RE: SSL_read() returns SSL_ERROR_SYSCALL
Please see my comments inline. Does the server/service report (usually log) anything relevant to your access/connection/request/whatever? In particular, if it logs something about server error you need to look there. If it too reports seeing a reset, coming from your direction, then you need to look for something in the network in between. Chitra The server application is also within our control only.Hence we were able to monitor the server also. Its clear from the server logs that server is getting the request and sending the response. So i dont suspect the network. If this is a network problem, it may be easier to look for it using clear data. Do you have the option of connecting to these servers/services without SSL (or with SSL but using an eNULL ciphersuite) and if so does it have the same problem? (Obviously you should do that only with nonconfidential data. If there is higher-level authentication e.g. password, use a temporarily assigned and immediately disabled test id, etc.) Chitra We have tried that also. This problem doesnt happen when we access the http webservice. This occurs only when we access the service in https mode. Is there any way we can decrypt the packets and view the packets sent in https mode. I am an novice in openSSL and not very sure how to use SSL using eNULL ciphersuite. Since we are depending on gSOAP generated stubs, and these stubs use openSSL dlls (ssleay.lib and libeay.lib) for the https webservice calls. While debugging, we found that the SSL_read() returned this error (SSL_ERROR_SYSCALL). There was another entry in this forum stating the same problem, and they have mentioned that this is a configuration issue. This can be resolved by changing the ciphersuite to default. But its not clear where should we change it , in the server or in the client? You may find the post in this link http://marc.info/?l=openssl-usersm=110252442813443w=2 Thanks Chitra -- View this message in context: http://www.nabble.com/SSL_read%28%29-returns-SSL_ERROR_SYSCALL-tp23918379p23955257.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: SSL_read() returns SSL_ERROR_SYSCALL
hi, We have tried settiong the ciphersuite using SSL_CTX_set_cipher_list(), as eNULL/NULL-MD5/DEFAULT. But we get handshake error. In the server also we have tried giving the encryption= true and cipherlist to all of the above settings. eNULL/NULL-MD5 /any null values give handshake error. What am i missing here? If this is a network problem, it may be easier to look for it using clear data. Do you have the option of connecting to these servers/services without SSL (or with SSL but using an eNULL ciphersuite) and if so does it have the same problem? (Obviously you should do that only with nonconfidential data. If there is higher-level authentication e.g. password, use a temporarily assigned and immediately disabled test id, etc.) -- View this message in context: http://www.nabble.com/SSL_read%28%29-returns-SSL_ERROR_SYSCALL-tp23918379p23961104.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: SSL_read() returns SSL_ERROR_SYSCALL
Is the server IIS? And do you get all of the response? Because IIS doesn't necessarily close SSL connections in a tidy manner - it can give SSL_ERROR_SYSCALL. G. -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of chithuanand Sent: 10 June 2009 13:22 To: openssl-users@openssl.org Subject: RE: SSL_read() returns SSL_ERROR_SYSCALL hi, We have tried settiong the ciphersuite using SSL_CTX_set_cipher_list(), as eNULL/NULL-MD5/DEFAULT. But we get handshake error. In the server also we have tried giving the encryption= true and cipherlist to all of the above settings. eNULL/NULL-MD5 /any null values give handshake error. What am i missing here? If this is a network problem, it may be easier to look for it using clear data. Do you have the option of connecting to these servers/services without SSL (or with SSL but using an eNULL ciphersuite) and if so does it have the same problem? (Obviously you should do that only with nonconfidential data. If there is higher-level authentication e.g. password, use a temporarily assigned and immediately disabled test id, etc.) -- View this message in context: http://www.nabble.com/SSL_read%28%29-returns-SSL_ERROR_SYSCALL-tp2391837 9p23961104.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: SSL_read() returns SSL_ERROR_SYSCALL
The Winsock2 WSAGetLastError() returns 100054, means Socket forcefully shut down by remote host. Initially we had only one webservice class. This webservice class is based on gSOAP generated proxy classes, which will in turn use openSSL functions to access a secured webservice.All the methods in this class worked perfectly till we added one more class, which access another set of webservices. The new class contains a set of totally disjoint methods,and it should not affect the existing code. The same code also works properly in some other networks. SSL_ERROR_SYSCALL means that an underlying call to the system failed. Check errno in that case. Or in desktop-Windows=Winsock2 WSAGetLastError() . I don't know if windows mobile(?) is the same. If you're getting the error on larger pieces of data, instead of smaller pieces of data, it sounds like you're not properly handling the case where your read buffer isn't large enough, needs to be extended, and the read continued. Without knowing the value of errno, it's impossible to guess, though. -- View this message in context: http://www.nabble.com/SSL_read%28%29-returns-SSL_ERROR_SYSCALL-tp23918379p23936078.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: SSL_read() returns SSL_ERROR_SYSCALL
From: owner-openssl-us...@openssl.org On Behalf Of chithuanand Sent: Tuesday, 09 June, 2009 00:13 The Winsock2 WSAGetLastError() returns 100054, means Socket forcefully shut down by remote host. Precisely 10054 is connection-reset. In TCP shut down normally is used for the normal/graceful shutdown i.e. FIN exchange(s). forcefully shut down clearly means something different, and the only other prompt possibility is reset/abort using RST, but it's clearer to say reset. by remote host may be misleading. In the early ARPAnet-like Internet, resets were always from the remote host. Routers did other things, like ICMP Net,Host Unreachable, but not reset. Nowadays, there are lots of things like gateways, proxies, firewalls, smart (too smart for their own good) routers, etc., that sometimes cause/force a TCP reset. If you're connecting through some wireless network/carrier, to me that would definitely be one suspect. If it is in fact coming from the remote host, reset is often (not necessarily always) used if the server process fails. This can mean different things depending on what the server is, e.g. segfault, GPF, unhandled_exception, whatever. Initially we had only one webservice class. This webservice class is based on gSOAP generated proxy classes, which will in turn use openSSL functions to access a secured webservice.All the methods in this class worked perfectly till we added one more class, which access another set of webservices. The new class contains a set of totally disjoint methods,and it should not affect the existing code. The same code also works properly in some other networks. Does the server/service report (usually log) anything relevant to your access/connection/request/whatever? In particular, if it logs something about server error you need to look there. If it too reports seeing a reset, coming from your direction, then you need to look for something in the network in between. If this is a network problem, it may be easier to look for it using clear data. Do you have the option of connecting to these servers/services without SSL (or with SSL but using an eNULL ciphersuite) and if so does it have the same problem? (Obviously you should do that only with nonconfidential data. If there is higher-level authentication e.g. password, use a temporarily assigned and immediately disabled test id, etc.) SSL_ERROR_SYSCALL means that an underlying call to the system failed. Check errno in that case. Or in desktop-Windows=Winsock2 WSAGetLastError() . I don't know if windows mobile(?) is the same. snip rest __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
SSL_read() returns SSL_ERROR_SYSCALL
Hi All, we are working on a client which runs on windows mobile. This client access a webservice using gSOAP generated stubs For secure webservice calls,we are using openssl for communication. My problem is that - while transferring data, SSL_read() always fails (after transferring few KB of data). The follwoing error is returned - -- SSL_read() returns SSL_ERROR_SYSCALL error:0005:lib(0):func(0):DH lib --- This is not consistent across the different methods. The methods which pass bigger chunks of data in the request consistently fail, and the ones which pass lesser data consistently pass. Any help will be much appreciated -- View this message in context: http://www.nabble.com/SSL_read%28%29-returns-SSL_ERROR_SYSCALL-tp23918379p23918379.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: SSL_read() returns SSL_ERROR_SYSCALL
SSL_ERROR_SYSCALL means that an underlying call to the system failed. Check errno in that case. If you're getting the error on larger pieces of data, instead of smaller pieces of data, it sounds like you're not properly handling the case where your read buffer isn't large enough, needs to be extended, and the read continued. Without knowing the value of errno, it's impossible to guess, though. -Kyle H On Sun, Jun 7, 2009 at 10:28 PM, chithuanandchithuan...@yahoo.com wrote: Hi All, we are working on a client which runs on windows mobile. This client access a webservice using gSOAP generated stubs For secure webservice calls,we are using openssl for communication. My problem is that - while transferring data, SSL_read() always fails (after transferring few KB of data). The follwoing error is returned - -- SSL_read() returns SSL_ERROR_SYSCALL error:0005:lib(0):func(0):DH lib --- This is not consistent across the different methods. The methods which pass bigger chunks of data in the request consistently fail, and the ones which pass lesser data consistently pass. Any help will be much appreciated -- View this message in context: http://www.nabble.com/SSL_read%28%29-returns-SSL_ERROR_SYSCALL-tp23918379p23918379.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-us...@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: SSL_read() returns SSL_ERROR_SYSCALL
From: owner-openssl-us...@openssl.org On Behalf Of Kyle Hamilton Sent: Monday, 08 June, 2009 13:46 SSL_ERROR_SYSCALL means that an underlying call to the system failed. Check errno in that case. Or in desktop-Windows=Winsock2 WSAGetLastError() . I don't know if windows mobile(?) is the same. If you're getting the error on larger pieces of data, instead of smaller pieces of data, it sounds like you're not properly handling the case where your read buffer isn't large enough, needs to be extended, and the read continued. Without knowing the value of errno, it's impossible to guess, though. -Kyle H On Sun, Jun 7, 2009 at 10:28 PM, chithuanandchithuan...@yahoo.com wrote: Hi All, we are working on a client which runs on windows mobile. This client access a webservice using gSOAP generated stubs For secure webservice calls,we are using openssl for communication. My problem is that - while transferring data, SSL_read() always fails (after transferring few KB of data). The follwoing error is returned - -- SSL_read() returns SSL_ERROR_SYSCALL error:0005:lib(0):func(0):DH lib -- - This is not consistent across the different methods. The methods which pass bigger chunks of data in the request consistently fail, and the ones which pass lesser data consistently pass. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org