I've seen some unclean shutdown errors a few times but never managed to get a repro case. What client are you using, how do you reproduce this? I presume you have the same SetEnvIf ssl-unclean-shutdown settings for broken clients when comparing 1.3 and 2.0 behaviour?
On Thu, Feb 05, 2004 at 11:06:57AM -0800, Mathihalli, Madhusudan wrote: > Hi, > It's been a while since I played with the Apache code, and it'll > be nice if somebody can help me here. > > I put some debug statements in the ssl_engine_io.c - in > bio_filter_out_write() and bio_filter_in_read() to see if the alert > message is actually being sent, and got the following output: > > bio_filter_out_write: trying to write inl: 900 (length 0 blen 0) > bio_filter_out_write: buffering data (NO WRITE YET) > bio_filter_out_flush: trying to flush blen: 900 > bio_filter_out_write: trying to write inl: 67 (length 0 blen 0) > bio_filter_out_write: buffering data (NO WRITE YET) > bio_filter_out_flush: trying to flush blen: 67 > (70014)End of file found: bio_filter_in_read: got EOF - returning -1 (at the end) > (70014)End of file found: SSL input filter read failed. > ------>> Does the socket fd get closed at this point ? > bio_filter_out_write: trying to write inl: 23 (length 0 blen 0) > bio_filter_out_write: buffering data (NO WRITE YET) > ------>> This is the close notify message that SSL_set_shutdown() was trying to send > - but it never gets sent because the message is buffered. Maybe we need to revisit > the logic of bio_filter_out_write() ? And you're sure that the client sent a close notify alert before the EOF? joe
