That did it thanks :)
-----Original Message-----
From: John Denney [mailto:[EMAIL PROTECTED]]
Sent: Friday, March 30, 2001 3:21 PM
To: [EMAIL PROTECTED]
Subject: Re: Help with SSL Server on Solaris vs. Linux
The data you read was part of the ssl connect/accept handshake, which is
now unavailable to SSL_accept. Don't read; do SSL_accept instead.
Albert Gallego wrote:
>
> << You must correctly evaluate the return value of SSL_get_error().
> The return value 2 means:
> #define SSL_ERROR_WANT_READ 2
> so it seems that you are using a non-blocking socket and you have to
> call SSL_accept() again and again until success was reached.
> ERR_print_errors* etc won't show you anything because this isn't error
> but just an intermediate state on the way to success. >>
>
> Thanks a ton for the reply :)
>
> Unfortunatly I tried that, by polling that fd. The first time through
poll
> told me that indeed there was information to be read from the socket, so I
> read all the data. Then I tried accept again. From there is fails with
the
> same error, and I poll again. This time however poll timed out (with a
> timeout of 10 seconds) because there wasn't any data left to be read from
> the socket, I then try SSL_accept again, and still no dice. Here's the
code
>
> temp_ret = SSL_accept(p_ssl);
> if (temp_ret != 1)
> {
> char str_read[2048];
> int poll_ret;
> struct pollfd mypollfd;
> int n_read;
> int error_code = SSL_get_error(p_ssl, temp_ret);
>
> mypollfd.fd = connfd;
> mypollfd.events = POLLIN;
>
> while (temp_ret != 1 && (error_code == SSL_ERROR_WANT_READ ||
> error_code == SSL_ERROR_WANT_WRITE))
> {
> poll_ret = poll(&mypollfd, 1, 10000);
>
> if (poll_ret == 1)
> {
> n_read = read(connfd, str_read, 2047);
> str_read[n_read] = '\0';
> }
> temp_ret = SSL_accept(p_ssl);
>
> if (poll_ret == 1 && temp_ret != 1)
> error_code = SSL_get_error(p_ssl, temp_ret);
> else
> error_code = 0;
> }
>
> }
>
> Thanks
> Albert Gallego
>
> -----Original Message-----
> From: Lutz Jaenicke [mailto:[EMAIL PROTECTED]]
> Sent: Friday, March 30, 2001 2:47 AM
> To: '[EMAIL PROTECTED]'
> Subject: Re: Help with SSL Server on Solaris vs. Linux
>
> On Tue, Mar 27, 2001 at 04:08:49PM -0700, Albert Gallego wrote:
> > The error I get from SSL_get_error is 2 and ERR_print_errors_fp(stderr)
> > doesn't print out anything :(
> ...
> > temp_ret = SSL_accept(p_ssl);
> > if (temp_ret != 1)
> > {
> > log_error(ZONE, "Unable to do the accept phase of the SSL
> > connection, %d", SSL_get_error(p_ssl, temp_ret));
> > ERR_print_errors_fp(stderr);
> >
> > SSL_free(p_ssl);
> > return;
> > }
> ...
>
> You must correctly evaluate the return value of SSL_get_error().
> The return value 2 means:
> #define SSL_ERROR_WANT_READ 2
> so it seems that you are using a non-blocking socket and you have to
> call SSL_accept() again and again until success was reached.
> ERR_print_errors* etc won't show you anything because this isn't error
> but just an intermediate state on the way to success.
>
> Best regards,
> Lutz
> --
> Lutz Jaenicke [EMAIL PROTECTED]
> BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
> Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
> Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
