Re: Error in handshake: Get client hello B

Fri, 30 Jun 2000 11:32:01 -0700 

We have a similar application where we reuse a pool of SSL connections. The
only difference between our approach and yours is the following piece of
code which we execute before reusing an already used SSL structure.

SSL_set_session(ssl, NULL);

Can you try this and see if the problem recurs? We might be turning off
session-caching by this above line (my understanding of openssl
session-caching is somewhat hazy). But, its worth a try anyways.

Arun.
-----Original Message-----
From: Amit Chopra <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date: Thursday, June 29, 2000 10:35 PM
Subject: Error in handshake: Get client hello B


>Hi,
>   Some time back I had posted a mail on the same subject, but
>had got no response. Now that I am tuning my application for
>performance this issue has come up again.
>
>When my app comes up I create a pool of SSL structures (using
>SSL_new)that I intend to reuse for the connections as follows:
>
>SSL_clear(ssl);
>SSL_set_accept_state(ssl);
>SSL_set_fd(ssl,client);
>I do this before accepting every client connection.
>
>The problem appears when I follow below steps:
>1. Open browser and establish connection with my app. I can browse
>   others links over SSL as well.(fine)
>2. Close browser.
>3. Open browser again and establish connection with my app.
>   My app fails saying "Error in get client hello B".
>This also happens when I cancel the certificate message that the
>broswers show.
>The problem happens with both IE(5) and Netscape(4.7).
>Using 0.9.4 SSL_read used to return with SSL_ERROR_WANT_READ.
>Using 0.9.5a SSL_read returns ERROR_SSL (Navigator 4.7).
>
>I have also written an OpenSSL based linux test client that
>simply fires hundreds of concurrent connections. It works fine
>with that.
>
>The problem disappers when I do a SSL_new for every connection.
>
>What might I be doing wrong here? I believe that the SSL state machine
>is not getting reset properly. What can I do to fix this? I wish to avoid
>allocating memory at run time and I believe doing a SSL_new does allocate
>memory for a host of structures.
>
>I apologise for the repost, but I'm quite literally stuck.
>
>
>Thanks,
>Amit.
>______________________________________________________________________
>OpenSSL Project                                 http://www.openssl.org
>User Support Mailing List                    [EMAIL PROTECTED]
>Automated List Manager                           [EMAIL PROTECTED]
>

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to