>-- Original Message --
>
>
>>-- Original Message --
>>
>>On Tue, Apr 30, 2019 at 03:23:23PM -0700, Erik Forsberg wrote:
>>
>>> >Is the handshake explicit, or does the application just call
>>> >SSL_read(), with OpenSSL performing the handshake as needed?
>>>
>>> I occasionally (somewhat
>-- Original Message --
>
>On Tue, Apr 30, 2019 at 03:23:23PM -0700, Erik Forsberg wrote:
>
>> >Is the handshake explicit, or does the application just call
>> >SSL_read(), with OpenSSL performing the handshake as needed?
>>
>> I occasionally (somewhat rarely) see the issue mentioned by the OP.
On Tue, Apr 30, 2019 at 03:23:23PM -0700, Erik Forsberg wrote:
> >Is the handshake explicit, or does the application just call
> >SSL_read(), with OpenSSL performing the handshake as needed?
>
> I occasionally (somewhat rarely) see the issue mentioned by the OP.
> Ignoring the error, or mapping
I can add some of my own observations to this below ...
>> I haven't looked at the code, but my impression is that WANT_READ and
>> WANT_WRITE are returned in two cases: when OpenSSL has received or sent a
>> partial record and needs to complete it; or when the TLS state is such that
>>
> On Apr 30, 2019, at 12:31 PM, Michael Wojcik
> wrote:
>
> I haven't seen a reply to this, so I'll take a stab...
>
> I haven't looked at the code, but my impression is that WANT_READ and
> WANT_WRITE are returned in two cases: when OpenSSL has received or sent a
> partial record and needs
> From: openssl-users on behalf of John
> Unsworth
> Sent: Monday, April 29, 2019 10:54
> We are using OpenSSL 1.1.0h on Linux to send operations to LDAP servers. We
> use SSL_read()
> to receive the replies on a non-blocking socket. The vast majority of times
> SSL_read() returns >0,
>
> On Apr 30, 2019, at 12:21 PM, Michael Wojcik
> wrote:
>
>> From: openssl-users on behalf of Felipe
>> Gasper
>> Sent: Tuesday, April 30, 2019 11:06
>
>> My question is, does TLS allow a client to be _able_ to parse an incomplete
>> message?
>> Or is it that only the entire message
> From: openssl-users on behalf of Felipe
> Gasper
> Sent: Tuesday, April 30, 2019 11:06
> My question is, does TLS allow a client to be _able_ to parse an incomplete
> message?
> Or is it that only the entire message can be decoded?
TLS doesn't have the concept of a "message". It has
Hello,
I’ve got an OpenSSL client that’s showing the behavior in strace:
read 5 bytes - OK
read 11228 bytes - gets partial response
read remainder - ECONNRESET
That ECONNRESET causes OpenSSL to fail the entire SSL_read().
My question is, does TLS allow a client to be
You can ask the openssl app where it goes looking for engines by
default. Here's what it looks like with the installed openssl on my
machine:
: ; openssl version -e
ENGINESDIR: "/usr/lib/x86_64-linux-gnu/engines-1.1"
Note that engines aren't agnostic to the OpenSSL version...
Cheers,
This port is for ILE (native OS/400) not PASE (PASE is almost like Unix, and already comes with openssl).
The idiosynchrasies are explained in the README.as400 file in AS400patch.tar.gz.
Resending this mail with files on Google Drive:
AS400patch.tar.gz (large patch for OpenSSL and
11 matches
Mail list logo