Re: Handshake blocks with Linux but not Sparc

Tue, 16 May 2000 08:43:06 -0700 

Has anybody got any thoughts about this problem?

It's infuriating that openssl 0.9.3 appears not to work as expected with
Linux. There maybe some socket issues that I am not aware of, if anybody
has any ideas please help,

cheers,
Sarah

Sarah Bateman wrote:

> Hi,
>
> Last year I posted a problem with a blocking handshake
> (Date 1999-06-25, "Interesting Handshake behaviour",
> http://marc.theaimsgroup.com/?l=openssl-users&m=93032848224537&w=2)
> and recieved alot of help but the only solution in the end was to
> upgrade to openssl 0.9.3, which has been successful, until now.
>
> The handshake does not block when compiled on a sparc 5 server but does
> when compiled on Linux Redhat 6.1. (using egcs compiler in both cases).
> Once the handshake is complete the server _appears_  not to block.
>
> I'd be very grateful for any ideas as to what's happening and possible
> solutions.
>
> relevant snippets of the C++ Code included below.
>
> cheers,
> Sarah
>
> set the listen socket fd (set O_NONBLOCKflag) to be non-blocking after
> bind, ie. before any SSL calls
>
> SSL_METHOD *meth=SSLv23_server_method();
> SSLeay_add_all_algorithms();
> SSL_load_error_strings();
> ctx = SSL_CTX_new (meth);
> SSL_CTX_use_certificate_file(ctx,certificate_file_buf.c_str(),
>                                    SSL_FILETYPE_PEM) <= 0)
> SSL_CTX_use_PrivateKey_file(ctx,key_file_buf.c_str(),
>                                   SSL_FILETYPE_PEM) <= 0)
> SSL_CTX_check_private_key(ctx)
> SSL_CTX_set_cipher_list(ctx,cipherlist);
>
> After the socket accept -
>
> ssl = SSL_new (ctx);
> SSL_set_accept_state(ssl);
> SSL_set_fd (ssl, sd);
>
> When we have a read event on the socket -
>
> if(!SSL_is_init_finished(ssl))
> {
>     switch (SSL_get_error(ssl,acceptval))
>         {
>          // errors indicating a retry
>         case SSL_ERROR_NONE:             /* 0 */
>         case SSL_ERROR_WANT_READ:        /* 2 */
>         case SSL_ERROR_WANT_WRITE:       /* 3 */
>         case SSL_ERROR_WANT_X509_LOOKUP: /* 4 */
>         case SSL_ERROR_WANT_CONNECT:     /* 7 */
>           // need to do the accept again, so return
>           // to the eventloop,
>
>                   case SSL_ERROR_SSL:              /* 1 */
>         case SSL_ERROR_SYSCALL:          /* 5 */
>         case SSL_ERROR_ZERO_RETURN:      /* 6 */
>         default:
>           // the handshake has failed, so drop connection
>         }
> }
>
> // once the handshake has finished, read the data
> res=SSL_read(ssl,(char *)p,buflen);

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to