<snip> I have spent quite some time with SSL_connect, and apart from tcp level socket failures (transient/fatal) and SSL Handshake failures it cannot return error, so ur case is NOT POSSIBLE unless the HOST has run out of memory wherein Openssl_malloc itself fails. So I dont suppose you need to worry about that. </snip>
So what you are saying is the scenario we have been discussing so far is possible ONLY in case of memory allocation issues NOT OTHERWISE. I guess I will have a look at the SSL_connect code before I just trust this :-) >> Tell me if the client fails, why and how long will you wait for feedback? Also isnt that TCP's job? Why should the session layer worry about this? The response from the server is guarenteed unless the underlying tcp channel is in trouble. If SSL_connect fails, the client will block in tcp recv(). If SSL_connect succeeds, the client will block in SSL_read() The client is guarenteed to return, either when it gets The client either gets a response from the server or gets a tcp error and then decides what to do next. The session layer should be concerned about this, as long as it does not get any tcp errors. >>If the client failes with a malloc and memory corruption issues, you might >>as well restart your application..there is no point waiting on any >>feedback. Agreed. >>You cannot fix the symptom, u need to fix the cause and that is why this >>HYPOTHETICAL error occured in the 1st place. First thing is that I am more worried about my server blocking in a SSL_accept() forever. I might be able to get rid of this with timeout. Secondly, I want the communication to continue even if SSL session establishment fails. Now it is obvious that I can not do much in case the error due to which SSL_connect returnd failure is unrecoverable (memory issue is one of them). But if the error is recoverable (which as per your openion an IMPOSSIBLE thing) I would like to attempt further communication on plain tcp socket, for which I want my server to be ready to accept next tcp data packet. I guess I will have a look at the SSL code to see if there are possibilities, other than memory allocation issues, when SSL_connect returns error, unless of course someone who knows the code makes any authoritive statement here :-) Thank you very much for your help. ~ Urjit DISCLAIMER ========== This e-mail may contain privileged and confidential information which is the property of Persistent Systems Pvt. Ltd. It is intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are not authorized to read, retain, copy, print, distribute or use this message. If you have received this communication in error, please notify the sender and delete all copies of this message. Persistent Systems Pvt. Ltd. does not accept any liability for virus infected mails. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]