Article delegate-en/2680 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A2676@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: SSLway on Linux?
25 Jun 2004 07:34:19 GMT "Michael Richter" <pnufabdyi-dyd2yvdhvoxr.ml@ml.delegate.org>


> Thank you for your information. I tested the site with SSLway and saw
> the same problem.  Then, I tested the server with OpenSSL as follows.
>
> % openssl s_client -connect wpdynamic.wpsbank.de:443 -cert client.pem
> GET / HTTP/1.0
>
>
> It works.  So the problem is in the usage of OpenSSL by SSLway.
> First, I located the SSL library function where error occurs.  Running
> a DeleGate with SSLway and putting a HTTP request manyally with telnet,
> I noticed that the server does not disconnect during input from client,
> and SSLway gets some error at the first SSL_read() to get the first
> user level data response from server.  Next, I replaced SSL_read()
> with read(), and saw that read() gets some data from server.  So the
> cause of the error is not unexpected disconnection from server.  Then
> I saw the source code of s_client.c and found that SSL_read() may
> return a temporary error code to show some kind of status transitions.
> Thus I made a patch like enclosed to retry SSL_read() on error, and
> confirmed it works with the server.
>
> Cheers,
> Yutaka
> --
>   D G   Yutaka Sato <y.sato@delegate.org> http://delegate.org/y.sato/
>  ( - )  National Institute of Advanced Industrial Science and Technology
> _<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
> Do the more with the less -- B. Fuller
>
> *** ../dist/delegate8.9.5/filters/sslway.c	Fri May 14 16:31:37 2004
> --- sslway.c	Fri Jun 25 06:42:33 2004
> ***************
> *** 489,494 ****
> --- 489,510 ----
>   		rem -= wcc;
>   	}
>   }
> +
> + static SSL_readx(ssl,buf,siz)
> + 	SSL *ssl;
> + 	char *buf;
> + {	int rcc;
> +
> + 	rcc = SSL_read(ssl,buf,siz);
> + 	if( rcc < 0 ){
> + 		ERROR("<SSL_read()=%d ERR=%d\n",rcc,SSL_get_error(ssl,rcc));
> + 		rcc = SSL_read(ssl,buf,siz);
> + 		ERROR(">SSL_read()=%d ERR=%d\n",rcc,SSL_get_error(ssl,rcc));
> + 	}
> + 	return rcc;
> + }
> + #define SSL_read SSL_readx
> +
>   static ssl_relay(accSSL,accfd,conSSL,confd)
>   	SSL *accSSL,*conSSL;
>   {	int fdv[2],rfdv[2],nready,rcc,wcc;
>
>

It works fine !!!! Thank you for this quick help !

Michael




  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V