Hi
The same is still present also at 1.0.0a. Is it not a problem?
Now to another question about this part of the code (in the same function):
if (read_from_sslcon)
{
if (!SSL_is_init_finished(con))
{
i=init_ssl_connection(con);
if (i < 0)
{
ret=0;
goto err;
}
else if (i == 0)
{
ret=1;
goto err;
}
}
else /* ... */
suppose non-blocking bio. init_ssl_connection calls SSL_accept and checks
the return. If a retry is needed it returns 1 and the code copied above
continues to the next for loop. However, in this for loop, some progress can
be made only if there is data to read from ssl (SSL_pending is checked), or
there is data to read from stdin, or there is data to read on the socket
(note the select(width, &readfds, NULL, NULL, timeoutp)).
The select however has the writefds=NULL.
If SSL_accept returned with a SSL_ERROR_WANT_WRITE (code does not check it
though), how will a write ever be retried ? There is no guaranty that one of
SSL_read/write/accept is called again.
Regards
Alon
Maxim Perminov wrote:
>
> I rendered into a problem when server makes a lot of writes to client
> in non-blocking mode - this often resulted in shutdown of the session
> with SSL3_WRITE_PENDING:bad write error
> [...]
> When SSL_write returns SSL_ERROR_WANT_WRITE the control jumps out of
> switch loop and modifies variables l (bytes sent) and i (bytes left).
> BUT - k is _negative_ (as it stores the value of error), so l is
> decreased and i is increased. On the next iteration SSL_write is
> called with a different buffer pointer (at that l commonly becomes <0,
> so buf[l] is out of buf bounds), and that is detected inside
> ssl3_write_pending, which now results in SSL_ERROR_SSL error.
>
> Adding k=0 into "case SSL_ERROR_WANT_WRITE:" handler, or replacing
> it's "break" with "continue" completely fixes the problem.
>
> Regards,
> Maxim
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> Development Mailing List [email protected]
> Automated List Manager [email protected]
>
>
--
View this message in context:
http://old.nabble.com/Bug-in-0.9.8j%3A-openssl-s_server--nbio-may-lead-to--SSL3_WRITE_PENDING%3Abad-write-tp22619406p30535105.html
Sent from the OpenSSL - Dev mailing list archive at Nabble.com.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
