RE: Error accepting connections

Ramtin Thu, 02 Nov 2006 20:22:36 -0800

I am a newbie to openssl, and dont know what your problem actually is!
But if you want to use locks this may help:
include the pthread.h, ofcourse you already do that.

create a mutex:
pthread_mutex_t mut;

initialize it:
pthread_mutex_init(&mut, NULL);

From now on, you can create critical sections using lock and unlock.
lock:
pthread_mutex_lock(&mut);
unlock:
pthread_mutex_unlock(&mut);

hope be useful

"Dinh, Thao V CIV B32-Branch" <[EMAIL PROTECTED]> wrote:

Prabbu/Marek/Chong
I have a SSL server application. It creates threads for each client
connection.
My server call accept(). After the sock = accept() return, I put SSL on
sock, spin-off a thread for that client. All socks share the same 'ctx'
in the server. How do I lock SSL object 'ctx' properly in this case ??
Should I generate different 'ctx' for each client, instead of share ??
Please Help.

TD

-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Prabhu.S
Sent: Thursday, November 02, 2006 9:37
To: openssl-users@openssl.org
Subject: Re: Error accepting connections

Marek/Chong,

Thanks for your reply.

As Marek poited out the issue was in the way mutithreading was achieved
in server. The locking of SSL context objects 'ctx' was not done
properly. The issue is solved now.

Chong ,

I tried using sslv23_server_method but it didn't help .

----- Original Message -----
From: "Marek Marcola" <[EMAIL PROTECTED]>
To:
Sent: Wednesday, November 01, 2006 4:33 AM
Subject: Re: Error accepting connections

> Hello,
> > I have a SSL Server application .. In a test scenario 20 clients
try
> > connecting to the server simultaneously. In most of the test run
> > atleast one connection fails. The server logs the following message
> > for the failed connection:
> >
> > ** server.c:809 Error accepting SSL connection
> > 14658:error:1408F455:SSL routines:SSL3_GET_RECORD:decryption failed
or
> > bad record mac:s3_pkt.c:426:
> >
> > What is the reason for this inconsistent handshake failures?
> >
> > I have OpenSSL 0.9.8a .
> This error can appear for a few reasons, for example:
> - bad packet decryption (errors in key or cbc xor)
> - bad decompression
> - MAC length in packet greater than packet
> - bad or NULL MAC
> But in this situation I would suggest checking proper
> setting of callback locking functions if your server
> is multithreading. Locking is used by OpenSSL in multithreading
> environment in this situation should be checked first.
> (assuming that I am knowing nothing about your server).
>
> Best regards,
> --
> Marek Marcola <[EMAIL PROTECTED]>
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@openssl.org
> Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]

Get your email and see which of your friends are online - Right on the new Yahoo.com

RE: Error accepting connections

Reply via email to