On Fri December 9 2011, MK wrote:
> Hi! I'm new to ssl and am having some problems. I'm working on an
> http server; the interface is in perl and the internals are in perl and
> C; the SSL module is in C.
>
> Everything works fine except for large file uploads (using
> "multipart/form-data"), where I lose a *variable* fraction of a percent
> of the bytes (eg, 1-10 bytes for 20 MB) *in the middle* of the transfer.
> Ie, the bytes read do not match the content-length, but while the
> multipart boundaries at beginning and end are intact, the file written
> out is too short.
>
> The only errors I receive from openssl are WANT_READ or WANT_WRITE,
> which I handle like EAGAIN (the socket is non-block). The code which
> handles the upload is identical for both SSL and non-SSL connections,
> except for the read function below, but there is no such problem with
> non-SSL transfers.
>
> The read function uses some of the perl API and is intended to provide
> the same functionality as perl's sysread (this is why the rest of the
> code is identical to the non-SSL upload):
>
> SV *sysread (SV *objref, SV *buf, int len) {
> // retrieve SSL object from perl
> HV *self = (HV*)SvRV(objref);
> SV **field = hv_fetch(self, "ssl", 3, 0);
>
> if (!field) return newSV(0);
>
> SSL *ssl = (SSL*)SvIV(*field);
>
> // set up buffer and read
> unsigned char data[len];
> ERR_clear_error();
> int bytes = SSL_read(ssl, data, len);
>
> // error handling
> if (bytes < 0) {
> int err = SSL_get_error(ssl, bytes);
> if (err == SSL_ERROR_WANT_READ
> || err == SSL_ERROR_WANT_WRITE) err = EAGAIN;
> else err *= -1;
> // the error is made negative to prevent collision with EAGAIN
> hv_store(self, "readerr", 3, newSViv (err), 0);
> return newSV (0); // perl undef
> }
>
> // return buffer contents to perl
> sv_setpvn(buf, data, bytes);
> return newSViv(bytes);
> }
>
> As stated, the only error which actually occurs is the WANT_READ or
> WANT_WRITE.
>
> I can also post the ctx setup*, etc, tho again, everything works fine
> except for large uploads. Large downloads are fine. My test
> client is firefox 7 over a slow wireless connection; the loss is less
> on local loopback but still occurs. What have I missed about this?
>
Evidently your connection is doing a renegotiation during the transfer.
You missed:
http://stackoverflow.com/questions/3952104/how-to-handle-openssl-ssl-error-want-read-want-write-on-non-blocking-sockets
Among a few other zillion posts that google can find on the subject.
Mike
> Thanks -- MK
>
> * I use SSL_set_fd and not a BIO.
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
