Re: SSL_accept error handling

Tue, 07 Aug 2001 09:28:54 -0700 

On Tue, Aug 07, 2001 at 05:28:25PM +0100, Garrard Cole wrote:
> I have an SSL-enabled POP server using OpenSSL 0.9.4. running on Windows NT
> using non-blocking socket i/o.

0.9.4 is quite old, a lot of bugs have been fixed since the release of 0.9.4.
Please upgrade to 0.9.6b.

> One particular customer has their POP client (Eudora 5.1) setup to check
> mail every minute. After about an hour or so, the customer receives a
> connection failure and the server log shows the SSL initialisation failed
> with the following error
> 
>         error:00000000:lib(0):func(0):reason(0) (0)

This means, that no error was detected.
(error in the sense of a hard error internally detected in the library)

> I include a code fragment below for the server accept function, which is
> based on some OpenSSL sample code.
> 
> I dont know how to resolve this. Any suggestions? Is the error handling
> correct?

No. Please check out SSL_get_error() with all options, especially
SSL_ERROR_ZERO_RETURN.

You could use ssldump to get a dump of the faulty connection, but you will
see quite a lot of data before it comes to the interesting part.

> AFAIK, Eudora uses it's own SSL implementation. Assuming this, are there
> any known interoperability issues between OpenSSL and the Eudora
> implementation?

I have not heard of any (whatever this means :-).

>     do
>     {
>         err = SSL_accept( ssl );
>         error = SSL_get_error( ssl, err );
>     } while ( error == SSL_ERROR_WANT_READ || error == SSL_ERROR_WANT_WRITE );

Did you leave out select() (or whatever its called on Windblows)? If not,
you are burning cycles waiting on the process to continue.

At this point, further evalute "error", at least print it to get more
information.


>     if ( err <= 0 )
>     {

>         error = ERR_get_error();
> 
> ERR_error_string( error, buf );

Read the manual page for ERR_get_error(). "error == 0" means, that no
more errors are in the error queue:
  if (error != 0)
     ERR_error_string(error, buf);

Best regards,
        Lutz
-- 
Lutz Jaenicke                             [EMAIL PROTECTED]
BTU Cottbus               http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik                  Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus              Fax. +49 355 69-4153
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to