I have a single threaded test application (Red Hat Linux release 9 - Shrike),
OpenSSL 0.9.8. I found that it's possible to permanently hang a thread
receiving SSL calls if a network interruption occurs during an established
connection.
This is the way TCP works. There's a couple of minute timeout
built into it. You can circumvent this behavior by setting
your ssl sockets to non-blocking, but if you can switch to
threaded processing that'd be the easier way to go.
Sometime after you create each socket do something like this:
int sl = 1;
SSL *ssl;
...
// set ssl socket nonblocking
if (BIO_socket_ioctl(SSL_get_fd(ssl),FIONBIO,&sl) < 0) {
// report an error
}
Then you have to deal with the likelyhood that every
ssl operation will return a "would block": either
an SSL_ERROR_WANT_READ or an SSL_ERROR_WANT_WRITE.
When you get either of these you can retry the same operation
later.
Here's a library that demonstrates non-blocking SSL IO:
http://staff.washington.edu/fox/ezs/
Jim
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
