Venu,
I see the similar problem too.
But, for me when I do a ssldump i see C>S bad_record_mac.
That seems to be the reason for SSL_read returning 0/SSL_ERROR_SYSCALL.
Do you see that?
It would be great if you can share the info.
thanks,
vijo.
On Fri, Nov 02, 2001 at 04:01:33PM +0200, Venugopal Panchamukhi wrote:
> Hi,
> I've modified the client code in such a way that reading and writing
> is done in a single thread. But my basic problem was not cleared. When
> i'm calling select() it is returning the read condition after which the
> read_SSL() method is returning value 0. When i tried to find out the
> error using SSL_get_error() it is giving me SSL_ERROR_SYSCALL. The man
> pages have given that "EOF has occured and it is a violation of the
> protocol."
> Any help on this is greatly appreciated.
>
> The snippet of the code where i'm using select() and SSL_read() is as
> follows:
>
> void receive_thread(void *arg)
> {
> fds *conns;
> int server_fd;
> int HTTPSClient_fd;
> SMSCenter *smsc = NULL;
>
> conns = ((fds *)arg);
> server_fd = http_socket_fd(conns->server);
> HTTPSClient_fd = conns->HTTPSClient_fd;
> smsc = (SMSCenter *)conns->smsc;
> while(1)
> {
> int rc = 0;
> fd_set rf, wf;
> HTTPSocket *client;
> struct timeval tv;
>
> FD_ZERO(&wf);
> FD_ZERO(&rf);
> FD_SET(server_fd, &rf);
> FD_SET(HTTPSClient_fd, &rf);
> FD_SET(HTTPSClient_fd, &wf);
> tv.tv_sec = 0;
> tv.tv_usec = 1000;
> rc = select(FD_SETSIZE, &rf, &wf, NULL, &tv);
> if(rc < 0)
> {
> if(errno == EINTR || errno == EAGAIN)
> continue;
> error(errno, "select(2) failed");
> }
> else if(rc > 0 && FD_ISSET(server_fd, &rf))
> {
> client = http_server_accept_client(conns->server);
> if(client != NULL)
> {
> jobqueue_add_job(serve_client, client);
> }
> }
> mutex_lock(request_Mutex);
> if(rc >0
> && FD_ISSET(HTTPSClient_fd, &wf)
> && (emptyList(request_list) != TRUE) )
> {
> mutex_unlock(request_Mutex);
> http_post_ssl((void *)smsc);
> }
> mutex_unlock(request_Mutex);
> if(rc > 0 && FD_ISSET(HTTPSClient_fd, &rf))
> {
> read_responces((void *)smsc);
> }
> }
> }
>
>
> void read_responces(void *arg)
> {
> int l=0;
> SSL *ssl;
> char buf[4096];
> int SSL_error;
> char *request;
> SMSCenter *smsc = (SMSCenter *)arg;
> int read_blocked = 0;
>
> memset(buf, 0, 4096);
> ssl = get_session(conn);
>
> readrepeat:
>
> debug("test",0,"Thread read_responces started...");
>
> read_blocked = 0;
> do
> {
> l = 0;
> l = SSL_read(ssl, buf, 4096);
> if( l < 0)
> {
> switch(SSL_get_error(ssl, l))
> {
> case SSL_ERROR_WANT_READ:
> error(0, "SSL_ERROR_WANT_READ in SSL_read() <
> 0");
> read_blocked = 1;
> break;
> case SSL_ERROR_WANT_WRITE:
> error(0, "SSL_ERROR_WANT_WRITE in SSL_read()
> < 0");
> read_blocked = 1;
> break;
> default:
> error(0, "default: ERROR in reading in ssl");
>
> };
> }
> else if(l == 0)
> {
> int ret = 0;
> int wait = 0;
>
> read_blocked = 1;
> debug("smsc_http", 0, "No data to read");
> switch(SSL_get_error(ssl, l))
> {
> case SSL_ERROR_WANT_READ:
> read_blocked = 1;
> error(0, "SSL_ERROR_WANT_READ in
> SSL_read()");
> break;
> case SSL_ERROR_WANT_WRITE:
> read_blocked = 1;
> error(0, "SSL_ERROR_WANT_WRITE in
> SSL_read()");
> break;
> case SSL_ERROR_ZERO_RETURN:
> error(0, "SSL_ERROR_ZERO_RETURN in
> SSL_read()");
> break;
> case SSL_ERROR_NONE:
> error(0, "SSL_ERROR_NONE in SSL_read()");
> break;
> case SSL_ERROR_WANT_CONNECT:
> error(0, "SSL_ERROR_WANT_CONNECT in
> SSL_read()");
> break;
> case SSL_ERROR_WANT_X509_LOOKUP:
> error(0, "SSL_ERROR_WANT_X509_LOOKUP in
> SSL_read()");
> break;
> case SSL_ERROR_SYSCALL:
> error(0, "SSL_ERROR_SYSCALL in SSL_read()");
> break;
> case SSL_ERROR_SSL:
> error(0, "SSL_ERROR_SSL in SSL_read()");
> break;
> default:
> error(0, "default: ERROR in reading in ssl");
>
>
>
> for(; ret != 1; )
> {
> ret = http_reopen(smsc);
> sleep(wait);
> wait = wait + 1;
> }
> /* move_unack(); */
> continue;
> };
> }
> else if(l > 0)
> {
> char *p1 = NULL;
> char *p2 = NULL;
>
> debug("smsc_http", 0, "The received buffer %s", buf);
>
> p1 = buf;
> p2 = (char *)strstr((const char *)p1, "200 OK");
> for(; p2 != NULL; )
> {
>
> /*****************************************************/
> /* Added by Venu */
>
> mutex_lock(unackReq_Mutex);
> first_unackRequest = getNthNode(unack_list, 1);
> request = (char *)(first_unackRequest->data);
> delNode(&unack_list, first_unackRequest);
> mutex_unlock(unackReq_Mutex);
> debug("test",0,"Member removed from unack_list");
>
> gw_free(request);
>
>
> /*****************************************************/
> p1 = p2 + 6;
> p2 = (char *)strstr((const char *)p1, "200 OK");
> }
> }
> } while(SSL_pending(ssl) && !read_blocked);
> }
>
>
> Thanks,
> Venu
>
>
>
> Dr S N Henson wrote:
>
> > Venugopal Panchamukhi wrote:
> > >
> > > Hi,
> > > I'm not using the SSL structure. I'm using a single-linked list
> > > library. Would that imply that any one data structure which is
> > > commonly used by 2 threads ( read thread & write thread) which are
> > > reading and writing on a single SSL connection is a SSL structure
> > > otherwise you are referring to some SSL custom made data structure.
> > > Could you be bit more elaborate on this, please.
> >
> > What makes you think you aren't using an SSL structure? SSL_read() and
> > SSL_write() take an SSL structure as their first parameter.
> >
> > > Moreover, what is the action that is to be taken when SSL_read()
> > > returns either SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE and
> > > vice-versa in the case of SSL_write() - because a handshake could
> > > occur at anytime.
> > >
> >
> > Look at the SSL_get_error() manual page.
> >
> > > Moreover, would it be a good idea to spawn a new thread everytime
> > > select returns on the read condition or would it be better to have a
> > > single thread and doing in the things in the form of infinite loop.
> >
> > In a multi threaded application all I/O on a single SSL structure is
> > normally done in the same thread. Using the same SSL structure in
> > different threads is likely to cause problems.
> >
> > Steve.
> > --
> > Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
> > Personal Email: [EMAIL PROTECTED]
> > Senior crypto engineer, Gemplus: http://www.gemplus.com/
> > Core developer of the OpenSSL project: http://www.openssl.org/
> > Business Email: [EMAIL PROTECTED] PGP key: via homepage.
> >
> > ______________________________________________________________________
> > OpenSSL Project http://www.openssl.org
> > User Support Mailing List [EMAIL PROTECTED]
> > Automated List Manager [EMAIL PROTECTED]
>
> --
> Venugopal Panchamukhi
> Mobile# +358-(0)9-4110 1675
> E-Mail: [EMAIL PROTECTED]
> [EMAIL PROTECTED]
>
>
--
vijo
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
