> From: owner-openssl-us...@openssl.org On Behalf Of Nayna Jain > Sent: Monday, 15 July, 2013 11:49
> It takes some time for my server to respond to openssl > s_client connection request. > However, openssl s_client timesout before the response. > Are you using DTLS with -timeout? Otherwise, and always for "normal" TLS and SSL, there is no timeout on the handshake in s_client, or by default in libssl -- although you can use nonblocking logic and impose your own time limit(s). Or do you mean the *TCP* connect timeout (i.e. SYN to SYN-ACK)? For that s_client just uses the OS setting, which classically is about a minute but many OSes today allow tuning and some people or applications tune it rather short. (When I google, I find mostly people who want a *shorter* connect timeout for their client.) It appears that some TCP stacks may be able to change this for one socket (in one process) with a setsockopt, but apparently the only general solution is to connect() on a nonblocking socket and manage it yourself e.g. with select. s_client doesn't do either of those. > Is there some way to give a timeout argument to s_client command for > waiting for response ? > For SSL/TLS no, for DTLS you can enable timeout but it uses a fixed (and small) value, for TCP no. Remember s_client like most of the commandline utilities is intended primarily as a test tool, not for production use. Are you doing something that belongs in an app that is more tailored to your needs? ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
