Rick, Actually, the retardedness is due to the netscape browser not terminating the network connection while waiting for the user's input. Micro$oft IE implements that behaviour properly by terminating the connection, waiting for the user to accept the cert, then will reconnect once accepted. Chalk one up for Microsoft for server friendliness...
::running..ducking..avoids flying anti-ms objectiles:: -----Original Message----- From: Rick Tyler [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 04, 2001 12:47 PM To: [EMAIL PROTECTED] Subject: SSL_read() never returns an error if client rejects certificate I have implemented a simple SSL server using the latest win32 version of the openssl library which behaves as I expect, EXCEPT that SSL_read() returns 0 (meaning, I must POLL it, which is retarded) as long as my browser (the client I am using) is waiting for me to accept the certificate (bogus certificate, not blindly accepted by default). In other words, if I accept the certificate, SSL_read() suddenly returns something other than 0 and I can process the session using SSL_read() and SSL_write() as I expect. However, if I reject the certificate, SSL_read() will keep returning 0, which means I don't know how to detect when the client has terminated the connection. How can I detect this?! Also, the documentation refers to the concept of a "BIO" all over the places, but never defines it anywhere that I can find. Is BIO some kind of universally understood concept that I have only just heard of? In any case, where can I go to learn about it? - RT ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] ***************************************************************** DISCLAIMER: The information contained in this e-mail may be confidential and is intended solely for the use of the named addressee. Access, copying or re-use of the e-mail or any information contained therein by any other person is not authorized. If you are not the intended recipient please notify us immediately by returning the e-mail to the originator. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
