SSL: problem with bio in 0.9.9?
Hi all,
I was trying curl/libcurl compiled against OpenSSL 0.9.9.
I noticed a very strange behaviour that I was able to workaround with a
couple of sleep().
Curl fails to connect with:
curl: (52) SSL read: error:140943F2:SSL routines:SSL3_READ_BYTES:sslv3
alert unexpected message, errno 11
The behaviour is proper of the 0.9.9, neither 0.9.8 or 1.0.0 are
affected, however I'd like to understand which is the cause.
As far as I understand debugging, curl registers it's own BIO (socket)
for the SSL object:
curl-dist/lib/ssluse.c:1518
if(!SSL_set_fd(connssl->handle, sockfd)) {
...
My workaround is in ssl3_connect: just put a couple of sleep and
everything works well.
s3_clnt.c:
if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
*** sleep(1); ***
for (;;)
...
case SSL3_ST_CW_CLNT_HELLO_B:
s->shutdown=0;
ret=ssl3_client_hello(s);
if (ret <= 0) goto end;
s->state=SSL3_ST_CR_SRVR_HELLO_A;
s->init_num=0;
*** sleep(1); ***
/* turn on buffering ...*/
if (s->bbio != s->wbio)
s->wbio=BIO_push(s->bbio,s->wbio);
break;
Actually I went into more details, and I saw that the failure is due to:
ssl3_client_hello > ssl3_do_write > ssl3_write_bytes > do_ssl3_write >
ssl3_write_pending > BIO_write > b->method->bwrite
Unfortunately is quite difficult to debug, since debugging step by step
the connection slows down and --similarly as putting the sleep()--
everything goes well.
Any idea?
Best,
--
Emanuele Cesena
Il corpo non ha ideali
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
Re: SSL: problem with bio in 0.9.9?
On Mon, Jun 15, 2009, Emanuele Cesena wrote: > Hi all, > > I was trying curl/libcurl compiled against OpenSSL 0.9.9. > I noticed a very strange behaviour that I was able to workaround with a > couple of sleep(). > > Curl fails to connect with: > curl: (52) SSL read: error:140943F2:SSL routines:SSL3_READ_BYTES:sslv3 > alert unexpected message, errno 11 > > The behaviour is proper of the 0.9.9, neither 0.9.8 or 1.0.0 are > affected, however I'd like to understand which is the cause. > I'm not sure what you mean by that. 0.9.9 will never be released but 1.0.0 will. Are you saying that 1.0.0 snapshots work OK? Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: SSL: problem with bio in 0.9.9?
On Mon, 2009-06-15 at 14:30 +0200, Dr. Stephen Henson wrote: > > I was trying curl/libcurl compiled against OpenSSL 0.9.9. > > I noticed a very strange behaviour that I was able to workaround with a > > couple of sleep(). > > > > Curl fails to connect with: > > curl: (52) SSL read: error:140943F2:SSL routines:SSL3_READ_BYTES:sslv3 > > alert unexpected message, errno 11 > > > > The behaviour is proper of the 0.9.9, neither 0.9.8 or 1.0.0 are > > affected, however I'd like to understand which is the cause. > > > > I'm not sure what you mean by that. 0.9.9 will never be released but 1.0.0 > will. Are you saying that 1.0.0 snapshots work OK? > yes 1.0.0 works ok. However I can't understand which is the difference between 0.9.9 and 1.0.0 which makes things working... I diff-ed the code between 0.9.9 and 1.0.0, but I can't find any difference close to sleep() I put. This is just to have a better knowledge of one of the OpenSSL internals, probably obscure to me ;-) Best, -- Emanuele Cesena Il corpo non ha ideali __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
