In addition to the earlier email, I would like to ask the developers if we want to call SSL_read() function once more if the result error code is SSL_ERROR_WANT_READ.
--- Nikhil Chauhan <[EMAIL PROTECTED]> wrote: > Hi: > > Dug inside some of the freeRADIUS code. The function > SSL_get_error() gets called which returns error > code, > if any. These error codes are defined within the > openssl source code. > > SSL_get_error() is described at: > http://www.openssl.org/docs/ssl/SSL_get_error.html > > <openssl-root>/ssl/ssl.h defines these error codes. > I get an Error code=2 which is SSL_ERROR_WANT_READ > which means: > > The operation did not complete; the same TLS/SSL I/O > function should be called again later. If, by then, > the > underlying BIO has data available for reading > (if the result code is SSL_ERROR_WANT_READ) or > allows > writing data (SSL_ERROR_WANT_WRITE), then some > TLS/SSL > protocol progress will take place, i.e. at least > part > of an TLS/SSL record will be read or written. Note > that > the retry may again lead to a SSL_ERROR_WANT_READ or > SSL_ERROR_WANT_WRITE condition. There is no fixed > upper > limit for the number of iterations that may be > necessary until progress becomes visible at > application > protocol level. > > Caveat: Any TLS/SSL I/O function can lead to either > of > SSL_ERROR_WANT_READ and SSL_ERROR_WANT_WRITE. In > particular, SSL_read() or SSL_peek() may want to > write > data and SSL_write() may want to read data. This is > mainly because TLS/SSL handshakes may occur at any > time > during the protocol (initiated by either the client > or > the server); SSL_read(), SSL_peek(), and SSL_write() > will handle any pending handshakes. > > Artur, any inputs on how you resolved the issue??? > > Thanks again, > Nikhil. > > --- Artur Hecker <[EMAIL PROTECTED]> wrote: > > > > ah, that's a good one > > > > > > Nikhil Chauhan wrote: > > > > > > I generated the certificates as per the HOWTO > > > by Raymond MacKay. I get a SSL_read Error > (Please > > > see the attached radius server log). > > > > > > > > > TLS_accept:error in SSLv3 read client > certificate > > A > > > rlm_eap_tls: SSL_read Error > > > Error code is ..... 2 > > > SSL Error ..... 2 > > > modcall[authenticate]: module "eap" returns ok > > > modcall: group authenticate returns ok > > > > you are talking about that one right? > > > > there is to say, i've been having this error ever > > since (v0.5) and it > > seems to work but i would indeed like to know what > > it actually is... > > > > anybody an idea? some openssl expert? > > > > > > ciao > > artur > > __________________________________________________ > Do you Yahoo!? > Yahoo! Mail Plus - Powerful. Affordable. Sign up > now. > http://mailplus.yahoo.com > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
