RE: Using SSL_accept with non blocking socket

Wed, 06 Sep 2000 16:44:45 -0700 

If you get an error result from either SSL_connect or SSL_accept you should
call SSL_get_error. This can give you a number of different results
indicating such things as remote end closing connection, system error, ssl
protocol error, write blocked or read blocked. In the case of the last two
you need to select on the socket, monitoring for the appropriate event. If
you get it then make the original SSL_* call again.


-----Original Message-----
From: Miha Wang
To: [EMAIL PROTECTED]
Cc: Miha Wang
Sent: 9/6/00 7:15 PM
Subject: Using SSL_accept with non blocking socket


Hi, all -

I am trying to write both sever/client that using non blocking socket.
I am not using BIO based read/write. Here is what my code look like -
The
code is almost
same as the serv.cpp and cli.cpp under demos/ssl, except I am seting non
blocking
option (O_NONBLOCK)

SERVER:
========
        SSL             *ssl;
        SSL_CTX         *ctx;

        listen_sd  = socket(..)
        flag = fcntl(listen_sd, F_GETFL);
        fcntl(listen_sd, F_SETFL, flag | O_NONBLOCK);
        bind(listen_sd, ...);
        listen(listen_sd,...);
        select(listen_sd+1, ...);

        sd = accept(listen_sd, ...);

        flag = fcntl(sd, F_GETFL);
        fcnt(sd, F_SETFL, flag | O_NONBLOCK);

        ctx = SSL_CTX_new(...);
        ssl = SSL_new(ctx);
        SSL_set_fd(ssl, sd);
        SSL_accept(ssl);

        for (;;) {
           SSL_read(ssl);
           SSL_write(ssl);
        }

CLIENT:
======

        sd = socket(...);
        flag = fcntl(sd, F_GETFL);
        fcnt(sd, F_SETFL, flag | O_NONBLOCK);

        connect(sd,...);

        ctx = SSL_CTX_new(...);
        ssl = SSL_new(ctx);
        SSL_set_fd(ssl, sd);
        SSL_connect(ssl);

        SSL_write(ssl);
        SSL_read(ssl);

The problem is that SSL_accept() failed (return -1). I could not get
error
code witn ERR_print_errors and I
don't know why.  Does anyone know what's wrong with this piece of code
or if
it makes sense? The reason
I am not using BIO is that I would like to manage both non-SSL and SSL
connection over the socket.
Can I do something like that? Any help is appreciated.

Miha

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to