Hi David, This is on SuSE 10.3. The socket is non-blocking, for the only reason that I thought it would make debugging the problem easier. With the socket in blocking mode (which is all I need), I have the problem where SSL_connect never returns.
I'm looking at errno becuase the information returned by SSL_get_error wasn't very useful. To recap, here's the results of all the various debugging that I have in place: SSL_connect: -1 SSL_get_error: 2 ERR_error_string: error:00000002:lib(0):func(0):system lib errno: 11 A few other notes, I am connecting to the openssl/s_server, so that end should be OK. This is all happening inside of a multi-threaded app, which could be part of the problem. In a separate, very simple (and non-threaded) client app which I wrote, I can connect via TCP and SSL and transmit/read just fine. So that rules out machine/network level stuff. I have also tried calling SSL_connect in a loop, just to test to see if waiting/re-calling helps, but it doesn't. The same error occurs each time. That's everything I can think of. Any additional help is certainly appreciated. -Dan On Fri, Apr 10, 2009 at 2:30 PM, David Schwartz <dav...@webmaster.com>wrote: > > > I'm attempting to establish an SSL connection, where everything > > seems OK until SSL_connect, which returns -1. error is set to 11, > > and perror() gives "Resource temporarily unavailable." > > ERR_error_string rather useless output: > > error:00000002:lib(0):func(0):system lib, even though both > > SSL_load_error_strings() and ERR_load_crypto_strings() have been called. > > What operating system? Is this a blocking or a non-blocking socket? > > The documentation says to call SSL_get_error in this case. Why are you > checking 'errno'? Did something tell you to? > > It is almost always an error to check 'errno' unless specifically directed > to. Some functions will internally get errors but then handle those errors, > leaving 'errno' with a junk value. Unless the documentation of some > function > tells you that it sets 'errno' to a meaningful value in a particular case, > assume it is meaningless. Nothing in the documentation for a -1 return from > 'SSL_connect' says to check 'errno'. > > DS > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org >