> From: owner-openssl-us...@openssl.org On Behalf Of Dan Maartens
> Sent: Monday, 13 April, 2009 20:31
> Thanks for your response Dave. With -state and -msg enabled,
> [s_server] seems to be hanging after SSL_accept:SSLv3 flush data.
> When I abort the client at this point (as it will retry forever
> with no success), I get: failed in SSLv3 read client certificate A.
So your server is set to request client cert aka client auth?
Just to be sure, the server 'flush data' is after 'write server hello',
'write certificate', 'write key exchange' and 'write certificate request'?
That indeed should have sent a response that the client should receive.
> Given the stupefying nature of this problem, I'm fairly certain
> it has something to do with our multithreading, but if you have any
> additional suggestion I'd certainly appreciate it.
FW(L)IW, I would try generic divide-and-conquer approaches.
Can you run a network-level monitor e.g. tcpdump to verify
that the response is actually sent to the client machine?
Does netstat on the server show send-q, or on the client recv-q?
Does your app use socket options, like buffering or windows?
I know quite a few exist, but I'm not familiar with most,
and in general if they were wrong I would expect performance
problems not totally-no-data as you have. But if so and you can
omit/skip or change them it might give some info.
Can your app do plain-TCP (nonSSL) connections? To same server machine?
And send and receive data (anything at all)? Blocking/nonblocking?
Good luck.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
