On 5/31/2013 07:31, Dennis wrote:
I am using LNet 's SSL sockets on ubuntu.
When I use a self signed certificate and the browser gets a warning, it seems
the browser immediately send a close-notify or shutdown ssl signal to the server
and then without waiting close the connection.
sadly, this is common practice... in a firewall product i work with, we called
the traffic afterward a "spurious firewall hit" because the firewall logged the
traffic which came after the connection was already terminated... most of the
time, this traffic was termination acknowledgment...
this problem can originate in the other direction as well... the server may
close the connection without waiting on the client to acknowledge... both cases
can be problematic (eg: "spurious firewall hit")
On my server side (written with Lnet SSL), it did not know the connection was
closed already and still thinking of handling the close-notify + shutdown tries
to shutdown the SSL on its side and then encounter the serious PIPE error (which
I guess it tries to send acknowledge of the close-notify/shutdown back to the
browser) when the pip is already closed. I guess Lnet SSL implementation is not
aware that the other side can close the connection without waiting for its
acknowledgement.
sounds like it...
This external SIGPIPE immediately crash the program even though the original
Lnet codes has a try except block.
Is there something I can do to trap this external SIGPIPE?
(I tried emaillng the author but no response for weeks).
i have no idea... i only wanted to provide confirmation of the practice as
mentioned above...
--
NOTE: No off-list assistance is given without prior approval.
Please keep mailing list traffic on the list unless
private contact is specifically requested and granted.
_______________________________________________
fpc-pascal maillist - [email protected]
http://lists.freepascal.org/mailman/listinfo/fpc-pascal
