[
https://issues.apache.org/jira/browse/PROTON-1587?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16183389#comment-16183389
]
ASF subversion and git services commented on PROTON-1587:
---------------------------------------------------------
Commit c31ca95ac73d0da462f7e324e1c3a33b11c39f2c in qpid-proton's branch
refs/heads/master from [~aconway]
[ https://git-wip-us.apache.org/repos/asf?p=qpid-proton.git;h=c31ca95 ]
PROTON-1587: fix openssl error handling, causing spurious errors
>From the SSL_get_error() man page:
In addition to ssl and ret, SSL_get_error() inspects the current
thread's OpenSSL error
queue. Thus, SSL_get_error() must be used in the same thread that
performed the TLS/SSL I/O
operation, and no other OpenSSL function calls should appear in between.
The current
thread's error queue must be empty before the TLS/SSL I/O operation is
attempted, or
SSL_get_error() will not work reliably.
Proton was not clearing the error queue, so the "shutdown-during-init"
error (which was introduced recently in OpenSSL) was left dangling, and was
reported incorrectly when the thread was used to serve another transport.
> failure on one SSL connection causes error:140E0197:SSL
> routines:SSL_shutdown:shutdown while in init
> ----------------------------------------------------------------------------------------------------
>
> Key: PROTON-1587
> URL: https://issues.apache.org/jira/browse/PROTON-1587
> Project: Qpid Proton
> Issue Type: Bug
> Components: proton-c
> Reporter: Gordon Sim
> Assignee: Alan Conway
> Labels: tls
> Fix For: proton-c-0.18.0
>
> Attachments: proton-1587.tgz
>
>
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
