> From: Felipe Gasper
> Sent: Thursday, 3 November, 2022 10:43
> >
> > And your description looks wrong anyway: shutdown(SHUT_RD) has
> > implementation-defined behavior for TCP sockets (because TCP does not
> > announce the read side of half-close to the peer), and on Linux causes
> > blocked
> On Nov 3, 2022, at 11:37, Michael Wojcik via openssl-users
> wrote:
>
>> It’s a rare
>> issue, but when it does it’s a head-scratcher. To avoid that, it’s necessary
>> to shutdown(SHUT_RD) then drain the read buffer before close().
>
> Well, it's not *necessary* to do a half-close.
> From: Felipe Gasper
> Sent: Thursday, 3 November, 2022 08:51
>
> You probably know this, but: On Linux, at least, if a TCP socket close()s
> with a non-empty read buffer, the kernel sends TCP RST to the peer.
Yes, that's a conditional-compliance (SHOULD) requirement from the Host
> On Nov 3, 2022, at 10:17, Michael Wojcik via openssl-users
> wrote:
>
>> Does OpenSSL’s documentation mention that? (I’m not exhaustively
>> familiar with it, but I don’t remember having seen such.)
>
> I doubt it. I don't see anything on the wiki, and this is a pretty obscure
> issue,
> From: Felipe Gasper
> Sent: Thursday, 3 November, 2022 07:42
>
> It sounds, then like shutdown() (i.e., TCP half-close) is a no-no during a
> TLS session.
Um, maybe. Might generally be OK in practice, particularly with TLSv1.3, which
got rid of some of the less-well-considered ideas of
> On Nov 2, 2022, at 16:36, Michael Wojcik via openssl-users
> wrote:
>
>> From: Felipe Gasper
>> Sent: Wednesday, 2 November, 2022 12:46
>>
>> I wouldn’t normally expect EPIPE from a read operation. I get why it happens;
>> it just seems odd. Given that it’s legitimate for a TLS peer to
> From: Felipe Gasper
> Sent: Wednesday, 2 November, 2022 12:46
>
> I wouldn’t normally expect EPIPE from a read operation. I get why it happens;
> it just seems odd. Given that it’s legitimate for a TLS peer to send the
> close_notify and then immediately do TCP close, it also seems like EPIPE
> On Oct 26, 2022, at 13:34, Michael Wojcik via openssl-users
> wrote:
>
>> From: openssl-users On Behalf Of Felipe
>> Gasper
>> Sent: Wednesday, 26 October, 2022 11:15
>>
>> I’m seeing that OpenSSL 3, when it reads empty on a socket, sends some
>> sort of response, e.g.:
>>
>> -
> From: openssl-users On Behalf Of Felipe
> Gasper
> Sent: Wednesday, 26 October, 2022 11:15
>
> I’m seeing that OpenSSL 3, when it reads empty on a socket, sends some
> sort of response, e.g.:
>
> - before read
> [pid 42417] read(7276781]>, "", 5) = 0
> [pid 42417] sendmsg(7276781]>,
On Behalf Of John
Unsworth
Sent: 07 May 2019 09:06
To: openssl-users@openssl.org
Subject: RE: SSL_read() returning SSL_ERROR_SYSCALL with errno 11 EAGAIN
CAUTION: This email originated from outside of Synchronoss.
Thanks, the mutex is tied to the SSL session and used for all calls (now
Mobile: +44 777.557.2643
-Original Message-
From: openssl-users On Behalf Of Viktor
Dukhovni
Sent: 03 May 2019 23:04
To: openssl-users@openssl.org
Subject: Re: SSL_read() returning SSL_ERROR_SYSCALL with errno 11 EAGAIN
CAUTION: This email originated from outside of Synchronoss.
On Fri
On Fri, May 03, 2019 at 09:34:14AM +, John Unsworth wrote:
> Testing changed code.
For the record, though I think you realise this, *both* the SSL_read()
or SSL_write() and the following SSL_get_error() need to be protected
as a unit by the *same* instance of the locked mutex. It would not
Testing changed code.
Regards
John
From: openssl-users on behalf of Matt
Caswell
Sent: Friday, May 3, 2019 10:16 am
To: openssl-users@openssl.org
Subject: Re: SSL_read() returning SSL_ERROR_SYSCALL with errno 11 EAGAIN
CAUTION: This email originated from
On 02/05/2019 18:23, Viktor Dukhovni wrote:
>>> At this point you'd be calling SSL_get_error(), is there a lock that
>>> prevents writes between SSL_read() and SSL_read() and SSL_get_error()?
>>
>> The mutex does not protect SSL_get_error() calls.
>
> I think that's an application bug. The
>> I think that's an application bug.
Thanks.
I thought you might say that. I will change the code and get the customer to
retest.
Regards,
John
-Original Message-
From: openssl-users On Behalf Of Viktor
Dukhovni
Sent: 02 May 2019 18:23
To: openssl-users@openssl.org
Subje
On Thu, May 02, 2019 at 04:10:31PM +, John Unsworth wrote:
> > Do you wait for the non-blocking connect to complete at this point?
> We connect in blocking mode then switch to non-blocking.
Thanks that rules connection setup out of the picture.
> > Are multiple threads writing to the same
nal Message-
From: openssl-users On Behalf Of Viktor
Dukhovni
Sent: 02 May 2019 15:56
To: openssl-users@openssl.org
Subject: Re: SSL_read() returning SSL_ERROR_SYSCALL with errno 11 EAGAIN
CAUTION: This email originated from outside of Synchronoss.
> On May 2, 2019, at 5:56 AM, John Uns
> On May 2, 2019, at 5:56 AM, John Unsworth
> wrote:
>
> Create a non-blocking TCP socket
> socket() for a sock_stream.
> connect().
Do you wait for the non-blocking connect to complete at this point?
> SSL_new(), SSL_set_fd(), SSL_connect().
>
> The application sends LDAP
Caswell
Sent: 01 May 2019 08:42
To: openssl-users@openssl.org
Subject: Re: SSL_read() returning SSL_ERROR_SYSCALL with errno 11EAGAIN
CAUTION: This email originated from outside of Synchronoss.
On 30/04/2019 23:37, Viktor Dukhovni wrote:
> On Tue, Apr 30, 2019 at 03:23:23PM -0700, Erik Forsberg wr
ers@openssl.org
Subject: Re: SSL_read() returning SSL_ERROR_SYSCALL with errno 11 EAGAIN
CAUTION: This email originated from outside of Synchronoss.
> On May 1, 2019, at 9:47 AM, John Unsworth
> wrote:
>
> Create a non-blocking TCP socket.
> Call SSL_new(), SSL_set_fd(), SSL_connect
On 30/04/2019 23:37, Viktor Dukhovni wrote:
> On Tue, Apr 30, 2019 at 03:23:23PM -0700, Erik Forsberg wrote:
>
>>> Is the handshake explicit, or does the application just call
>>> SSL_read(), with OpenSSL performing the handshake as needed?
>>
>> I occasionally (somewhat rarely) see the issue
a soak test and thousands (maybe millions) of reads worked
fine until the failing one.
Regards,
John.
-Original Message-
From: openssl-users On Behalf Of Erik
Forsberg
Sent: 01 May 2019 03:05
To: openssl-users@openssl.org
Subject: Re: SSL_read() returning SSL_ERROR_SYSCALL with errno
> On May 1, 2019, at 9:47 AM, John Unsworth
> wrote:
>
> Create a non-blocking TCP socket.
> Call SSL_new(), SSL_set_fd(), SSL_connect()
> Thereafter call SSL_read().
> Renegotiates handled by OpenSSL.
Can you be more specific about "Create a non-blocking TCP socket"?
That fully sets up the
a soak test and thousands (maybe millions) of reads worked
fine until the failing one.
Regards,
John.
-Original Message-
From: openssl-users On Behalf Of Erik
Forsberg
Sent: 01 May 2019 03:05
To: openssl-users@openssl.org
Subject: Re: SSL_read() returning SSL_ERROR_SYSCALL with errno
>-- Original Message --
>
>
>>-- Original Message --
>>
>>On Tue, Apr 30, 2019 at 03:23:23PM -0700, Erik Forsberg wrote:
>>
>>> >Is the handshake explicit, or does the application just call
>>> >SSL_read(), with OpenSSL performing the handshake as needed?
>>>
>>> I occasionally (somewhat
>-- Original Message --
>
>On Tue, Apr 30, 2019 at 03:23:23PM -0700, Erik Forsberg wrote:
>
>> >Is the handshake explicit, or does the application just call
>> >SSL_read(), with OpenSSL performing the handshake as needed?
>>
>> I occasionally (somewhat rarely) see the issue mentioned by the OP.
On Tue, Apr 30, 2019 at 03:23:23PM -0700, Erik Forsberg wrote:
> >Is the handshake explicit, or does the application just call
> >SSL_read(), with OpenSSL performing the handshake as needed?
>
> I occasionally (somewhat rarely) see the issue mentioned by the OP.
> Ignoring the error, or mapping
I can add some of my own observations to this below ...
>> I haven't looked at the code, but my impression is that WANT_READ and
>> WANT_WRITE are returned in two cases: when OpenSSL has received or sent a
>> partial record and needs to complete it; or when the TLS state is such that
>>
> On Apr 30, 2019, at 12:31 PM, Michael Wojcik
> wrote:
>
> I haven't seen a reply to this, so I'll take a stab...
>
> I haven't looked at the code, but my impression is that WANT_READ and
> WANT_WRITE are returned in two cases: when OpenSSL has received or sent a
> partial record and needs
> From: openssl-users on behalf of John
> Unsworth
> Sent: Monday, April 29, 2019 10:54
> We are using OpenSSL 1.1.0h on Linux to send operations to LDAP servers. We
> use SSL_read()
> to receive the replies on a non-blocking socket. The vast majority of times
> SSL_read() returns >0,
>
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
us...@openssl.org] On Behalf Of Tilman Sauerbeck
Sent: Friday, 09 May, 2014 18:57
Michael Wojcik [2014-05-09 21:12]:
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
us...@openssl.org] On Behalf Of Tilman
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
us...@openssl.org] On Behalf Of Tilman Sauerbeck
Sent: Thursday, 08 May, 2014 12:26
my program is an SSL client which is reading large amounts of data
without sending data itself (after the initial handshake).
My machine's
Michael Wojcik [2014-05-09 21:12]:
Hello Michael,
thanks for your reply.
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
us...@openssl.org] On Behalf Of Tilman Sauerbeck
Sent: Thursday, 08 May, 2014 12:26
my program is an SSL client which is reading large amounts of data
I've not been through your code properly, but this line grabbed my eye as I
skimmed over it:
len = SSL_read(ctx-ssl, buffer + buf_offset, sizeof(BUFFER_SIZE) -
buf_offset);
You don't show the definition of BUFFER_SIZE anywhere, but sizeof(BUFFER_SIZE)
is likely to be 4 or 8 or similar;
From: owner-openssl-us...@openssl.org On Behalf Of Dogan Kurt
Sent: Friday, 29 June, 2012 15:14
Hi, i am developing a client app with openssl. I use SSL_read
and SSL_write in blocking mode, i just cant figure out something
about them, if server sends me 10 kb and i call SSL_read just
once, can
On 11 Jul 2011, at 3:18 PM, Carla Strembicke wrote:
The server recieves the encrypted data and sends to the lower level and
where it is pumped into the SSL structure ( which is using these memory
buffers) using the BIO_write call ( I acutally see that bytes are written
into it) and the
On 7/11/2011 3:18 PM, Carla Strembicke wrote:
The server recieves the encrypted data and sends to the lower level
and where it is pumped into the SSL structure ( which is using these
memory buffers) using the BIO_write call ( I acutally see that bytes are
written into it) and the buffer looks
From: owner-openssl-us...@openssl.org On Behalf Of tipo nac
Sent: Thursday, 31 March, 2011 13:22
I getting error in a SSL_read call.
SSL_read return -1
Your code shows SSL_accept != 1, but the
answer is the same for SSL_read/write 0.
and
I found where the segmentation fault happens. There is no link between SSL
function call and the seg fault. SSL functions work fine until now.
2011/3/1 ikuzar razuk...@gmail.com
Hello,
I develop a secure stack. This stack is between TCP and an application. The
appli call my stack's functions
Hi
The c-client library/API does its own socket I/O for non-SSL sessions, but
in SSL the socket I/O is delegated to OpenSSL.
When c-client does its own socket I/O, it sets a timeout (normally 15
seconds) on a select() call prior to doing any read() or write() calls.
Thus, c-client never does a
Sorry, I forgot to mention that c-client library/API is part of IMAP-2009
library (http://www.panda.com/imap/)
I am using IMAP library, which in turn using OpenSSL.
I am re-posting my last post here.
The IMAP(2009) c-client library/API does its own socket I/O for non-SSL
sessions, but in SSL the
Parimal Das wrote:
The IMAP(2009) c-client library/API does its own socket I/O for
non-SSL sessions, but in SSL the socket I/O is delegated to OpenSSL.
When c-client does its own socket I/O, it sets a timeout (normally
15 seconds) on a select() call prior to doing any read() or write()
Parimal Das wrote:
Its the second case Darry,
Here the 'sleep' is Operating System Sleep mode induced by closing the lid
of laptop.
After opening the laptop, when the system wakes up,
My application is always hanging at the same place.
Bug is in your code. It is doing what you asked it do
Hello,
Here is my test code. I am downloading a file with https connection.
This is compiled as $g++ -lssl -lcrypto sslShow.cpp. on OS X 10.5.8
Using default OS X libs (libcrypto 0.9.7 and libssl 0.9.7)
When it has downloaded some 2MB data, I closed my laptop lid (OSX induced
sleep)
After 5
Parimal Das wrote:
Please suggest.
1. What i should include in this code to correct this hang?
It depends on what your code should do in this case. Do you want to wait a
limited amount of time for the other side to reply? Or do you want to wait
possibly forever? Your current code
google: TCP OPTION KEEPALIVE
http://tldp.org/HOWTO/html_single/TCP-Keepalive-HOWTO/
You would be best with an application level timeout,
which would send an application enquiry (heartbeat)
from the laptop to the server.
Waking up from sleeping, the application would send the next heartbeat.
(any
Parimal Das wrote:
Its the second case Darry,
Here the 'sleep' is Operating System Sleep mode induced by closing the
lid of laptop.
After opening the laptop, when the system wakes up,
My application is always hanging at the same place.
It is possible there is something specific OSX does in
after wakeup from sleep ? What do you mean ?
Do you mean you used an API like poll() or select() to put the thread to
sleep and then it wakes up and the socket readability was indicated ?
If so please post an outline of the code your sleep/wake mechanism you
are using.
Do you mean your
Its the second case Darry,
Here the 'sleep' is Operating System Sleep mode induced by closing the lid
of laptop.
After opening the laptop, when the system wakes up,
My application is always hanging at the same place.*
*
562 ssl_getbuffer
562 ssl_getdata
Compile the OpenSSL library with -g option and run it in gdb, you can get
the exact point of crash.
Mostly looks like you are accessing an illegal memory that might have been
freed.
-ugen
On Wed, Sep 16, 2009 at 10:45 AM, Barkha Dosi dosi_bar...@yahoo.com wrote:
Hi,
I have written a
On Wed, Sep 16, 2009 at 1:00 PM, Ugendreshwar Kudupudi
ugend...@gmail.comwrote:
Compile the OpenSSL library with -g option and run it in gdb, you can get
the exact point of crash.
Mostly looks like you are accessing an illegal memory that might have been
freed.
-ugen
On Wed, Sep 16, 2009
Luiz Rafael Culik Guimaraes wrote:
How to use properly SSL_read/SSL_write with select?
Make sure to set the socket/BIO non-blocking. Call SSL_read or SSL_write
when you want to read or write plaintext to/from the SSL connection. *Only*
call 'select' on the underlying socket if OpenSSL
Please see my comments inline.
Does the server/service report (usually log) anything relevant
to your access/connection/request/whatever? In particular, if
it logs something about server error you need to look there.
If it too reports seeing a reset, coming from your direction,
then you
hi,
We have tried settiong the ciphersuite using SSL_CTX_set_cipher_list(), as
eNULL/NULL-MD5/DEFAULT. But we get handshake error. In the server also we
have tried giving the encryption= true and cipherlist to all of the above
settings. eNULL/NULL-MD5 /any null values give handshake error.
Sent: 10 June 2009 13:22
To: openssl-users@openssl.org
Subject: RE: SSL_read() returns SSL_ERROR_SYSCALL
hi,
We have tried settiong the ciphersuite using
SSL_CTX_set_cipher_list(), as eNULL/NULL-MD5/DEFAULT. But we get
handshake error. In the server also we have tried giving the encryption
The Winsock2 WSAGetLastError() returns 100054, means Socket forcefully shut
down by remote host.
Initially we had only one webservice class. This webservice class is based
on gSOAP generated proxy classes, which will in turn use openSSL functions
to access a secured webservice.All the methods
From: owner-openssl-us...@openssl.org On Behalf Of chithuanand
Sent: Tuesday, 09 June, 2009 00:13
The Winsock2 WSAGetLastError() returns 100054, means Socket
forcefully shut down by remote host.
Precisely 10054 is connection-reset. In TCP shut down normally
is used for the
SSL_ERROR_SYSCALL means that an underlying call to the system failed.
Check errno in that case.
If you're getting the error on larger pieces of data, instead of
smaller pieces of data, it sounds like you're not properly handling
the case where your read buffer isn't large enough, needs to be
From: owner-openssl-us...@openssl.org On Behalf Of Kyle Hamilton
Sent: Monday, 08 June, 2009 13:46
SSL_ERROR_SYSCALL means that an underlying call to the system failed.
Check errno in that case.
Or in desktop-Windows=Winsock2 WSAGetLastError() .
I don't know if windows mobile(?) is the
From: owner-openssl-users On Behalf Of David Schwartz
Sent: Monday, 14 January, 2008 16:48
In fact, I'm not sure why apache closes connection even if I
set KeepAlive
to On in httpd.conf.
Because that's what HTTP version 1.0 says to do, and you asked
for HTTP 1.0
behavior. If it
Because that's what HTTP version 1.0 says to do, and you asked
for HTTP 1.0
behavior. If it didn't, how would the client know when it got the entire
request?
(You mean the entire response, and in particular response body
aka entity.)
Right.
Content-length is allowed in 1.0, and if
Hi Marek!
Marek.Marcola wrote:
Hello,
I use openssl to work with apache server via https.
But I see a strange situation when second and third calls to send() in
my test-case read
0 bytes from socket.
Can you provide here any help?
You should not use names like send in your program.
Hello!
I use openssl to work with apache server via https.
But I see a strange situation when the second and the third calls
to send()
in my test-case read 0 bytes from socket.
Can you provide here any help?
Why is that surprising? That's exactly what I would expect to happen. When
the
Hi
Thanks for reply.
In fact, I'm not sure why apache closes connection even if I set KeepAlive
to On in httpd.conf.
If I send HTTP/1.1 request
will it also close the socket after reply?
-Dima
David Schwartz wrote:
Hello!
I use openssl to work with apache server via https.
But I
Hi
Thanks for reply.
In fact, I'm not sure why apache closes connection even if I set KeepAlive
to On in httpd.conf.
If I send HTTP/1.1 request
will it also close the socket after reply?
-Dima
David Schwartz wrote:
Hello!
I use openssl to work with apache server via https.
But I
Hi
Thanks for reply.
In fact, I'm not sure why apache closes connection even if I set KeepAlive
to On in httpd.conf.
Because that's what HTTP version 1.0 says to do, and you asked for HTTP 1.0
behavior. If it didn't, how would the client know when it got the entire
request?
If I send
Hello,
I use openssl to work with apache server via https.
But I see a strange situation when second and third calls to send() in
my test-case read
0 bytes from socket.
Can you provide here any help?
You should not use names like send in your program.
send() is already defined system call in
Check this out
http://www.openssl.org/docs/crypto/ERR_error_string.html
HTH
~ Urjit
- Original Message -
From: Carlo Agopian [EMAIL PROTECTED]
To: openssl-users@openssl.org
Cc: Carlo Agopian [EMAIL PROTECTED]
Sent: Tuesday, October 24, 2006 9:58 PM
Subject: RE: SSL_read()
Hi Mark
Hi Mark,
SSL_get_error() returned 0
Carlo
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mark
Sent: Thursday, October 19, 2006 8:09 AM
To: openssl-users@openssl.org
Subject: RE: SSL_read()
Hi Carlo,
I have a single threaded application where
Hello
SSL_get_error() returned 0
Sometimes checking errno may be useful but 0 error means that
your peer shutdown connection. This may be application specific.
Best regards,
--
Marek Marcola [EMAIL PROTECTED]
__
OpenSSL
Hi Carlo,
I have a single threaded application where a SSL_read() is
returning a return code of 0. The openSSL doc suggests that
this is due to a socket shutdown by the peer. Upon this
error, is there anything that I can do to recover the
connection and/or data or do I just need to
Hi Marek,
thank you for the hint. There was a bug in setting up SSL socket.
Aarno
On 28 Sep 2006, at 16:58, Marek Marcola wrote:
Hello,
I first do SSL_connect. Tshark shows following:
0.004727 193.53.0.56 - 130.59.10.95 SSLv2 Client Hello
0.007715 130.59.10.95 - 193.53.0.56 TCP
Hello,
I first do SSL_connect. Tshark shows following:
0.004727 193.53.0.56 - 130.59.10.95 SSLv2 Client Hello
0.007715 130.59.10.95 - 193.53.0.56 TCP 7700 7700 [ACK] Seq=1
Ack=143 Win=6864 Len=0 TSV=2682067880 TSER=1368743865
0.042333 130.59.10.95 - 193.53.0.56 TCP [TCP
Im having a problem with SSL_read. When SSL_read fails and returns
SSL_ERROR_WANT_READ I do select checking for readability but I
never get a
hit and if I try SSL_read again I get the same error. Does anyone
know what
to do?
That sounds like there is just nothing to read.
Im
David Schwartz wrote:
Make sure that you protect the SSL session with a
mutex. You are not allowed to call SSL_read and SSL_write at the same time
on the same session from different threads.
DS
David,
Does same session mean, same instance of an ssl object, or same
instance of a
David,
Does same session mean, same instance of an ssl object, or same
instance of a ctx object?
You are permitted concurrent access to different SSL sessions based on
the
same context. You just cannot read and write to the same session at the same
time. (You also can't read a
Title: intoto Stationery
Hi,
U need to write a separate kernel module using open-ssl
library. I don't think it is possible. Instead of that, u send your data to user
space and there u use the SSL_read and SSL_write functions.
Thanks,
Bhaskar
From: [EMAIL PROTECTED]
[mailto:[EMAIL
Of Vishnubhatla, Vijaya BhaskarSent: Wednesday, June 28,
2006 1:49 PMTo: openssl-users@openssl.orgSubject: RE:
SSL_read/SSL_write from kernel
Hi,
U need to write a separate kernel module using open-ssl
library. I don't think it is possible. Instead of that, u send your data to
user space
Hello,
Thanks, but let me rephrase my question.
There seems to be a requirement for us to process SSL app data from
kernel,
wherein I would like to read the sk_buff and pass it to a crypto
acclerator
(hardware/software), but we face a problem wherein for block ciphers,
we need
to ensure
PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Marek Marcola
Sent: Wednesday, June 28, 2006 8:06 PM
To: openssl-users@openssl.org
Subject: RE: SSL_read/SSL_write from kernel
Hello,
Thanks, but let me rephrase my question.
There seems to be a requirement for us to process SSL app data from
Hello,
I get the strange error140DF114:SSL routines:SSL_read:uninitialized ,
though I have initialized the connection (accept completes successfully).
Maybe SSL_accept() did not return 1 but 0 which is not success.
Checking return code with something like that:
if ( SSL_accept() 0
No, SSL_accept() definitively returns 1 (I check it through debugger, that is
where strangeness comes).
--
View this message in context:
http://www.nabble.com/SSL_read-error-t1586584.html#a4313659
Sent from the OpenSSL - User forum at Nabble.com.
sprintf(head,GET /index.html HTTP/1.1 \t\n\t);
That should be GET /index.html HTTP/1.1\r\nHost: whatever\r\n\r\n.
For
an HTTP/1.1 request, a 'Host' header is required. You also have to handle
chunked encoding if you claim 1.1 compliance.
memset(read, 0, sizeof(read));
res = SSL_read
Straight from the man pages ..
SSL_read() works based on the SSL/TLS records. The data are
received in records (with a maximum record size of 16kB for
SSLv3/TLSv1). Only when a
record has been completely received, it can be processed
(decryption and check of integrity). Therefore
]
[mailto:[EMAIL PROTECTED]
Sent: Monday, March 28, 2005 4:04 PM
To: openssl-users@openssl.org
Subject: Re: SSL_read()
Straight from the man pages ..
SSL_read() works based on the SSL/TLS records. The
data are received in records (with a maximum record size of
16kB for SSLv3
: Monday, March 28, 2005 4:04 PM
To: openssl-users@openssl.org
Subject: Re: SSL_read()
Straight from the man pages ..
SSL_read() works based on the SSL/TLS records. The
data are received in records (with a maximum record size of
16kB for SSLv3/TLSv1). Only when a
record has been completely
My understanding is that SSL_read is similar to the regular read() call in
its semantics. That means the m_length arg you supplied is the max number
of bytes to read (so this obviously should be = size of the buffer
supplied). It will read what ever is available, up to a max of m_length.
So if
On Mon, 31 Mar 2003 07:36:38 GMT, Jean Pierre Cognasse wrote:
The test is between the first called SSL_Write to when SSL_Read
returned
the last byte
And you sent all the data in a single call to SSL_Write?
--
David Schwartz
[EMAIL PROTECTED]
Yes
Jp
That sounds to me like a possible
?
Any ideas? Is it a bug in SSL_Read? Between Date
header and HTTP/1.1 200 OK,
the
terminators 0d 0a 0d 0a confused SSL_read?
From: Gait Boxman
/groups?hl=enlr=ie=UTF-8q=author:gait.boxman%40tie.nl+
([EMAIL PROTECTED] mailto:gait.boxman%40tie.nl)
Subject: Re: SSL_read()
hang after read
Asad,
Check your sockets ALWAYS before reading or writing.
a bit of seek() code should fix this.
SSL fires extra read and write events (asyc sockets win32) that are actually
handled internally by the SSL protocols.
You must check for readability/writability before attempting to get data
from
Set up a BIO socket and use the BIO_gets() function. Below is a modified
example that I got from Eric Rescorla to solve this problem.
#define BUFSIZE 1024
BIO *bio_err;
int Http_Read(void)
{
BIO *io;
BIO *sbio;
BIO *ssl_bio;
SSL *ssl;
SSL_CTX *ctx;
int i;
int c;
Looks like your code is impatient.
When you get continue, 4 retries won't be enough to
get the next response.
Basically, if you get an SSL_ERROR_WANT_READ, you
just need to keep continuing to retry the SSL_read, if you expect more data that
is. So, if you expect a server response, keep
On Wed, Aug 21, 2002 at 09:27:39AM -0400, Louis LeBlanc wrote:
Hey folks. I've been looking thru the OpenSSL online docs for some of
the error message documentation. I've found the pages for err(3),
ERR_error_string(3), ERR_get_errors(3), etc. but I can't find any real
description of what
On Sun, 2002-05-19 at 13:23, Lutz Jaenicke wrote:
On Sun, May 19, 2002 at 10:11:20AM +0100, Chris Plant wrote:
I have established a connection (using SSL_accept), and sent and
received data over it, before the connection is dropped and the server
reports the error (using
Chris Plant [EMAIL PROTECTED] writes:
On Sun, 2002-05-19 at 13:23, Lutz Jaenicke wrote:
On Sun, May 19, 2002 at 10:11:20AM +0100, Chris Plant wrote:
I have established a connection (using SSL_accept), and sent and
received data over it, before the connection is dropped and the server
On Fri, May 24, 2002 at 06:37:30PM +0100, Chris Plant wrote:
I know I posted this the other day, but if I ask for 60bytes, and there
is 200 in the buffer, why is SSL_read() removing it all ?
Are you sure it does? I doubt that any larger application using the
OpenSSL library would actually be
.
-lee
-Original Message-
From: Chris Plant [mailto:[EMAIL PROTECTED]]
Sent: Friday, May 24, 2002 1:59 PM
To: [EMAIL PROTECTED]
Subject: Re: SSL_read()
On Sun, 2002-05-19 at 13:23, Lutz Jaenicke wrote:
On Sun, May 19, 2002 at 10:11:20AM +0100, Chris Plant wrote:
I have established
On Fri, May 24, 2002 at 06:58:40PM +0100, Chris Plant wrote:
On Sun, 2002-05-19 at 13:23, Lutz Jaenicke wrote:
On Sun, May 19, 2002 at 10:11:20AM +0100, Chris Plant wrote:
I have established a connection (using SSL_accept), and sent and
received data over it, before the connection is
On Sun, May 19, 2002 at 10:11:20AM +0100, Chris Plant wrote:
I have established a connection (using SSL_accept), and sent and
received data over it, before the connection is dropped and the server
reports the error (using ERR_get_error_string):
SSL_read: error:1408F10B:SSL
Tobias Rundström wrote:
Hello OpenSSL people.
Here is my problem.
I have abstrahated my net_read and net_write functions so I dont have to worry
about SSL in the main code. This works fine, but the other day I ran into a problem
where my server program didnt read the whole stream.
I
1 - 100 of 123 matches
Mail list logo
