---------------------------- Original Message ---------------------------- Subject: Re:Re: BIO_read is continuously returning "-1" From: "Gayathri Sundar" <[EMAIL PROTECTED]> Date: Wed, December 28, 2005 4:59 am To: openssl-users@openssl.org --------------------------------------------------------------------------
If the Client Http Request has Http Version as 1.0 in its GET request or if the Connection: Close header is sent as part of the Client's GET request, the Server has to come back with Connection: Close..if the server follows RFC strictly..safest way is for the client to send HTTP 1.0 as its protocol version. The snipped is fine, can you give the code that sends the HTTP Request once SSL handshake is thro? Thanks --Gayathri Thanks Gayatri, I dont have access to the server, so I wont be able to verify that. I dont think that it is needed as both clients interacting with same server. For one client it is working and for second it is not, so I dont think that server has any problem. Also how can I make a client to get "Connection: Close" header as part of the response from server? I think there is some small mistake I am making, but not able to figure it out. Here is part of the code which creats connection object SSL_load_error_strings(); OpenSSL_add_ssl_algorithms(); ssl_ctx=SSL_CTX_new(SSLv23_client_method()); SSL_CTX_set_options(ssl_ctx,SSL_OP_ALL); /* tried to reset to all option again */ ssl=SSL_new(ssl_ctx); SSL_set_connect_state(ssl); ssl_bio=BIO_new(BIO_f_ssl()); BIO_set_ssl(ssl_bio,ssl,BIO_CLOSE); sprintf(host, "%s:%i", host_name, port_num); out=BIO_new(BIO_s_connect()); BIO_set_conn_hostname(out,host); BIO_set_nbio(out,1); out=BIO_push(ssl_bio,out); You may be able to catch the problem. Thanks, Pankaj On 12/28/05, Gayathri Sundar <[EMAIL PROTECTED]> wrote: > Forgot to mention that perhaps your client does not understand HTTP 1.1? > Check whether the redirect request came back to the server. > > > > Hi Pankaj., > > > > This difference in the HTTP response header is very critical. > > It influences the way in which the Client is going to behave. > > > > In case of 1, as the "Connection: Close" header is sent as part of the > > response, the http server will initiate the tcp teardown and need not > > bother sending the content length of the application payload. > > > > In case of 2, the client is expected to keep the HTTP connection alive, so > > that perhaps subsequent http requests can be pipelined, this is a feature > > of HTTP1.1. > > > > when a 302 is sent from the server, it means that either a "REDIRECT" req > > needs to be sent by the client as the "http resource" is not available in > > the requested path, so this redirect url will be as part of the "Redirect" > > header of the HTTP response, also as the connection keep alive has been > > set, the redirect request from the client will have to go on the same tcp > > connection over which the 302 was got, which is not supported by your ssl > > server? > > > > Thanks > > --Gayathri > > > > When I tried to print the values returned by BIO_read it shows > > > > -1, 8, 12, 30, 24, 79, 407, 47, 10, 2, 61, 2, 3, 2, 80, 2, 2, -1, -1, > > -1......... , -1 > > > > I tried to catch the error using perror which shows the error message > > "Error 0" till the return value 2, after that "Resource temporarily > > unavailable" for all "-1" returned values. > > > > If you want to see code then let me know. > > > > > > > > > > > > On 12/28/05, Pankaj <[EMAIL PROTECTED]> wrote: > >> I am quite new for the OpenSSL programming. I am using Perl client > >> program and C client program for connecting to the same server. > >> > >> Perl script works fine with the get_https request. But in C, I am > >> getting "-1" return value from the server while reading. > >> > >> C program implimentation is same as of sslcat method of SSLeay.pm > >> module. > >> > >> I tried to differentiate between the reply header and found that there > >> is only single difference between them as : > >> > >> Perl client script: > >> CONNECTION: close > >> > >> C Script: > >> HTTP/1.1 302 Found > >> Proxy-Connection: Keep-Alive > >> Connection: Keep-Alive > >> > >> i.e. 2 extra lines with difference in Connection header. Rest of the > >> returned header content is same for both. I am not understanding that > >> if server is getting connected for the Perl script (which uses > >> Net::SSLeay::get_https() method), then what is the problem with the C > >> code? > >> > >> While debugging I found that it getting connected, accepts request and > >> replys back with the series of chunks (in BIO_read), but it seems that > >> it is not ending (no "0" return). contineously it is giving "-1". > >> > >> > >> I am using openssl-0.9.7g version. If you require code then I will > >> provide in next email. > >> > >> Any help in this regard will greatly appreciated. > >> > >> > >> -- > >> Best Regards, > >> Pankaj Solanki > >> [EMAIL PROTECTED] > >> > >> > >> "The Price of Greatness is responsibility over each of your thoughts" > >> > > > > > > -- > > Best Regards, > > Pankaj Solanki > > [EMAIL PROTECTED] > > Ph : 09810823740. > > > > "The Price of Greatness is responsibility over each of your thoughts" > > ______________________________________________________________________ > > OpenSSL Project http://www.openssl.org > > User Support Mailing List openssl-users@openssl.org > > Automated List Manager [EMAIL PROTECTED] > > > > > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] > -- Best Regards, Pankaj Solanki [EMAIL PROTECTED] Ph : 09810823740. "The Price of Greatness is responsibility over each of your thoughts" ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
