Hi All,
I've been banging my head against the wall for the last few days trying
to get session renegotiation working in a server I'm working on, and I'm
hoping someone here can give me a clue. I'm using openssl-0.9.8i.
Our server has one background thread constantly calling SSL_read() to
drain incoming data. There are multiple threads generating outgoing data
but all the SSL_write() calls are serialized with a semaphore. All I/O
is blocking. The sockets are very long lived, so the renegotiation is
used to periodically switch session keys.
I've done a fair bit of web searching, and have found conflicting
information on how to properly trigger a renegotiation, with different
suggestions for server side vs. client side. A typical server side
example is
SSL_renegotiate();
SSL_do_handshake();
ssl->state = SSL_ST_ACCEPT;
SSL_do_handshake();
while a typical client side example is
SSL_renegotiate();
SSL_do_handshake();
Looking in O'Reilly's Network Security WIth Open SSL, it seems that as
of 0.9.7 I can just do SSL_renegotiate() from either side of a
connection and the underlying library will just do the right thing and I
can use SSL_renegotiate_pending() to determine if/when the renegotiation
has completed.
The problem I'm running into is that this last approach seems to
sometimes work, but periodically I get errors up from SSL_read() or
SSL_write(). For example, "decryption failed or bad record mac" or "ssl
handshake failure".
I get the feeling I'm missing some piece of this puzzle. Can anyone help
me out?
Thanks,
Wayne.
