Hello, I'm debugging a problem with ucspi-ssl<http://www.superscript.com/ucspi-ssl/index.html>, an open-source SSL client and server wrapper. The client wrapper seems to run into an infinite loop sometimes when the server abruptly closes the socket without shutting down SSL properly.
The problem seems to be the handling of SSL_ERROR_SSL. The code currently handles SSL_ERROR_SSL by checking the system errno, and returning to its I/O loop (select(2)/SSL_read/SSL_write) if it is EAGAIN, EINTR, or 0. In this case, errno is 0, so it keeps trying again indefinitely. Ending the program immediately without returning to the I/O loop seems to fix this problem. However, I am not sure if this could cause problems in other cases. What I am wondering is: Does the system errno necessarily have any meaning after SSL_ERROR_SSL? And does it ever make sense to return to the I/O loop after this error? Or does it always indicate that things are too far gone to recover from? Thanks! -----Scott.
