug > > Components: core/transport > > Affects Versions: 1.1.0 > > Environment: OS:RedHar Linux v5 > > Reporter: tsunoda norihiko > > Fix For: 1.1.0 > > > > > > I make a client program to perform SSL client authentication/server > > authentication using Axis2/C. > > In the environment only for the server authentication, the program worked > > normally. > > But I cannot receive the response message in the client authentication > > environment and detected error code 82 - "Input stream is NULL in msg_ctx". > > When I confirm server side. > > SSL handshake and message transmission to the client worked normally. > > I found that an error occurred in axis2_ssl_stream_read() when I debugged a > > client program. > > ${axis2c_src}/src/core/transport/http/sender/ssl/ssl_stream.c > > >>> > > 146 int AXIS2_CALL > > 147 axis2_ssl_stream_read( > > 148 axutil_stream_t *stream, > > 149 const axutil_env_t *env, > > 150 void *buffer, > > 151 size_t count > > 152 ) > > 153 { > > 154 ssl_stream_impl_t *stream_impl = NULL; > > 155 int read = -1; > > 156 int len = -1; > > 157 > > 158 AXIS2_ENV_CHECK(env, AXIS2_CRITICAL_FAILURE); > > 159 > > 160 stream_impl = AXIS2_INTF_TO_IMPL(stream); > > 161 > > 162 read = SSL_read(stream_impl->ssl , buffer, count); > > 163 switch (SSL_get_error(stream_impl->ssl , read)) > > 164 { > > 165 case SSL_ERROR_NONE: > > 166 len = read; > > 167 break; > > 168 case SSL_ERROR_ZERO_RETURN: > > 169 len = -1; > > 170 break; > > 171 case SSL_ERROR_SYSCALL: > > 172 AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, > > 173 "SSL Error: Premature close"); > > 174 len = -1; > > 175 break; > > 176 default: > > 177 len = -1; > > 178 break; > > 179 } > > 180 return len; > > 181 } > > <<< > > At the default case in the switch online 176, the value of len should not > > be "-1". > > SSL_get_error() return SSL_ERROR_WANT_READ. > > The specifications of SSL_read() seem to be as follows. > > >>> > > In this case a call to SSL_get_error(3) with the return value of SSL_read() > > will yield SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE. > > As at any time a re-negotiation is possible, a call to SSL_read() can also > > cause write operations! > > The calling process then must repeat the call after taking appropriate > > action to satisfy the needs of SSL_read(). > > <<< > > (http://www.openssl.org/docs/ssl/SSL_read.html#NOTES) > > I could get a response message when I debug as follows. > > ${axis2c_src}/src/core/transport/http/sender/http_client.c > > >>> > > 413 /* read the status line */ > > 414 do > > 415 { > > 416 memset(str_status_line, 0, 512); > > 417 while ((read = axutil_stream_read(client->data_stream, > > env, tmp_buf, > > 418 1)) > 0) > > 419 { > > 420 tmp_buf[read] = '\0'; > > 421 strcat(str_status_line, tmp_buf); > > 422 if (0 != strstr(str_status_line, AXIS2_HTTP_CRLF)) > > 423 { > > 424 end_of_line = AXIS2_TRUE; > > 425 break; > > 426 } > > 427 } > > + 428 /* debug */ > > + 429 #if 0 > > 430 if (read < 0) > > 431 { > > 432 AXIS2_LOG_DEBUG(env->log, AXIS2_LOG_SI, "[axis2c] http > > client , response timed out" ); > > 433 AXIS2_ERROR_SET(env->error, > > 434 AXIS2_ERROR_RESPONSE_TIMED_OUT, > > 435 AXIS2_FAILURE); > > 436 return -1; > > 437 } > > 438 else if (read == 0) > > + 439 #endif > > + 440 if(read == 0) > > 441 { > > 442 AXIS2_ERROR_SET(env->error, > > 443 AXIS2_ERROR_RESPONSE_SERVER_SHUTDOWN, > > 444 AXIS2_FAILURE); > > 445 AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "Response > > error, Server Shutdown"); > > 446 return 0; > > 447 } > > <<< > > However, this is my temporary modification. > > What kind of method will be appropriate? > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
