Hello,
I played around with NS-Browser and the 128 bit step-up. Because the browser
does a second SSL negotiation it is necessary to handle this kind of error
condition (renegotiation). The following patch does work, but most probably
it is not the whole truth, that means there are probably other conditions
which should be handled (also after SSL_write ?).
buff.c
------
...
#ifdef APACHE_SSL
if (fb->ssl) {
rv = SSL_read(fb->ssl, buf, nbyte);
/** support for 128 bit stepup **/
if ((rv < 0) && (SSL_get_error(fb->ssl, rv) == SSL_ERROR_WANT_READ)) {
errno = EINTR;
}
}
else
#endif
rv = read( fb->fd_in, buf, nbyte );
...
regards
Matthias
-------------------------------------------------------------------------------
Matthias Loepfe, AdNovum Informatik AG, Roentgenstr. 22, CH-8005 Zurich
Email: [EMAIL PROTECTED] Voice: +41 1 272 6111 Fax: +41 1 272 6312
______________________________________________________________________
Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
