[
https://issues.apache.org/jira/browse/AXIS2C-728?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12538394
]
tsunoda norihiko commented on AXIS2C-728:
-----------------------------------------
Thank you for your comments.
It worked normally by modify as follows.
${axis2c_src}/src/core/transport/http/sender/ssl/ssl_stream.c
>>>
158 AXIS2_ENV_CHECK(env, AXIS2_CRITICAL_FAILURE);
159
160 stream_impl = AXIS2_INTF_TO_IMPL(stream);
+ 161
+ 162 SSL_set_mode(stream_impl->ssl, SSL_MODE_AUTO_RETRY);
+ 163
164 read = SSL_read(stream_impl->ssl , buffer, count);
165 switch (SSL_get_error(stream_impl->ssl , read))
166 {
167 case SSL_ERROR_NONE:
168 len = read;
167 break;
<<<
environment and the setting:
*client side:
OS:RedHat Linux v5
axis2.xml
<transportSender name="https" class="axis2_http_sender">
<parameter name="PROTOCOL" locked="false">HTTP/1.1</parameter>
</transportSender>
<parameter name="SERVER_CERT">/work/ca_cert.pem</parameter>
<parameter name="KEY_FILE">/work/client.pem</parameter>
<parameter name="SSL_PASSPHRASE">xxxx</parameter>
*server side
OS:RedHat Linux v5
HTTPServer apache 2.2.4
mod_ssl 2.2.4
OpenSSL 0.9.8e
tomcat 5.5.23
axis(java) 1.4
httpd.conf
SSLEngine on
SSLRequireSSL
SSLVerifyClient require
At "SSLVerifyClient none".
Https was normally communicated without modify the program like this time.
> SSL client authenticate failed
> ------------------------------
>
> Key: AXIS2C-728
> URL: https://issues.apache.org/jira/browse/AXIS2C-728
> Project: Axis2-C
> Issue Type: Bug
> Components: core/transport
> Affects Versions: 1.1.0
> Environment: OS:RedHar Linux v5
> Reporter: tsunoda norihiko
> Fix For: 1.1.0
>
>
> I make a client program to perform SSL client authentication/server
> authentication using Axis2/C.
> In the environment only for the server authentication, the program worked
> normally.
> But I cannot receive the response message in the client authentication
> environment and detected error code 82 - "Input stream is NULL in msg_ctx".
> When I confirm server side.
> SSL handshake and message transmission to the client worked normally.
> I found that an error occurred in axis2_ssl_stream_read() when I debugged a
> client program.
> ${axis2c_src}/src/core/transport/http/sender/ssl/ssl_stream.c
> >>>
> 146 int AXIS2_CALL
> 147 axis2_ssl_stream_read(
> 148 axutil_stream_t *stream,
> 149 const axutil_env_t *env,
> 150 void *buffer,
> 151 size_t count
> 152 )
> 153 {
> 154 ssl_stream_impl_t *stream_impl = NULL;
> 155 int read = -1;
> 156 int len = -1;
> 157
> 158 AXIS2_ENV_CHECK(env, AXIS2_CRITICAL_FAILURE);
> 159
> 160 stream_impl = AXIS2_INTF_TO_IMPL(stream);
> 161
> 162 read = SSL_read(stream_impl->ssl , buffer, count);
> 163 switch (SSL_get_error(stream_impl->ssl , read))
> 164 {
> 165 case SSL_ERROR_NONE:
> 166 len = read;
> 167 break;
> 168 case SSL_ERROR_ZERO_RETURN:
> 169 len = -1;
> 170 break;
> 171 case SSL_ERROR_SYSCALL:
> 172 AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
> 173 "SSL Error: Premature close");
> 174 len = -1;
> 175 break;
> 176 default:
> 177 len = -1;
> 178 break;
> 179 }
> 180 return len;
> 181 }
> <<<
> At the default case in the switch online 176, the value of len should not be
> "-1".
> SSL_get_error() return SSL_ERROR_WANT_READ.
> The specifications of SSL_read() seem to be as follows.
> >>>
> In this case a call to SSL_get_error(3) with the return value of SSL_read()
> will yield SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE.
> As at any time a re-negotiation is possible, a call to SSL_read() can also
> cause write operations!
> The calling process then must repeat the call after taking appropriate action
> to satisfy the needs of SSL_read().
> <<<
> (http://www.openssl.org/docs/ssl/SSL_read.html#NOTES)
> I could get a response message when I debug as follows.
> ${axis2c_src}/src/core/transport/http/sender/http_client.c
> >>>
> 413 /* read the status line */
> 414 do
> 415 {
> 416 memset(str_status_line, 0, 512);
> 417 while ((read = axutil_stream_read(client->data_stream, env,
> tmp_buf,
> 418 1)) > 0)
> 419 {
> 420 tmp_buf[read] = '\0';
> 421 strcat(str_status_line, tmp_buf);
> 422 if (0 != strstr(str_status_line, AXIS2_HTTP_CRLF))
> 423 {
> 424 end_of_line = AXIS2_TRUE;
> 425 break;
> 426 }
> 427 }
> + 428 /* debug */
> + 429 #if 0
> 430 if (read < 0)
> 431 {
> 432 AXIS2_LOG_DEBUG(env->log, AXIS2_LOG_SI, "[axis2c] http
> client , response timed out" );
> 433 AXIS2_ERROR_SET(env->error,
> 434 AXIS2_ERROR_RESPONSE_TIMED_OUT,
> 435 AXIS2_FAILURE);
> 436 return -1;
> 437 }
> 438 else if (read == 0)
> + 439 #endif
> + 440 if(read == 0)
> 441 {
> 442 AXIS2_ERROR_SET(env->error,
> 443 AXIS2_ERROR_RESPONSE_SERVER_SHUTDOWN,
> 444 AXIS2_FAILURE);
> 445 AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "Response error,
> Server Shutdown");
> 446 return 0;
> 447 }
> <<<
> However, this is my temporary modification.
> What kind of method will be appropriate?
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
