Hey everyone. Been a long time since I've been able to spend much time on SSL code, but here I am again.
My app is a client side HTTP/HTTPS application, and the problem that recently showed up (more likely it was just recently noticed) is a problem of sorts with SSL_read(). But only with some servers. Connections to other servers work just fine. Here's a snippet of the code giving problems: n = SSL_read(c->data, c->buf+c->bufend, len); if (n <= 0) { int sslerr = ERR_get_error(); errcode = SSL_get_error(c->data, n); if (errno) eptr = strerror(errno); if (sslerr) { (void *)ERR_error_string(sslerr, errbuf); errptr = errbuf; } switch(errcode) { case SSL_ERROR_SYSCALL: /* Some kind of I/O error; */ if (DebugSSL) { if (sslerr) /* SSL IO error? */ { /* SSL_13013:I:Problem in SSL_read():%s: %s:%d */ if (errptr && *errptr) ERROR(errmsgs[SSL_13013], errptr, __FILE__, __LINE__); else ERROR(errmsgs[SSL_13013], "SSL_ERROR_SYSCALL" , __FILE__, __LINE__); } else if (eptr && *eptr) /* Some system error - check errno */ ERROR(errmsgs[SSL_13013], eptr, __FILE__, __LINE__); else if (n == 0) ERROR(errmsgs[SSL_13013], "SSL_ERROR_SYSCALL/EOF" , __FILE__, __LINE__); // XXXXXXX else ERROR(errmsgs[SSL_13013], "SSL_ERROR_SYSCALL/SOCKET" , __FILE__, __LINE__); } sslsock_shutdown(c); return -1; break; . . . // leaving out unrelated error handling } } The error being logged is SSL_ERROR_SYSCALL/EOF - the section marked with "XXXXXXX". Far as I can tell, this really shouldn't happen. There appear to be no problems in the SSL_connect phase. This code snippet is from the first read after the connection is established - the first attempt to read the headers. My first assumption was that I must have mishandled the error condition somehow. I reread the manpages for SSL_read() and SSL_get_error(), and unless I'm interpreting these pages incorrectly, I have it right in the code above. Also, I should note that regular browsers have no problem conecting to the server, and my client app has no trouble connecting to other secure servers. The problem has been occurring with my app linked to OpenSSL 0.9.7a, but is easily reproduced with 0.9.7e. Here's the server string returned by the origin: Server: IBM_HTTP_SERVER/1.3.19 Apache/1.3.20 (Unix) Anyone have any ideas how best to debug this? TIA Lou -- Louis LeBlanc [EMAIL PROTECTED] Fully Funded Hobbyist, KeySlapper Extrordinaire :) http://www.keyslapper.org ԿԬ Committee, n.: A group of men who individually can do nothing, but as a group can decide that nothing can be done. -- Fred Allen ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]