On 11/24/04 05:33 PM, Dr. Stephen Henson sat at the `puter and typed: > On Wed, Nov 24, 2004, Louis LeBlanc wrote: > > > On 11/23/04 10:47 PM, Dr. Stephen Henson sat at the `puter and typed: > > > On Tue, Nov 23, 2004, Louis LeBlanc wrote: > > > > <SNIP> > > > Does the connection seem otherwise OK and you just get this error after > > > all > > > data has been transferred? > > > > Yes. The connection is established at the socket level - nonblocking > > initially, then the SSL connection is established. Error checking is > > *very* thorough in this stage, so I'm pretty sure if it comes through, > > everything went ok. > > > > Once the SSL connection is established, the socket is set back to > > blocking. > > > > What I mean was does this error occur just after the inital connection, during > the transfer of data or after all data has been transferred?
Oh. Sorry. The problem occurs just after the connection is established and request headers are sent, with the very first call to SSL_read(). It looks to me like my client is trying to read the headers, and gets the EOF. > > > Its possible that the system is being impolite and forcibly closing the > > > connection at the socket level. > > > > You mean the server? Why would it do this with my client and not any of > > the browsers I've pointed at it? > > > > If the error occurs after transfer of all data then the browsers might > tolerate the impoliteness. Not the case. Perhaps I'm botching something in the request . . . Not sure why it would be bad for just this one server . . . > > Once again, this is probably the only system the client can't fetch > > from. I don't have any trouble fetching from Apache on Linux, Solaris, > > FreeBSD, Windows, and no trouble fetching from IIS, Zope, or Netscape > > servers either. Why would IBM Apache (Websphere, I think) be any > > different? > > > > Thank you for the response. If this added info gives you any ideas, I'd > > love to hear them. > > > > Have you tried connecting using s_client? I suggest you try it with -bugs and > possibly also restricting the ciphersuites in use too and possibly the SSL > protocols too. Now that sheds a little light. It comes through fine even without the -bugs parameter, so it looks like my app isn't handling something right. Is there something I can do prior to the SSL_read() to verify that it's set up correctly? In the meantime, I'll run back to the client code and get it to reproduce the behavior with the s_server feature. Perhaps it will be a little more verbose than the server. Thanks a lot! Lou -- Louis LeBlanc [EMAIL PROTECTED] Fully Funded Hobbyist, KeySlapper Extrordinaire :) http://www.keyslapper.org ԿԬ QOTD: "I drive my car quietly, for it goes without saying." ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
