on 1.0.2h. When we call SSL_do_handshake,
> > sometimes we notice that handshake fails with error SSL_ERROR_SSL.
> > As per the documentation for this error, it is non recoverable and
> fatal
> > error. Documentation also mentions to check the error queue
All,
> >
> > We are using Openssl version 1.0.2h. When we call SSL_do_handshake,
> > sometimes we notice that handshake fails with error SSL_ERROR_SSL.
> > As per the documentation for this error, it is non recoverable and fatal
> > error. Documentation also
On 19/02/2020 05:16, Mahendra SP wrote:
> Hi All,
>
> We are using Openssl version 1.0.2h. When we call SSL_do_handshake,
> sometimes we notice that handshake fails with error SSL_ERROR_SSL.
> As per the documentation for this error, it is non recoverable and fatal
> err
Hi All,
We are using Openssl version 1.0.2h. When we call SSL_do_handshake,
sometimes we notice that handshake fails with error SSL_ERROR_SSL.
As per the documentation for this error, it is non recoverable and fatal
error. Documentation also mentions to check the error queue for further
details
Hi,
As far as I know, there is no point going again to the loop when we have
SSL_ERROR_SSL.
Suppose in case of SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE this would
have made sense.
Maybe there is a timeout or watchdog which stops it from consuming a lot of
time and closes the socket.
Since
seems to be the handling of SSL_ERROR_SSL. The code currently
handles SSL_ERROR_SSL by checking the system errno, and returning to its I/O
loop (select(2)/SSL_read/SSL_write) if it is EAGAIN, EINTR, or 0. In this
case, errno is 0, so it keeps trying again indefinitely.
Ending the program
Hi all
What is the state of the SSL connection after SSL_ERROR_SYSCALL or
SSL_ERROR_SSL?
1) Is the secure session teared down? (I mean within the OpenSSL state machine)
2) If not, may a retry of SSL_write or SSL_read succeed w/o a re-handshake?
Regards
Alon
Hi,
I got some weird error. help needed urgent.
SSL_write() is returned with error SSL3_WRITE_PENDING:bad write retry.
I have tried with flags PARTIAL_WRITE and AUTO_RETRY and MOVING
BUFFER.
Still i am facing this problem. Any temporary workaround will also be
appreciated.
Thanks Regards,
There's probably something wrong with your code, but from the
information you've presented it's difficult to be more precise. I don't
see what your question has to do with developing OpenSSL, so I've
dropped openssl-dev from the thread.
http://www.catb.org/~esr/faqs/smart-questions.html
Forwarding to openssl-users for public discussion.
Best regards,
Lutz
- Forwarded message from sandeep.kuma...@wipro.com -
Subject: SSL_write returned SSL_ERROR_SSL
Date: Tue, 3 Nov 2009 19:25:03 +0530
Thread-Topic: SSL_write returned SSL_ERROR_SSL
Thread-Index
From: owner-openssl-us...@openssl.org On Behalf Of Lutz Jaenicke
Sent: Tuesday, 03 November, 2009 14:13
- Forwarded message from sandeep.kuma...@wipro.com -
Subject: SSL_write returned SSL_ERROR_SSL
Date: Tue, 3 Nov 2009 19:25:03 +0530
Thread-Topic: SSL_write returned SSL_ERROR_SSL
sandeep.kuma...@wipro.com -
Subject: SSL_write returned SSL_ERROR_SSL
Date: Tue, 3 Nov 2009 19:25:03 +0530
Thread-Topic: SSL_write returned SSL_ERROR_SSL
Thread-Index: AcpcjT4Rk9sPCTZ0QEaWqLVTn71DBQ==
From: sandeep.kuma...@wipro.com
To: r...@openssl.org
I am facing some weird problem
From: owner-openssl-us...@openssl.org On Behalf Of Kyle Hamilton
Sent: Friday, 18 September, 2009 15:07
Once you receive SSL_ERROR_SSL, the next step is to use
ERR_get_error(3ssl) to figure out what the specific SSL error was.
Before you do this, you should call ERR_load_crypto_strings(3ssl
Hi
I am using Linux provided SSL Library OpenSSL 0.9.7a Feb 19 2003.
The problem is that SSL_Connect fails with error SSL_ERROR_SSL
I am not able to trace the possible reason for error.
Any help is valuable as I need to resolve the issue urgently.
Regards
Anuradha Gupta
Technical Leader
Once you receive SSL_ERROR_SSL, the next step is to use
ERR_get_error(3ssl) to figure out what the specific SSL error was.
Before you do this, you should call ERR_load_crypto_strings(3ssl) and
SSL_load_error_strings(3ssl) so that you can get the full string; if
you don't, you'll get a hexadecimal
From: owner-openssl-us...@openssl.org On Behalf Of Prokash Sinha
Sent: Friday, 24 April, 2009 16:45
I'm trying to understand why this following code is failing
the second or third time... Is it a good way ( meaning first accept()
without ssl, then do those association,
Are you appropriately calling SSL_clear() after your connection is shut down?
-Kyle H
On Mon, Apr 27, 2009 at 3:08 PM, Dave Thompson
dave.thomp...@princetonpayments.com wrote:
From: owner-openssl-us...@openssl.org On Behalf Of Prokash Sinha
Sent: Friday, 24 April, 2009 16:45
Hi,
I'm trying to understand why this following code is failing the second or
third time... Is it a good way ( meaning first accept() without ssl, then do
those association, then SSL_Accept() )
tls_socket is just a plain listner socket
sock = accept (tls_socket, (struct sockaddr *) sa,
David,
Thanks for your prompt reply, again.
David Schwartz wrote:
ERR_get_error() returned 67596407
ERR_error_string() returned error:04077077:rsa routines:RSA_verify:wrong
signature length
ERR_get_error() returned 218910726
ERR_error_string() returned error:0D0C5006:asn1 encoding
David,
Thanks for the quick reply.
David Schwartz wrote:
* the underlying socket is blocking
It sounds like you're trying to get some kind of fake halfway-non-blocking
operation. This never works quite right. Either use blocking operations on
blocking sockets or non-blocking operations on
I'm seeing weird OpenSSL behaviour and I suspect it's a bug in
the library.
It sounds like a typical protocol error.
The problem is that SSL_write() sometimes returns SSL_ERROR_SSL with
errno equal to EAGAIN.
This is your problem. You are confusing yourself by checking 'errno'.
SSL_write
Hi all,
I'm seeing weird OpenSSL behaviour and I suspect it's a bug in the library.
The problem is that SSL_write() sometimes returns SSL_ERROR_SSL with
errno equal to EAGAIN. Calling SSL_write() again seems to solve the
problem. I have the impression that SSL_write() should return
The problem is that SSL_write() sometimes returns SSL_ERROR_SSL with
errno equal to EAGAIN. Calling SSL_write() again seems to solve the
problem. I have the impression that SSL_write() should return
SSL_ERROR_WANT_WRITE in this situation.
* the underlying socket is blocking
It sounds like
Hi,
I need help in
SSL_ERROR_SSL error ..
I got
"SSL_ERROR_SSL" often in SSL_write(), I don't know what causes this error and I
don't know how to reset or correctthis condition. The docs I found
just said it's a "protocol error" andcan anyone elaborate more wha
TCP
socket and then connect as shown below. Then, we call SSL_connect, which
fails with SSL_ERROR_SSL. At this point, the Java server outputs
SSLException No Trusted certificate.
sd = socket(AF_INET, SOCK_STREAM, 0);
int c = connect(sd, (struct sockaddr*) host_id , sizeof(host_id
socket and then connect as shown below. Then, we call SSL_connect,
which
fails with SSL_ERROR_SSL. At this point, the Java server outputs
SSLException No Trusted certificate.
If you want client authentication, you need
to explicitly state this at the server side(ie., you should ask
the client to send
ertificate, the private
key and the CA cert to the context.Please see the code
snippet. ... Initialization is successful, but the handshake fails. We first
create TCPsocket and then "connect" as shown below. Then, we call
SSL_connect, whichfails with SSL_ERROR_SSL. At this po
Sent: Tuesday, January 31, 2006 4:03 PM
To: openssl-users@openssl.org
Subject: Re: SSL_connect fails with SSL_ERROR_SSL
Dear all,
Using openssl (openssl 0.9.7), I have set up a CA and this CA has issued 2
certs - one for client and the other for the server. I have checked
: Tuesday, January 31, 2006 4:32 PM
To: openssl-users@openssl.org
Subject: Re: SSL_connect fails with SSL_ERROR_SSL
Okay. The question is:
You have a CA. Did you encode the CA:true attribute in it?
You created a server certificate signed by that CA. How?
You created a client certificate signed
HI,
Recently we encounter SSL_ERROR_SSL error on client side. Our application code(initialization,
handshaking, read and write) is common for sslv2 and sslv3.
It happens when we turn on sslv3. But when we turn off sslv3 but using
sslv2, the problem goes away.
The following
errors
Client side
SSL_ERROR_SSL
error:1409441B:SSL routines:SSL3_READ_BYTES:tlsv1
alert decrypt error
Detail: SSL connect failed in tcp_connect()
Server side:
SSL_ERROR_SSL
error:0D0890A1:lib(13):func(137):reason(161)error:140890B2:lib(20):func(137):reason(178)
Detail: SSL_accept() failed
cases to my code
to handle the possible combinations but new ones keep
coming up. For example, what does it mean to get
SSL_ERROR_SSL with errno of 0 ? Is this the same as
shutdown, or retry?
I've looked at s_client and s_server and they seem to
generally handle these as a shutdown indication
);
int dummy = SSL_connect(ssl_h_to);
if (dummy = 0)
{
log(LOG_INFO, do_http_request(): problem starting SSL connection
%d, SSL_get_error(ssl_h_to, dummy));
}
dummy gets = 0 and the logging tells me an error 1 (SSL_ERROR_SSL) occured
server
(LOG_INFO, do_http_request(): problem starting SSL connection
%d, SSL_get_error(ssl_h_to, dummy));
}
dummy gets = 0 and the logging tells me an error 1 (SSL_ERROR_SSL) occured
server:
--
socket_h_from = accept(...); // and fork
sbio = BIO_new_socket(socket_h_from
could cause an unknown state?
Cheers,
Toby
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Toby Shepheard
Sent: 06 March 2001 19:42
To: [EMAIL PROTECTED]
Subject: SSL_ERROR_SSL generated in SSL_connect
Hi,
I've implemented a basic SSL client in C
On Wed, Mar 07, 2001 at 11:19:28AM -, Toby Shepheard wrote:
Small update:
I got the proper error response working now (it was getting a bit late
yesterday, my brain obviously wasn't in top gear!), and it is as follows:
error:140840FF:SSL routines:SSL3_CONNECT:unknown state
Does
Comments inserted below.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Lutz Jaenicke
Sent: 07 March 2001 12:32
To: [EMAIL PROTECTED]
Subject: Re: SSL_ERROR_SSL generated in SSL_connect
On Wed, Mar 07, 2001 at 11:19:28AM -, Toby
On Wed, Mar 07, 2001 at 02:32:08PM -, Toby Shepheard wrote:
//Is this ok? I'm using the generic SSLv3_method
meth=SSLv3_method();
ctx=SSL_CTX_new(meth);
* You are not reusing an old SSL object that was already used once and
not cleared with SSL_clear()?
// The SSL object should
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Lutz Jaenicke
Sent: 07 March 2001 16:38
To: [EMAIL PROTECTED]
Subject: Re: SSL_ERROR_SSL generated in SSL_connect
On Wed, Mar 07, 2001 at 02:32:08PM -, Toby Shepheard wrote:
//Is this ok? I'm using
compile as a .so and run it in the StoryServer environment, I hit a problem
with SSL_connect:
SSL_get_error(ssl, (SSL_connect(ssl))
always returns SSL_ERROR_SSL
The man pages suggest this may be a protocol error. I then called
ERR_print_errors(bio_err)
ERR_error_string(err, szDebug)
this gave
2546
40 matches
Mail list logo