On 5/6/24 11:48, Michael Richardson wrote:
> Now I treat the flush as 'OpenSSL isn't interested in the result
> of the last write anymore'. I'm not sure this assumption is correct,
> but it seems to work... (Well, it could cause duplicate messages
It does not sound correct.
I
> Now I treat the flush as 'OpenSSL isn't interested in the result
> of the last write anymore'. I'm not sure this assumption is correct,
> but it seems to work... (Well, it could cause duplicate messages
It does not sound correct.
Might be true for a read.
But, for a write, I'd thin
t on the wire a function is called that
calls the OpenSSL again that then retries the write. This time
the BIO's write returns '1'.
Now it turns out that at the end of the DTLS handshake (even after
SSL_accept returned success, in Wireshark it looks like the
session key) OpenSSL still
On Fri, 2018-10-26 at 10:07 +0100, Matt Caswell wrote:
> How did you generate this error string? It looks like you might have
> taken the return value (5) from SSL_get_error() and stuffed it into
> ERR_error_string() or a similar function. That would give you output
> like this - but is the incorr
On 24/10/2018 23:34, Skip Carter wrote:
> I have a server-side application that fails when some clients connect:
>
> waiting for SSL accept()...
> SSL_accept() (0) failure -1
> SSL_accept() (1) failure 5
How did you obtain the error number 5? Is this the return value from
SSL_
On Thu, 2018-10-25 at 19:58 +0200, Jakob Bohm via openssl-users wrote:
> First, note the OpenSSL FAQ about how to turn on readable error
> messages.
I am already using the ERR_error_string(), but the result is still
opaque to me.
Error string : error:0005:lib(0):func(0):DH lib
The FAQ says
On 25/10/2018 00:34, Skip Carter wrote:
I have a server-side application that fails when some clients connect:
waiting for SSL accept()...
SSL_accept() (0) failure -1
SSL_accept() (1) failure 5
[DEBUG] Error string : error:0005:lib(0):func(0):DH lib
SSL_accept() sockerrno is: 0
I think
I have a server-side application that fails when some clients connect:
waiting for SSL accept()...
SSL_accept() (0) failure -1
SSL_accept() (1) failure 5
[DEBUG] Error string : error:0005:lib(0):func(0):DH lib
SSL_accept() sockerrno is: 0
I think that something earlier failed silently
On 08/02/18 00:43, Yan, Bob via openssl-users wrote:
> I used a mutex lock to prevent the SSL_accept() method being called by
> multiple thread concurrently since it may get coredump if there is no
> lock on SSL_accept() method. I am just wondering is the lock is still
> needed
Hi All,
I used a mutex lock to prevent the SSL_accept() method being called by multiple
thread concurrently since it may get coredump if there is no lock on
SSL_accept() method. I am just wondering is the lock is still needed for
openssl 1.0.2e version?
mutex.lock();
int rt
function calls only. Error handling code has been applied where applicable
to make sure calls before SSL_accept / SSL_connect does not return any
failure codes. I have also left out initialization methods.
I do not know if it matters, but I run both server and client on localhost.
There might be
On 10/03/16 04:43, Sahib Jakhar wrote:
> On Wed, Mar 9, 2016 at 9:21 PM, Matt Caswell wrote:
>>
>> The problem is caused by the client complaining that the server has sent
>> it an unexpected message. What is the client here? Is that OpenSSL too?
>
> Yes the client is OpenSSL too.
>
Is the cl
On Wed, Mar 9, 2016 at 9:21 PM, Matt Caswell wrote:
>
> The problem is caused by the client complaining that the server has sent
> it an unexpected message. What is the client here? Is that OpenSSL too?
Yes the client is OpenSSL too.
> Are there any errors reported client side that might pin poi
On 09/03/16 12:51, Sahib Jakhar wrote:
> Hi,
>
> I am getting the following error while doing SSL_accept on the server
> side. It comes once in many tries. The error seems to come only on
> windows, Linux and other platforms seem to do well.
>
> The error is:
>
>
Hi,
I am getting the following error while doing SSL_accept on the server
side. It comes once in many tries. The error seems to come only on
windows, Linux and other platforms seem to do well.
The error is:
.\ssl\s3_pkt.c:1146 error:140943F2:SSL routines:SSL3_READ_BYTES:sslv3
alert unexpected
-users] SSL_accept error code
On 08/03/16 01:04, Yan, Bob wrote:
> Hi All,
>
> I have a SSL server application which use SSL_accept to accept the
> connections from client, see the code below:
>
> int retcode = SSL_accept(mSsl);
> unsigned long error = SSL_ge
On 08/03/16 01:04, Yan, Bob wrote:
> Hi All,
>
> I have a SSL server application which use SSL_accept to accept the
> connections from client, see the code below:
>
> int retcode = SSL_accept(mSsl);
> unsigned long error = SSL_get_error(mSsl, retcode);
> ERR_erro
Hi All,
I have a SSL server application which use SSL_accept to accept the connections
from client, see the code below:
int retcode = SSL_accept(mSsl);
unsigned long error = SSL_get_error(mSsl, retcode);
ERR_error_string_n(error, errmsg, sizeof(errmsg));
When something
I have an SSL server, which has, suddenly stopped processing client
requests.
I see the following error.
>> SSL_GET_NEW_SESSION:ssl session id callback failed.
Exactly after 15 seconds of calling SSL_accept, the error is seen. The
socket is non-blocking. The application was running fi
());
if(!SSL_CTX_use_certificate_file(context, certFile,
SSL_FILETYPE_PEM)) ...
if(SSL_CTX_use_PrivateKey_file(context, keyFile, SSL_FILETYPE_PEM)<0
) ...
ssl = SSL_new(context);
SSL_set_fd(ssl,fd); /// fd is an open socket descriptor
SSL_accept(ssl); // or SSL_connect(ssl); in client
and then
Folks
I noticed that in certain cases - SSL_accept call gets hung forever and I had
to restart my process to fix the issue.
I also observe that the SSL_accept creates some latency, is that possible and
if any one of you faced these problems before ? If so , can you please suggest
what could be
tacks vary, the ssl_accept
>> function is found on all of them, below are some of exmaples. I google the
>> related information about this, looks like there is some problem when
>> calling ssl_accept under multi-thread circumstance. My question is, is it
>> possible that calling ssl
Hello,
We used gsoap server with openssl in our application server and encountered
SSL_accept error when the server threads was pooled to limit the number
of threads serving the requests simultaneously. Here is the excerpt of our
log:
Request #1 accepted on socket 4 connected from IP
jeff :
I keep getting some application crash in openssl module, I checked the
> dumps and stacks and found that although the stacks vary, the ssl_accept
> function is found on all of them, below are some of exmaples. I google the
> related information about this, looks like there is som
Dear users,
I keep getting some application crash in openssl module, I checked the
dumps and stacks and found that although the stacks vary, the ssl_accept
function is found on all of them, below are some of exmaples. I google the
related information about this, looks like there is some problem
orming any of the SSL_read()/write(), as long as it makes sure
to receive success from SSL_accept() or SSL_connect() beforehand ?
. If you use s_client
> or similar, you need to get at least the root used, and
> optionally others you like, and put in client truststore.
>
> 3B. If the server CA is one you created (and not delegated
> as a CA under an established CA, which AIUI is difficult and
> costly to obta
y to obtain so probably not), no typical client will
have its root already; for all clients, you must add it.
>When I create a new SSL structure everything goes fine, but when
>I call SSL_accept() on it, I get a return of zero, which when
>I read the error queue says "sslv3 alert bad
everything goes fine, but when I call
SSL_accept() on it, I get a return of zero, which when I read the error
queue says "sslv3 alert bad certificate"
What does this error mean exactly? Is it a problem with my server
certificate itself, the client certificate returned on the verify, or what?
I'm using libssl0.9.8 0.9.8o-3 on Debian Lenny 5.0.3. When I use
SSL_CTX_use_certificate then SSL_CTX_add_extra_chain_cert, I get random
seg faults when calling SSL_accept for subsequent connections that reuse
the SSL_CTX. However, I stopped getting the errors when I rep
the cookie_verify_cb, if this flag is
missing after SSL_accept, the ClientHello had no cookie, and I can
discard the session (after flushing the bio).
Markus
__
OpenSSL Project http
, SSL_OP_COOKIE_EXCHANGE);
s->d1->listen = 1;
ret = SSL_accept(s);
if (ret <= 0) return ret;
(void) BIO_dgram_get_peer(SSL_get_rbio(s), client);
return 1;
}
Correct me if I'm wrong, but I don't see how DTLSv1_listen could work
with nonblocking io at
On Jul 24, 2011, at 12:40 AM, com...@gmx.ch wrote:
> Hi,
>
>
> I got some code which uses nonblocking dtls via self fed bios.
> If a unknown session comes up, I create a new session, feed/drain the
> sessions bios from/to the wire until SSL_accept returns success.
>
Hi,
I got some code which uses nonblocking dtls via self fed bios.
If a unknown session comes up, I create a new session, feed/drain the
sessions bios from/to the wire until SSL_accept returns success.
Now, I added DTLS cookies.
I expected SSL_accept to return an error if a ClientHello
> From: owner-openssl-us...@openssl.org On Behalf Of Saikat Debnath
> Sent: Wednesday, 15 June, 2011 10:59
> I am using openssl-1.0.0d version and having error in SSL_accept.
> SSL_accept() returns -1 which is SSL_ERROR_SYSCALL with
> errno 2 (No such fi
Hi,
I am using openssl-1.0.0d version and having error in SSL_accept.
SSL_accept() returns -1 which is SSL_ERROR_SYSCALL with errno 2 (No such
file or directory) and
ERR_error_string() retuns
error::lib(0):func(0):reason(0)
Can anyone help please to find where is the problem and how to
f that could be interrupting with the way openssl works,
> in the code i am doing accept, then created SSL and CTX and then
> calling SSL_Accept. I am NOT using OpenSSL callbacks.
Okay, that rules out all my obvious candidates for corruption.
> Regarding code, the library i
Server is Single Threaded and is handling all the connections in while(1)
loop, the sockets are blocking but I am using FD_SET options, not sure if
that could be interrupting with the way openssl works, in the code i am
doing accept, then created SSL and CTX and then calling SSL_Accept. I am NOT
> but why its giving this SSL alert number 20.
> Not able to find anything useful for this.
> I am trying to write the server side code using OpenSSL.
> I am getting the following error on SSL_Accept.
> error:1408F119::decryption failed or bad record mac
s_cl
at 10:08 AM, Harshvir Sidhu wrote:
> Hi,
>I am trying to write the server side code using OpenSSL.
>I am getting the following error on SSL_Accept.
>error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad
> record mac
>
>I tried to google on this,
Hi,
I am trying to write the server side code using OpenSSL.
I am getting the following error on SSL_Accept.
error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad
record mac
I tried to google on this, everywhere they were mentioning that there was
some build error
dear all:
No one encountered this problem?
>From: ""
>Reply-To: openssl-users@openssl.org
>To: openssl-users@openssl.org
>Subject: about ssl_accept and memory leak
>Date:Mon, 27 Dec 2010 13:38:49 +0800
>
>Dear openssl-users£¬
>
>
> When using
ir_addr,
&len)) == -1) {
perror("accept");
//exit(errno);
continue;
} else
printf("server: got connection from %s, port %d, socket %d\n",
inet_ntoa(their_addr.sin_addr),
ntoh
Stop opressing women. Girls should NOT be married at puberty to men, men should
NOT be happy for the rest of their lives.
--- On Mon, 12/27/10, lizhiping wrote:
From: lizhiping
Subject: about ssl_accept and memory leak
To: "openssl-users"
Date: Monday, December 27, 201
on from %s, port %d, socket %d\n",
inet_ntoa(their_addr.sin_addr),
ntohs(their_addr.sin_port), new_fd);
/* 基于 ctx 产生一个新的 SSL */
ssl = SSL_new(ctx);
/* 将连接用户的 socket 加入到 SSL */
SSL_set_fd(ssl, new_fd);
/* 建立 SSL 连接
This may be a stretch, but did you confirm the socket is within the
range of sockets your platform allows you to 'select' on? For example,
Linux by default doesn't permit you to 'select' on socket numbers 1,025
and up, though you can have more than 1,024 file descriptors in use
without a pro
On Wed, Nov 3, 2010 at 9:12 AM, David Schwartz wrote:
> On 11/2/2010 6:25 PM, Md Lazreg wrote:
>
>> r=select(m_sock_fd + 1, &fds, 0, 0, ptv);
>> if (r <= 0 && (Errno == EAGAIN || Errno == EINTR))/*if we timed
>> out with EAGAIN try again*/
>> {
>> r = 1;
>>
On 11/2/2010 6:25 PM, Md Lazreg wrote:
r=select(m_sock_fd + 1, &fds, 0, 0, ptv);
if (r <= 0 && (Errno == EAGAIN || Errno == EINTR))/*if we timed
out with EAGAIN try again*/
{
r = 1;
}
This code is broken. If 'select' returns zero, checking errno
end up in the red
line above "I timed out"
With some debugging efforts I see that when this problem hits, both the
client and the server go repeatedly into the green section above, each one
of them seems to want to perform a read as the returned code
is SSL_ERROR_WANT_READ from both
> From: owner-openssl-us...@openssl.org On Behalf Of Sam Jantz
> Sent: Tuesday, 07 September, 2010 17:29
> Where are SSL_accept, and SSL_connect defined? Specifically
> for TLSv1, and SSLv3 connections. I found the definition
> in ssl_lib.c but th
Where are SSL_accept, and SSL_connect defined? Specifically for TLSv1, and
SSLv3 connections. I found the definition in ssl_lib.c but then that calls
s->method->ssl_accept(s). From here the only mention I could find of an
ssl3_accept is in s3_srvr.c which to my understanding is not part
h.c:426
#3 0x08086b50 in ssl3_get_cert_verify (s=0x82524c8) at s3_srvr.c:2676
#4 0x08082df8 in ssl3_accept (s=0x82524c8) at s3_srvr.c:581
#5 0x0806f749 in SSL_accept (s=0x82524c8) at ssl_lib.c:924
#6 0x080609cf in TcpClient::sslNegotiate (this=0x8206960)
...
Any idea wh
client connection (IP) were used by me in 3000 users test done #1 above).
After looking at the /var/log/messages I could see server was trying to do
SSL connection (SSL_accept) with this non-existing clients. I did netstat
for the IP's I have used for my testing and this IP's were seen
: openssl-users@openssl.org
Subject: RE: setting an SSL_accept(...) timeout
i have done networking programming for a while, and i have never run
across that before. thank you so much, you have just saved me a lot of
development time!
-=- adam grossman
On Sun, 2010-04-04 at 22:34 +0200, PMHager wrote
i have done networking programming for a while, and i have never run
across that before. thank you so much, you have just saved me a lot of
development time!
-=- adam grossman
On Sun, 2010-04-04 at 22:34 +0200, PMHager wrote:
> Adam Grossman wrote:
> > thanks for the info, but this is on linux.
Adam Grossman wrote:
> thanks for the info, but this is on linux.
The socket interface is almost the same on linux:
#include
int hSocket;
int dwTimeout=1000; // milliseconds
setsockopt(hSocket,SOL_SOCKET,SO_RCVTIMEO,(void*)&dwTimeout,sizeof dwTimeout);
setsockopt(hSocket,SOL_SOCKET,SO_SNDTI
Peter-Michael,
thanks for the info, but this is on linux.
-=- adam grossman
On Sun, 2010-04-04 at 19:40 +0200, PMHager wrote:
> Adam Grossman wrote:
> > is there a way i can set a timeout for an SSL_accept, either if the
> > handshake does not complete within X seconds (prefered)
Adam Grossman wrote:
> is there a way i can set a timeout for an SSL_accept, either if the
> handshake does not complete within X seconds (prefered), or even if it
> is waiting on a blocking socket and no data comes in for X seconds. I
> know i can use alarms, but i was wondering (ho
On Sun, Apr 04, 2010, Adam Grossman wrote:
> hello,
>
> is there a way i can set a timeout for an SSL_accept, either if the
> handshake does not complete within X seconds (prefered), or even if it
> is waiting on a blocking socket and no data comes in for X seconds. I
> kno
hello,
is there a way i can set a timeout for an SSL_accept, either if the
handshake does not complete within X seconds (prefered), or even if it
is waiting on a blocking socket and no data comes in for X seconds. I
know i can use alarms, but i was wondering (hoping), there was a
mechanism
On Fri, Dec 18, 2009 at 07:56:05PM -0500, Dave Thompson wrote:
> > On postfix 2.5.7 running on Red Hat Enterprise Linux AS release 4
> (Nahant Update 8) I've
> > got the following error message:
>
> > SSL_accept error from 85-18-95-44.ip.fastwebnet.i
n Red Hat Enterprise Linux AS release 4
(Nahant Update 8) I've
> got the following error message:
> SSL_accept error from 85-18-95-44.ip.fastwebnet.it[85.18.95.44]: 0
> SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown
ca:s3_pkt.c:1052:SSL alert number 48:
This is FROM t
p TLS connection from 85-18-95-44.ip.fastwebnet.it[85.18.95.44]
Dec 15 12:09:57 lin2a postfix/smtpd[14097]: SSL_accept error from 85-18-95-44.ip.fastwebnet.it[85.18.95.44]: 0
Dec 15 12:09:57 lin2a postfix/smtpd[14097]: warning: TLS library problem:
14097:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1
> Is there a way to timeout blocking socket without alarm ?
It's hanging indefinitely because you asked it to. A blocking socket
operation blocks as long as it takes to complete the operation. If that's
not what you want, why did you do it?
> 2 - How come when one thread is blocked b
indefinitely looking for a initiated handshake from the client.
Is there a way to timeout blocking socket without alarm ?
2 - How come when one thread is blocked by SSL_accept, every thread are also
blocked waiting for the blocking thread to timeout ?
Any help would be appreciated ! We have looked
ing more ugly that is count tries in a cycle with a sleep()
inside (the factor tries*sleeped-second will count as a timeout).
> 2 - How come when one thread is blocked by SSL_accept, every NEW thread are
> also blocked at SSL_accept waiting for the blocking thread to timeout ?
You may find an
indefinitely looking for a initiated handshake from the client.
Is there a way to timeout blocking socket without alarm ?
2 - How come when one thread is blocked by SSL_accept, every NEW thread are
also blocked at SSL_accept waiting for the blocking thread to timeout ?
Any help would be appreciated
Victor Duchovni wrote:
> On Wed, Jun 17, 2009 at 02:51:10PM -0700, Kyle Hamilton wrote:
>
>> This isn't really an OpenSSL issue, and I'd suggest asking for help
>> from people who are more familiar with postfix. However...
>
> That's what I told him on the Postfix-users list, but he chose
> to c
On Wed, Jun 17, 2009 at 02:51:10PM -0700, Kyle Hamilton wrote:
> This isn't really an OpenSSL issue, and I'd suggest asking for help
> from people who are more familiar with postfix. However...
That's what I told him on the Postfix-users list, but he chose
to come here anyway, despite my best ef
This isn't really an OpenSSL issue, and I'd suggest asking for help
from people who are more familiar with postfix. However...
The log says that none of the names matched:
Jun 15 13:57:46 emily postfix/smtpd[23401]: SSL_accept error from
sepaip2.webish.nl[77.243.228.161]: -1
Jun 1
no(props->stream), props->timeout,
>> TLScontext);
>> if (sts <= 0) {
>> msg_info("SSL_accept error from %s: %d", props->namaddr, sts);
>> tls_print_errors();
>> tls_free_context(TLScontext);
>>
TLScontext);
> if (sts <= 0) {
> msg_info("SSL_accept error from %s: %d", props->namaddr, sts);
> tls_print_errors();
> tls_free_context(TLScontext);
> return (0);
>
> This means that the OpenSSL library error stack did
TLScontext);
> if (sts <= 0) {
> msg_info("SSL_accept error from %s: %d", props->namaddr, sts);
> tls_print_errors();
> tls_free_context(TLScontext);
> return (0);
>
> This means that the OpenSSL library error stack did
x27;m trying to understand why this following code is failing
>> the second or third time... Is it a good way ( meaning first accept()
>> without ssl, then do those association, then SSL_Accept() )
>
> Yes this is the (or at least a) correct sequence.
>
> By 'second
t ssl, then do those association, then SSL_Accept() )
Yes this is the (or at least a) correct sequence.
By 'second or third [fails]' I guess you mean it always works for
the first connection in a given server process?
Code trimmed to vital bits because I'm having to quote by hand:
Hi,
I'm trying to understand why this following code is failing the second or
third time... Is it a good way ( meaning first accept() without ssl, then do
those association, then SSL_Accept() )
<<< tls_socket is just a plain listner socket
sock = accept (tls_socket, (s
Hi,
I am trying to develop a SSL server with asynchronous socket. I am able to
make the asynchronous socket connection but it failed at the handshake step.
In fact, SSL_accept returns < 0 error. In the OpenSSL documentation, for the
< 0 error of the SSL_accept function, we can read "
Is it possible to configure OpenSSL to allow the use of a non-blocking socket
? I red things about BIO* object but I am not sure if it's the good way to
do it.
Thanks.
Normand
David Schwartz wrote:
>
>
>> SSL_accept always returns < 0 error. With SSL_get_error I found
> SSL_accept always returns < 0 error. With SSL_get_error I found that the
> error is SSL_ERROR_WANT_READ.
> During debugging and troubleshooting, I realised that when I use "normal"
> blocking windows socket, SSL_accept works fine.
>
> Why using non-blocking w
Hi,
SSL_accept always returns < 0 error. With SSL_get_error I found that the
error is SSL_ERROR_WANT_READ.
During debugging and troubleshooting, I realised that when I use "normal"
blocking windows socket, SSL_accept works fine.
Why using non-blocking windows socket caused that er
> Hi,
> I replaced the call to SSL_select to this one and it worked !!! Thanks for
> your help.
>
> int i =0;
> while(1 == i)
> {
> dRetVal = SSL_accept(pSsl);
> if(!(SSL_ERROR_WANT_READ == SSL_get_error(pSsl,dRetVal))
[Corrected]
Hi ,
I replaced the call to SSL_accept to this one and it worked !!! Thanks for
your help.
int i =0;
while(1 == i)
{
dRetVal = SSL_accept(pSsl);
if(!(SSL_ERROR_WANT_READ == SSL_get_error(pSsl,dRetVal)))
i=0
Hi,
I replaced the call to SSL_select to this one and it worked !!! Thanks for
your help.
int i =0;
while(1 == i)
{
dRetVal = SSL_accept(pSsl);
if(!(SSL_ERROR_WANT_READ == SSL_get_error(pSsl,dRetVal)))
i=0;
}
So, this
> You are right that I am making a non-blocking SSL_accept call.
> The problem is on vxWorks when 'select' states that some
> connection request
> is present, SSL_accept returns failure with error code as
> SSL_ERROR_WANT_READ.
That's because the connecti
You are right that I am making a non-blocking SSL_accept call.
The problem is on vxWorks when 'select' states that some connection request
is present, SSL_accept returns failure with error code as
SSL_ERROR_WANT_READ.
But if I add some delay in between this 'select' and &
> Hi,
> I am trying to use SSL_accept on vxWorks 5.5 (Pentium). But when the SSL
> client sends the initial handshake message (Client Hello),
> then SSL_accept returns failure with error as SSL_ERROR_WANT_READ.
>
> The same code works fine when used on Linux platform and
>
Hi,
I am trying to use SSL_accept on vxWorks 5.5 (Pentium). But when the SSL
client sends the initial handshake message (Client Hello),
then SSL_accept returns failure with error as SSL_ERROR_WANT_READ.
The same code works fine when used on Linux platform and handshake completes
successfully
Vinni a écrit :
Hello
i am using SSL_CTX_load_verify_locations() to load the CA certs.
I have another question that ..
How actually the SSL_accept get the client certificate ?? Is its internal
function also fetch the
CA certificate of the client or it check the CA list of its own that is set
Hello
i am using SSL_CTX_load_verify_locations() to load the CA certs.
I have another question that ..
How actually the SSL_accept get the client certificate ?? Is its internal
function also fetch the
CA certificate of the client or it check the CA list of its own that is set
by the above
vinni rathore a écrit :
>
> hi,
>
> i am stuck with the error "Unable to get local issuer certificate" and
> then "SSL3_GET_CLIENT_CERTIFICATE: peer certificate not return".
>
> I have created my own certificates using Openssl.exe . I have created
> CACert.pem which is self signed CA certificate
Hi vinni,
As a hint i will reformulate how i understand your problem
The server cannot accept the client certificate because it cannot check
that the certificate have been issued by a trusted CA.
This arise because the CA certificate is not available so the questios are
1) Is the CA ce
hi,
i am stuck with the error "Unable to get local issuer certificate" and then
"SSL3_GET_CLIENT_CERTIFICATE: peer certificate not return".
I have created my own certificates using Openssl.exe . I have created
CACert.pem which is self signed CA certificate and then two other
certificates one is C
On Thu, Mar 20, 2008 at 9:29 PM, David Schwartz <[EMAIL PROTECTED]>
wrote:
>
> To Md Lazreg:
>
> I think I found it.
I think you did find it.
Now I am able to process more than 1000 clients without hanging.
This is great. Thanks a lot for your expertise.
(s->accept(new_s))
{ /* HERE */
call the code above which will call SSL_accept
}
else
{
/*error handling*/
}
The line marked with the 'GAK' should be:
s->set_non_blocking(true);
You do
new_s->set_non_blocking(true);
>if (s->accept(new_s))
>{
> call the code above which will call SSL_accept
>}
>else
>{
> /*error handling*/
>}
>
> Whe
g(true);
if (s->accept(new_s))
{
call the code above which will call SSL_accept
}
else
{
/*error handling*/
}
Where is the call to 'accept' (the system's 'accept'
Hi David,
On Thu, Mar 20, 2008 at 12:38 PM, David Schwartz <[EMAIL PROTECTED]>
wrote:
>
> > Hi David,
>
> > My code looks like this:
>
> 1 while(1)
> 2 {
> 3r = SSL_accept(m_ssl);
> 4if (r > 0)
> 5
> Hi David,
> My code looks like this:
1 while(1)
2 {
3 r = SSL_accept(m_ssl);
4if (r > 0)
5{
6 break;
7}
8r = ssl_retry(r);
9if ( r <= 0)
10
Hi David,
My code looks like this:
1 while(1)
2 {
3r = SSL_accept(m_ssl);
4if (r > 0)
5{
6 break;
7}
8r = ssl_retry(r);
9if ( r <= 0)
10
> Hi,
> I have setup an SSL server that works fine up to
> 400 connected clients.
> When I try to have more then 400 clients, then my server hangs in the
> SSL_accept call This happens very randomly, sometimes beyond 1000
> connected clients...
> The server is dead on
1 - 100 of 277 matches
Mail list logo