Article delegate-en/2676 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: SSLway on Linux?
24 Jun 2004 22:05:14 GMT (Yutaka Sato)
The DeleGate Project

On 06/24/04(23:46) you "Michael Richter" <> wrote
in <_A2674@delegate-en.ML_>
 |the -bugs option didn't help...
 |I don't get the problem with any site. The site is
 | and I get everytime EOF during the request.
 |By using the lastest windows delegate I didn't get any error. Like
 |described in my last mail, Mr. Roger Hohman (article 2418) has the same
 |problem withing the same URL (I asked him yesterday using his mail

Thank you for your information. I tested the site with SSLway and saw
the same problem.  Then, I tested the server with OpenSSL as follows.

% openssl s_client -connect -cert client.pem
GET / HTTP/1.0

It works.  So the problem is in the usage of OpenSSL by SSLway.
First, I located the SSL library function where error occurs.  Running
a DeleGate with SSLway and putting a HTTP request manyally with telnet,
I noticed that the server does not disconnect during input from client,
and SSLway gets some error at the first SSL_read() to get the first
user level data response from server.  Next, I replaced SSL_read()
with read(), and saw that read() gets some data from server.  So the
cause of the error is not unexpected disconnection from server.  Then
I saw the source code of s_client.c and found that SSL_read() may
return a temporary error code to show some kind of status transitions.
Thus I made a patch like enclosed to retry SSL_read() on error, and
confirmed it works with the server.

  D G   Yutaka Sato <>
 ( - )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller

*** ../dist/delegate8.9.5/filters/sslway.c	Fri May 14 16:31:37 2004
--- sslway.c	Fri Jun 25 06:42:33 2004
*** 489,494 ****
--- 489,510 ----
  		rem -= wcc;
+ static SSL_readx(ssl,buf,siz)
+ 	SSL *ssl;
+ 	char *buf;
+ {	int rcc;
+ 	rcc = SSL_read(ssl,buf,siz);
+ 	if( rcc < 0 ){
+ 		ERROR("<SSL_read()=%d ERR=%d\n",rcc,SSL_get_error(ssl,rcc));
+ 		rcc = SSL_read(ssl,buf,siz);
+ 		ERROR(">SSL_read()=%d ERR=%d\n",rcc,SSL_get_error(ssl,rcc));
+ 	}
+ 	return rcc;
+ }
+ #define SSL_read SSL_readx
  static ssl_relay(accSSL,accfd,conSSL,confd)
  	SSL *accSSL,*conSSL;
  {	int fdv[2],rfdv[2],nready,rcc,wcc;

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]