On Mon November 21 2011, Arjun SM wrote:
> Well yes, these are not errors. My bad for naming the variable as 'error'.
>
Not my point -
Your logic shows that you think the connection has failed when it has
simple not yet finished with its protocol.
Not finished because you didn't respond to the want-write and/or want-read.
Something which your code must do when using non-blocking sockets.
Mike
> ~Arjun
>
> On Thu, Nov 17, 2011 at 11:50 PM, Michael S. Zick <open...@morethan.org>wrote:
>
> > On Thu November 17 2011, Arjun SM wrote:
> > > Hi,
> > > Thanks for the reply.
> > > I have called the ssl_connect() function again after checking for
> > > SSL_ERROR_WANT_READ
> > > and SSL_ERROR_WANT_WRITE. But I wanted to know if I can optimize my code.
> > > Below is my code
> > >
> > > int counter = 6;
> > > while (status < 0 && --counter >0 )
> > > {
> > > if(status < 0)
> > > {
> > > error=SSL_get_error(ssl,status);
> > > if(error == SSL_ERROR_WANT_READ || error ==
> > > SSL_ERROR_WANT_WRITE)
> > > {
> > > MessageLog.Write("****SSL 1st Connect error ",
> > error);
> > >
> >
> > But these two cases are __not__ errors,
> > you just need to 'read' or 'write' as indicated so the protocol can
> > advance.
> >
> > Mike
> > > usleep(2000000);
> > > status = SSL_connect(ssl);
> > > error=SSL_get_error(ssl,status);
> > > MessageLog.Write("****SSL 2nd Connect error ",
> > error);
> > > }
> > > else
> > > {
> > > break;
> > > }
> > > }
> > > } // end of while
> > >
> > > I would try for some time and break out saying unable to connect. I am
> > sure
> > > I can optimize this code by using select() but I am unable to make it
> > work.
> > > If there is a better approach please do share.
> > >
> > > ~Arjun
> > >
> > > On Tue, Nov 15, 2011 at 9:04 PM, Huaqing Wang <whuaq...@gmail.com>
> > wrote:
> > >
> > > > Hi, Arjun,
> > > >
> > > > For non-blocking case, you have to handle SSL_ERROR_WANT_READ and
> > > > SSL_ERROR_WANT_WRITE
> > > > In that case you need to redo *SSL_connect.*
> > > > *
> > > > *
> > > > Huaqing
> > > >
> > > > On Tue, Nov 15, 2011 at 5:51 AM, Arjun SM <arjun...@gmail.com> wrote:
> > > >
> > > >> Hi all,
> > > >> I am newbie to openssl any help is greatly appreciated.
> > > >>
> > > >> I have a requirement of fetching the Common name (domin name ) from
> > the
> > > >> certificate that I request from any HTTPS websites. I followed the
> > regular
> > > >> method of
> > > >>
> > > >> 1. establish a connection with the ip address using *connect() *system
> > > >> call.
> > > >> 2. Use *SSL_connect()* system call to perform handshake.
> > > >> 3. Use *SSL_get_peer_certificate()* to get the certificate.
> > > >>
> > > >> The problem I faced was that, the connect() call would at times
> > return a
> > > >> errno 4 (EINTR) error . So i changed code from blocking to
> > non-blocking
> > > >> sockets and used select() call to have a valid connection and return
> > an
> > > >> appropriate file descriptor.
> > > >> Now the ssl_connect() call returns SSL_ERROR_WANT_READ
> > > >> or SSL_ERROR_WANT_WRITE error. I am unable to make my code work by
> > adding a
> > > >> select() even on ssl_connect() call.
> > > >>
> > > >> If any one can please help as to how I need to use the ssl_connect()
> > by
> > > >> polling that would be of great help. preferred language would be C/C++
> > > >>
> > > >> thanks,
> > > >> ~Arjun
> > > >>
> > > >>
> > > >>
> > > >>
> > > >>
> > > >
> > > >
> > > > --
> > > > Thank you.
> > > > Best Regards,
> > > > Michael(Huaqing) Wang
> > > >
> > > >
> > >
> >
> >
> > ______________________________________________________________________
> > OpenSSL Project http://www.openssl.org
> > User Support Mailing List openssl-users@openssl.org
> > Automated List Manager majord...@openssl.org
> >
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
