I have a SSL proxy server. Intermittently, SSL_read will fail. It's been very hard for me to get debugging information because it is intermittent, but I have a core dump now (I used an assert to get the core, the library did not segfault or anything). This seems to happen even though the connection appears to have successfully transferred data in the past. Also, it's worth noting that this is a highly mutlithreaded server so it's possible that many things are happening with the SSL library in other threads, but I've tried to follow all the thread concurency rules, and nothing else should be messing with the bios or ssl objects in use by this thread.
Here's what happens: SSL_read returns less than zero SSL_get_error returns SSL_ERROR_SSL Using ERR_get_error and ERR_error_string_n results in: error:1409F080:SSL routines:SSL3_WRITE_PENDING:bio not set error:1408A0E2:SSL routines:SSL3_GET_CLIENT_HELLO:clienthello tlsext Bellow is some output from the core describing the ssl object and the bios. If anybody could shed some light on this, I would really appreciate it. One thing that may be different than most people that I have going on is that I have a custom bio that is part of the chain to the client when the connection is established and later removed, but the connection to the server (What is producing this error) never sees any bio funny business, so I don't think that should have any sort of impact. (gdb) print *connptr->sbuffer->ssl $5 = {version = 770, type = 4096, method = 0x7f136dff2880, rbio = 0x7f133052d640, wbio = 0x7f133052d640, bbio = 0x0, rwstate = 3, in_handshake = 0, handshake_func = 0x7f136ddb8aa0, server = 0, new_session = 0, quiet_shutdown = 0, shutdown = 0, state = 3, rstate = 240, init_buf = 0x0, init_msg = 0x7f133056d644, init_num = 0, init_off = 0, packet = 0x7f1360464153 "\027\003\002\f\340\371O\024\206\062\376RG\321\351i\223\005G\241lHTTP/1.1 200 OK\r\nDate: Tue, 12 Aug 2014 20:22:19 GMT\r\nContent-Type: text/xml; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nStrict-Tran"..., packet_length = 0, s2 = 0x0, s3 = 0x7f133035f0d0, d1 = 0x0, read_ahead = 0, msg_callback = 0, msg_callback_arg = 0x0, hit = 0, param = 0x7f13301d5cf0, cipher_list = 0x0, cipher_list_by_id = 0x0, mac_flags = 0, enc_read_ctx = 0x7f133057b530, read_hash = 0x7f133057b4f0, expand = 0x0, enc_write_ctx = 0x7f133057ae50, write_hash = 0x7f133057a8d0, compress = 0x0, cert = 0x7f133052d510, sid_ctx_length = 0, sid_ctx = '\000' <repeats 31 times>, session = 0x7f1330413cc0, generate_session_id = 0, verify_mode = 0, verify_callback = 0x456d19 <certificate_verification_callback+108>, info_callback = 0, error = 0, error_code = 0, psk_client_callback = 0, psk_server_callback = 0, ctx = 0x202bbb0, debug = 0, verify_result = 0, ex_data = {sk = 0x0, dummy = 0}, client_CA = 0x0, references = 1, options = 2147486719, mode = 0, max_cert_list = 102400, first_packet = 0, client_version = 770, max_send_fragment = 16384, tlsext_debug_cb = 0, tlsext_debug_arg = 0x0, tlsext_hostname = 0x7f133026fd90 "lastpass.com", servername_done = 0, tlsext_status_type = -1, tlsext_status_expected = 0, tlsext_ocsp_ids = 0x0, tlsext_ocsp_exts = 0x0, tlsext_ocsp_resp = 0x0, tlsext_ocsp_resplen = -1, tlsext_ticket_expected = 1, tlsext_ecpointformatlist_length = 3, tlsext_ecpointformatlist = 0x7f133011aa90 "", tlsext_ellipticcurvelist_length = 50, tlsext_ellipticcurvelist = 0x7f13302f5090 "", tlsext_opaque_prf_input = 0x0, tlsext_opaque_prf_input_len = 0, tlsext_session_ticket = 0x0, tls_session_ticket_ext_cb = 0, tls_session_ticket_ext_cb_arg = 0x0, tls_session_secret_cb = 0, tls_session_secret_cb_arg = 0x0, initial_ctx = 0x202bbb0, next_proto_negotiated = 0x0, next_proto_negotiated_len = 0 '\000', srtp_profiles = 0x0, srtp_profile = 0x0, tlsext_heartbeat = 1, tlsext_hb_pending = 0, tlsext_hb_seq = 0, renegotiate = 0, srp_ctx = {SRP_cb_arg = 0x0, TLS_ext_srp_username_callback = 0, SRP_verify_param_callback = 0, SRP_give_srp_client_pwd_callback = 0, login = 0x0, N = 0x0, g = 0x0, s = 0x0, B = 0x0, A = 0x0, a = 0x0, b = 0x0, v = 0x0, info = 0x0, strength = 1024, srp_Mask = 0}} (gdb) print *connptr->sbuffer->ssl->rbio $6 = {method = 0x7f136db8a5e0, callback = 0, cb_arg = 0x0, init = 1, shutdown = 0, flags = 9, retry_reason = 0, num = 91, ptr = 0x0, next_bio = 0x0, prev_bio = 0x0, references = 1, num_read = 7752, num_write = 2188, ex_data = {sk = 0x0, dummy = 862740789}} (gdb) print *connptr->sbuffer->ssl->wbio $7 = {method = 0x7f136db8a5e0, callback = 0, cb_arg = 0x0, init = 1, shutdown = 0, flags = 9, retry_reason = 0, num = 91, ptr = 0x0, next_bio = 0x0, prev_bio = 0x0, references = 1, num_read = 7752, num_write = 2188, ex_data = {sk = 0x0, dummy = 862740789}} -- *David Hinkle* *Senior Software Developer* *Phone:* 800.243.3729x3000 *Email:* hin...@cipafilter.com *Hours:* Mon-Fri 8:00AM-5:00PM (CT)