|
HI, Recently we encounter SSL_ERROR_SSL error on client side. Our application code(initialization,
handshaking, read and write) is common for sslv2 and sslv3. It happens when we turn on sslv3. But when we turn off sslv3 but using
sslv2, the problem goes away. The following are the setup we are using.
When we send messages fast from ssl
client to ssl server, on the ssl
client side sometimes we get SSL_ERROR_SSL(read:1) reason='error:1409F07F:SSL
routines:SSL3_WRITE_PENDING:bad write retry'. When we turn of sslv3 dynamically and using sslv2, everything
goes fine. We suspect something
like 1. Is there any
initialization, handshaking, read and write interfaces that we should call
differently between sslv2 and sslv3? 2. Has anyone
seen this behavior. The following is the struct ssl_st content at the moment the ssl
client encounter SSL_ERROR_SSL. (gdb) print
*sinfo->ssl $1 = {version = 769, type = 4096, method = 0x28367d80, rbio = 0x83bb700, wbio = 0x83bb700, bbio = 0x0, rwstate = 3, in_handshake = 0, handshake_func = 0x2834a5e0 <ssl3_connect>, server = 0,
new_session = 0, quiet_shutdown = 0, shutdown = 0, state = 3, rstate = 240, init_buf = 0x0, init_msg = 0x8498004, init_num = 0,
init_off = 0, packet = 0x8493000 "\027\003\001", packet_length = 0, s2 = 0x0, s3 = 0x83fdc00, read_ahead = 0, msg_callback = 0,
msg_callback_arg = 0x0, hit = 0, purpose = 0, trust = 0, cipher_list = 0x0, cipher_list_by_id = 0x0, enc_read_ctx = 0x84a6700, read_hash
= 0x2844b520, expand = 0x0, enc_write_ctx = 0x84a6500, write_hash
= 0x2844b520, compress = 0x0, cert = 0x83bdf00, sid_ctx_length =
0, sid_ctx = '\0' <repeats 31 times>, session = 0x83f6e00, generate_session_id
= 0, verify_mode = 0, verify_depth = -1, verify_callback
= 0, info_callback = 0, error = 0, error_code = 0, ctx = 0x83f9200,
debug = 0, verify_result = 20, ex_data
= { sk = 0x0, dummy = 0}, client_CA = 0x0, references = 1, options = 0, mode = 0, max_cert_list = 102400, first_packet
= 0, client_version = 769} Thanks -Eric |
