Re: SSL_Connect call gives SSL_ERROR_WANT_READ for non blocking sockets

Thu, 17 Nov 2011 10:12:35 -0800 

Hi,
    Thanks for the reply.
I have called the ssl_connect() function again after checking for
SSL_ERROR_WANT_READ
and SSL_ERROR_WANT_WRITE. But I wanted to know if I can optimize my code.
Below is my code

int counter = 6;
        while (status < 0 && --counter >0 )
        {
            if(status < 0)
            {
                error=SSL_get_error(ssl,status);
                if(error == SSL_ERROR_WANT_READ || error ==
SSL_ERROR_WANT_WRITE)
                {
                    MessageLog.Write("****SSL 1st Connect error ", error);
                    usleep(2000000);
                    status = SSL_connect(ssl);
                    error=SSL_get_error(ssl,status);
                    MessageLog.Write("****SSL 2nd Connect error ", error);
                }
                else
                {
                    break;
                }
            }
        } // end of while

I would try for some time and break out saying unable to connect. I am sure
I can optimize this code by using select() but I am unable to make it work.
If there is a better approach please do share.

~Arjun

On Tue, Nov 15, 2011 at 9:04 PM, Huaqing Wang <whuaq...@gmail.com> wrote:

> Hi, Arjun,
>
> For non-blocking case, you have to handle SSL_ERROR_WANT_READ  and
> SSL_ERROR_WANT_WRITE
> In that case you need to redo *SSL_connect.*
> *
> *
> Huaqing
>
> On Tue, Nov 15, 2011 at 5:51 AM, Arjun SM <arjun...@gmail.com> wrote:
>
>> Hi all,
>>    I am newbie to openssl any help is greatly appreciated.
>>
>> I have a requirement of fetching the Common name (domin name )  from the
>> certificate that I request from any HTTPS websites. I followed the regular
>> method of
>>
>> 1. establish a connection with the ip address using *connect() *system
>> call.
>> 2. Use *SSL_connect()* system call to perform handshake.
>> 3. Use *SSL_get_peer_certificate()* to get the certificate.
>>
>> The problem I faced was that, the connect() call would at times return a
>> errno 4 (EINTR) error . So i changed code from blocking to non-blocking
>> sockets and used select() call to have a valid connection and return an
>> appropriate file descriptor.
>> Now the ssl_connect() call returns SSL_ERROR_WANT_READ
>> or SSL_ERROR_WANT_WRITE error. I am unable to make my code work by adding a
>> select() even on ssl_connect() call.
>>
>> If any one can please help as to how I need to use the  ssl_connect() by
>> polling that would be of great help. preferred language would be C/C++
>>
>> thanks,
>> ~Arjun
>>
>>
>>
>>
>>
>
>
> --
> Thank you.
> Best Regards,
> Michael(Huaqing) Wang
>
>

Reply via email to