> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Dr.
> Stephen Henson
> Sent: Tuesday, August 24, 2004 11:11 AM
> To: [EMAIL PROTECTED]
> Subject: Re: Question regarding an error
>
> On Tue, Aug 24, 2004, Edward Chan wrote:
>
> > Hi there,
> >
> > Can anybody tell me what the following error means?
> >
> > error:00000005:lib(0):func(0):DH lib
> >
> > It seems to happen when I do an SSL_read().
> >
> > I've downloaded and built openssl-0.9.7d on Windows. I'm using
> > OpenSSL on my server. The client does not use OpenSSL. It uses
> > WinINET API's to handle the SSL handshake.
> >
> > As far as I can tell, the SSL_accept() call was successful. The
> > client was also able to receive the certificate that I
> generated using
> > OpenSSL, and it popped up the dialog box that warns that it
> is from an
> > untrusted Certificate Authority, as expected. I select "Yes" to
> > continue. But even before that, on the server side, the call to
> > SSL_read() fails with the error above. Can anybody tell me
> what it means?
> >
> > BTW, I've set the SSL_MODE_AUTO_RETRY mode on the SSL_CTX used to
> > create the SSL object passed to SSL_read().
> >
> > I've also called SSL_CTX_set_tmp_dh_callback() to setup the
> DH callback.
> > But it doesn't get called.
> >
>
> What code are you using to display that error? It looks like
> something is being passed to the error routines that isn't a
> valid error.
int iRet = SSL_read(m_pSSL, buf, len);
if (iRet <= 0)
{
char tmp[256];
ERR_error_string_n(SSL_get_error(m_pSSL, iRet), tmp,
sizeof(tmp));
DEBUG_TRACE1(_T("SSLConnection::read() : %s"), tmp);
}
>
> Woth regard to your main problem: it is possible the client
> closes the connection while it is waiting for the dialog boz
> response (possibly
> impolitely) and opens a new one later: that could be the cause.
Hmm, interesting...let me investigate this possibility. Since the client
side is all happening inside Microsoft API's, I can't tell what it is doing
under the hood, but I can check to see if the socket is still in an active
state. But I don't see any reason why it would close it. But who knows.
>
> Steve.
> --
> Dr Stephen N. Henson. Email, S/MIME and PGP keys: see
> homepage OpenSSL project core developer and freelance consultant.
> Funding needed! Details on homepage.
> Homepage: http://www.drh-consultancy.demon.co.uk
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
