I have a custom server and openssl s_client -state -ssl3 connecting to it. The server uses blocking TCP sockets, no BIO. It all seems to be working fine. Now I'm trying to change the server to force renegotiations. The server uses select to determine when to start reading. When it is about to start reading it checks when was the last renegotiation performed and if it was longer then X seconds ago (for now 30) it starts a renegotiation. If the client sends a string that does not make the server reply everything works fine. However if the client sends a string which warrants a response from the server the client seems to hang after renegotiation completes. Here is the output of the openssl s_client:
ccccc <----- I typed that it to the client after 30 secs SSL_connect:SSL renegotiate ciphers SSL_connect:SSLv3 write client hello A SSL_connect:error in SSLv3 read server hello A ssssssss <----- got this back from the server SSL_connect:SSLv3 read server hello A depth=1 /C=xx/ST=xx/L=xxxxxxxxxxx/O=xxxxxx/OU=xx/CN=xxx/[EMAIL PROTECTED] verify return:1 depth=0 /C=xx/ST=xx/O=xxx/OU=xxx/CN=xxxxx/[EMAIL PROTECTED] verify return:1 SSL_connect:SSLv3 read server certificate A SSL_connect:SSLv3 read server key exchange A SSL_connect:SSLv3 read server done A SSL_connect:SSLv3 write client key exchange A SSL_connect:SSLv3 write change cipher spec A SSL_connect:SSLv3 write finished A SSL_connect:SSLv3 flush data SSL_connect:SSLv3 read finished A And that's it. I can't type anything into the client after that. ----------------- The log of the server app: SSL_renegotiate: 1 SSL_do_handshake: 1 ssl_read returned 6 0 ssl_write returned 10 0 ssl_read returned -1 2 ssl_read wants read! call select() ssl_read can read! after that we go into a blocking ssl_read() call and never return. It seems like the problem is on the s_client end because it can't even take any keyboard input, so I assume that it is hanging inside ssl_read, but why? Again, everything works fine if the input to the s_client does not make the server respond with anything. In that case I get one extra line of output on the client: read R BLOCK The version of OpenSSL is 0.9.8a on WinXP (both client and server). I also tested with the client 0.9.7a on Linux. Would appreciate any advice on how to procede with debugging this. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
