This question is asked a lot. With asynchornous sockets, you need to check the err using SSL_get_error. If the error IS SSSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE then you need to call SSL_accept again. I would reccommend adding the FD back into your select queue based on the read/write status, and call the accept function again based on the socket availability, since you are using asynch sockets.
Oh wait. Asynch sockets on windoze? I forgot the semantics on that platform. You already have a registered window handler or something that can handle the callback. Just maintain the current state of the connection within the ssl context and act accordingly and you probably don't need to mess with the select. Tim --- "Thomas J. Hruska" <[EMAIL PROTECTED]> wrote: > At 01:41 PM 10/31/2002 +0800, Pj writeth: > >Hello OpenSSL experts, > > > >I have written a working web server in C (non > blocking asynchronous), and > wish to incorporate OpenSSL into it. > >I have used the example > openssl-0.9.6g\demos\ssl\serv.cpp to help with the > process... > > > >My server compiles, links and runs ok (so far so > good), but returns an > error (err = -1) from the line below and bombs out > when I connect via a web > browser (https://127.0.0.1:6010/x.htm) (Im using > port 6010 for my tests) > > > >err = SSL_accept (ssl); (complete function below) > > > >does any one know what this might be? > >The socket passed into SSL is a valid socket just > accepted by the accept > code... > > > >could my certificates be no good? > > The first question that runs through my mind is: > Why write your own web > server when so many other web servers are likely to > be more powerful, > stable, and versatile than yours? It is a good > exercise of one's > programming skills, but considering that more > powerful tools already exist, > I just felt the urge to ask about your motivation > for development of yet > another web server. > > To answer your question: SSL_accept() can "fail" > when using non-blocking > sockets. I don't remember the exact error message > associated with the fail > state, but basically you have to repeat the call to > SSL_accept() with the > same parameters until it succeeds. During this > time, the client selects a > certificate to send back (or not) and other > handshaking sorts of things > take place. Since this process can take a while, > SSL_accept(), when using > non-blocking sockets, returns so that it does not > consume any extra time > while waiting for data. > > Hope this helps! > > > Thomas J. Hruska -- > [EMAIL PROTECTED] > Shining Light Productions -- "Meeting the needs of > fellow programmers" > http://www.shininglightpro.com/ > ______________________________________________________________________ > OpenSSL Project > http://www.openssl.org > User Support Mailing List > [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] __________________________________________________ Do you Yahoo!? HotJobs - Search new jobs daily now http://hotjobs.yahoo.com/ ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
