I use non-blocking sockets with SSL_connect and all works fine.
But you must place that call in a loop and use BIO_should_retry.
Here is my C++ wrapped ssl_connect:
DWORD CSocketConnClientSsl::SslConnect()
{
DWORD res=0,res0=0;
bool bRead,bWrite;
fd_set readfds,writefds;
timeval vTimeval,*pTimeval=NULL;
Log(I_SSLLIB_CLT_GENINFO,"CSocketConnClientSsl::SslConnect","Begin");
if(m_dwTimeout!=0xffffffff){
vTimeval.tv_sec=m_dwTimeout/1000;
vTimeval.tv_usec=m_dwTimeout%1000;
pTimeval=&vTimeval;
}
FD_ZERO(&readfds);FD_ZERO(&writefds);
FD_SET(m_socket,&readfds);FD_SET(m_socket,&writefds);
while(1){
res0=SSL_connect(m_pSsl);
if((LONG)res0>0)
break;
if(!BIO_should_retry(m_pBioSocket)){
res=CThreadCsTcpSsl::SslErr(this,m_pSsl,"CSocketConnClientSsl::SslConnect"
,"SSL_connect");
goto end;
}
bRead=bWrite=false;
if(BIO_should_read(m_pBioSocket))
bRead=true;
if(BIO_should_write(m_pBioSocket))
bWrite=true;
res0=select(0,(bRead?&readfds:NULL),(bWrite?&writefds:NULL),NULL,pTimeval)
;
if(res0==SOCKET_ERROR){
res=HRESULT_FROM_WSAERROR(WSAGetLastError());
goto end;
}
if(!res0){
res=E_FRMXCSLIB_SOCKET_TIMEOUT;
goto end;
}
}
Log(I_SSLLIB_CLT_GENINFO,"CSocketConnClientSsl::SslConnect","End");
end:
return res;
}
Pierre De Boeck
Sr System Engineer
Mission Critical (Belgium)
Phone: +32 2 757 10 15 Fax: +32 2 759 276 0
email: [EMAIL PROTECTED]
///
(. .)
---------------------------------oOO--(_)--OOo----------------------
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Sander Alberink
> Sent: Tuesday, May 23, 2000 2:32 PM
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Subject: SSL connect fails
>
>
> Hi,
>
> We are using libwww-ssl to fetch pages from secure webservers on the
> internet, but we find that there are some problems in the way
> this happens.
> Since requests failed in strange ways, we conducted tests to see where
the
> connection attempts failed. After increasing the logging using in
> libwww, it
> became obvious that it was the SSL connect stage that failed every time.
> Further investigation revealed that this problem appears only when the
> connect was done using a non-blocking socket.
> Searching the mailing-lists, it seemed that we are not the only
> ones having
> problems using OpenSSL/libwwwssl with non-blocking sockets. Did anybody
> verify whether or not there is a bug in OpenSSL regarding SSL_connect on
a
> nonblocking socket?
>
> At this moment, we have patched libwwwssl so that just before the
connect
> the socket is put into blocking mode and after the connect has
> succeeded it
> is put back in non-blocking mode. Somehow I feel that this is a kludge
and
> that the real problem is in OpenSSL.
>
> Anybody care to comment?
>
> --
> The woods are lovely, dark and deep,
> But I have lines to code before I sleep, lines
> to code before I sleep.
>
>
BEGIN:VCARD
VERSION:2.1
N:De Boeck;Pierre;;;
FN:Pierre De Boeck
ORG:Mission Critical
TITLE:Sr System Engineer
TEL;WORK;VOICE:+32 (2) 757.10.15
TEL;HOME;VOICE:+32 2 7594496
TEL;WORK;FAX:+32 2 759 27 60
ADR;WORK:;;Avenue Claire 27;Waterloo;;1410;Belgium
LABEL;WORK;ENCODING=QUOTED-PRINTABLE:Avenue Claire 27=0D=0AWaterloo, 1410=0D=0ABelgium
ADR;HOME:;;Dekenijstraat 21 BUS;;6;;Belgium
LABEL;HOME;ENCODING=QUOTED-PRINTABLE:Dekenijstraat 21 BUS=0D=0A, 6 =0D=0ABelgium
EMAIL;PREF;INTERNET:[EMAIL PROTECTED]
REV:19990421T075946Z
END:VCARD
smime.p7s
