Mark Voortman wrote: > [...] > I just ran into a problem with the openssl egg. If I run the code below > and browse to https://localhost/ it shows the certificate and everything, > but the page keeps loading. Only when I kill the server it actually shows > the page. My guess is that close-input-port and close-output-port don't > work properly. Does anyone know how to fix this? > [...]
Hello, the problem is, that closing the in and output ports of an SSL connection attempts to do a clean shutdown of the SSL connection. This may sometimes take a while because CHICKEN blocks the thread for I/O longer than necessary or because the other endpoint of the communications channel behaves uncooperatively (which, for some unknown reason, seems to be often the case with clients using the Netscape SSL library). Other than setting a timeout or introducing a maximum retry count in the openssl egg code, the only way I can think of to do a hard shutdown is to abandon both ports and perform a close syscall on the file descriptor of the communications socket. The rationale for not doing such a forced close is, that the SSL library is theoretically allowed to keep internally cached state between different connections with the same peer and without clean shutdown all kinds of strange behavior are apparently allowed to happen if you ever connect again with the same communications partner -- of course this doesn't really apply in reality ;-) cu, Thomas _______________________________________________ Chicken-users mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/chicken-users
