Matti Aarnio <[EMAIL PROTECTED]>:
> [...] if the ZMailer smtpserver is deoptimized so that each reply will
> always be sent as its own TLS write (same as CommuniGate Pro does), then
> things will break when read-ahead is set at the connecting smtp client.
[...]
> First with READ-AHEAD set:
>
> MAIL From:<[EMAIL PROTECTED]> BODY=8BITMIME SIZE=283
> RCPT To:<[EMAIL PROTECTED]> ORCPT=rfc822;[EMAIL PROTECTED]
> RCPT To:<[EMAIL PROTECTED]> ORCPT=rfc822;[EMAIL PROTECTED]
> DATA
> smtp_sfwrite() to write 185 bytes
> # write to 20221D00 [120242590] (213 bytes => 213 (0xD5))
> (cipher dump omitted)
> # read from 20221D00 [120239D80] (18437 bytes => 61 (0x3D))
> (cipher dump omitted)
> # smtp_nbread() rc=28 errno=4
> # 0000 32 35 30 20 32 2e 31 2e|30 20 53 65 6e 64 65 72 250 2.1. 0 Sender
> # 0010 20 73 79 6e 74 61 78 20|4f 6b 0d 0a syntax Ok..
> 250 2.1.0 Sender syntax Ok
> # read from 20221D00 [120239D80] (18437 bytes => 279 (0x117))
> (cipher dump omitted)
> # smtp_nbread() rc=73 errno=4
> # 0000 32 35 30 20 32 2e 31 2e|35 20 4f 6b 3b 20 63 61 250 2.1. 5 Ok; ca
> # 0010 6e 20 61 63 63 6f 6d 6f|64 61 74 65 20 32 38 33 n accomo date 283
> # 0020 20 62 79 74 65 20 6d 65|73 73 61 67 65 20 66 6f byte me ssage fo
> # 0030 72 20 3c 6e 6f 62 6f 64|79 40 6e 69 63 2e 66 75 r <nobod [EMAIL PROTECTED]
> # 0040 6e 65 74 2e 66 69 3e 0d|0a net.fi>. .
> 250 2.1.5 Ok; can accomodate 283 byte message for <[EMAIL PROTECTED]>
> [Some OK - code=250, idx=1, pipeindex=3]
> Timeout (300 sec) while waiting responses from remote
What does the client code look like? If you use select() to wait for
readable data without doing a trial call to SSL_read first, you cannot
expect things to work because by calling SSL_set_read_ahead(s, 1) you
allow the library to read more data from the network socket (or other
BIO) than is necessary for processing the current SSL/TLS record; it
then is stored in buffers owned by the SSL structure that select()
cannot know about. It's looks very likely that this what happens
here. (The server writes its three responses in seperate SSL records,
but the second and third record are transported in the same TCP record
because of Nagle's algorithm; so, with read-ahead enabled, they are
read in the same read() call initiated by the SSL library.)
Note that there isn't any compelling reason to use SSL_set_read_ahead
unless the BIO underlying SSL connection is very expensive to use.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
