I'm currently using OpenSSL 0.9.7d on windows through the ACE library. My
application is multithreaded, and use two SSL_CTX one for the thread that does
SSL_write() and one for the threads that do the SSL_read().
Everything goes fine for the major part, but some times I got error on the
SSL_read() call:
1244 -- 20040627-03:35:02 3 ACE_SSL (1092|1244) error code: 336216132 -
error:140A4044:SSL routines:SSL_clear:internal error
It's always the same error.
It happens from time to time, and I can't explain where it could come from. I
looked at the openssl source code, and the only place where this error could be
generated is in SSL_clear(), in this case:
if (s->new_session)
{
SSLerr(SSL_F_SSL_CLEAR,ERR_R_INTERNAL_ERROR);
return 0;
}
Why a call to SSL_read() may end in a call to SSL_clear() ? And what this
->new_session>0 would mean ? May it have some problems with multithreading ?(I'm
new to OpenSSL).
The ACE code to call SSL_read() is the following :
bytes_read = ::SSL_read (this->ssl_,
static_cast<char *> (buf),
n);
const int status = ::SSL_get_error (this->ssl_, bytes_read);
switch (status)
{
case SSL_ERROR_NONE:
if (timeout != 0)
ACE::restore_non_blocking_mode (handle, val);
return bytes_read;
case SSL_ERROR_WANT_READ:
case SSL_ERROR_WANT_WRITE:
errno = EWOULDBLOCK;
return -1;
case SSL_ERROR_ZERO_RETURN:
if (timeout != 0)
ACE::restore_non_blocking_mode (handle, val);
// The peer has notified us that it is shutting down via the SSL
// "close_notify" message so we need to shutdown, too.
(void) ::SSL_shutdown (this->ssl_);
return bytes_read;
case SSL_ERROR_SYSCALL:
if (bytes_read == 0)
// An EOF occured but the SSL "close_notify" message was not
// sent. This is a protocol error, but we ignore it.
return 0;
// If not an EOF, then fall through to "default" case.
// On some platforms (e.g. MS Windows) OpenSSL does not store
// the last error in errno so explicitly do so.
ACE_OS::set_errno_to_last_error ();
break;
default:
// Reset errno to prevent previous values (e.g. EWOULDBLOCK)
// from being associated with a fatal SSL error.
errno = 0;
ACE_SSL_Context::report_error ();
break;
}
return -1;
It seems that's the "default" case that display this error.
I would be glad to have any lights or help on this problem.
Thanks in advance.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
