I only mentioned the renegotiation because when I found references to
that when trying to solve this problem, I'm not sure if this is actually
what causes it.
I'm not initiating any renegotiation myself, nor have I seen anything
about that in the logs.
Meanwhile, I haven't been able to solve this yet, however, I did found
that the problem can be quite easily reproduced using the
OverbyteIcsSimpleSslCli and OverbyteIcsSimpleSslServer demo projects,
and their certificates, provided in the ICS download.
I've made some little changes on both projects to get the request /
reply game running, besides this, the client has a timer on which it
sends 'spontaneous' data (that means not initiated by the request /
The more I dig into this, the more it seems that it's either a bug on
OpenSSL, or a bug in the ICS implementation / ICS does something which
is not allowed by OpenSSL. I really can't imagine it's a bug in OpenSSL,
so it's pointing mainly towards user error or problems in ICS itself.
I'm really hoping I'm doing something terribly wrong, but at the moment
it looks like using ICS with OpenSSL for a connection where spontaneous
data is being sent will not give a stable result :(
I've uploaded the altered ICS demo projects here:
I really hope someone can take a look at this, maybe confirm if the
problem is reproducible and see if I'm doing something wrong or this is
indeed a problem inside ICS / OpenSSL.
To reproduce with these test projects do as follows:
- start server app
- press 'start' button on server app
- start client app
- press 'connect' button on client app
- as soon as the SSL authentication is done, you will see the client
sending frequent keep alives and the server receiving them (each 500 ms)
- press the 'start' button on the client, this will make the client send
a request, and the server sent 9000 bytes of data back
- after a short while, you will see the server stops receiving data, the
request / reply routine stops working (the server doens't receive the
requests anymore), you will see the client still sending keep alives,
but the server does not receive them anymore.
- in this situation, the server will never receive data on that socket
Hoping for a push into the right direction.
thanks in advance,
On 25/11/2015 17:56, Angus Robertson - Magenta Systems Ltd wrote:
In short, it seems that OpenSSL can get confused when application
data is sent while it is doing renegotiation itself, if I
Could this be the problem we are experiencing, or does the ICS
implementation around OpenSSL take this into account?
Why would you application be doing renegotiation? Did you see any of that in
As far as I'm aware, the ICS OpenSSL implementation is full duplex, as is
But most protocols are essentially half duplex, unless streaming lining is used.
But I did not write ICS OpenSSL implementation, and try to avoid the deep
complexities of it, except for the parts I keep updating to improve it.
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be