Re: How to prevent SSL from blocking from Network interruption

Thu, 19 Jul 2007 21:46:34 -0700 


Jim Marshall wrote:

David Schwartz wrote:

OpenSSL tries to make SSL connections act like regular TCP 
connections. This

is exactly what TCP does. So your application would have this exact same

problem with or without OpenSSL. As such, how can you blame it on 
OpenSSL?

Not to beat a dead horse, but I forgot to mention that the application 
does work "properly" when performing the same operations on non-SSL 
connections. In other-words if I use telnet to connect to the server on 
the non-SSL port and type nothing in the console and then have a second 
client connect (to either the non-SSL or the SSL port) and make a valid 
request, the server responds properly. The telnet session is still 
connected, but we are not blocked from handling other requests. The WEBs 
code uses the socket 'select' mechanism which I presume plays a role in 
this working. I do not understand why this same mechanism fails when we 
use SSL.


Thanks again
-Jim

I suppose re-reading what I wrote it does sound like I am pointing a 
finger but that was not my intention. I'm looking for advice on how to 
fix our problem. I was hoping for a "silver bullet" - just call this 
function and all will be fine type of answer. Wishful thinking, I know.



Blocking socket operations are very difficult to use. I strongly urge 
you to

switch to non-blocking operations.

Having only done minimal socket programming, I'm in a bit of a steep 
learning curve right now. Other then understanding what a blocking and 
non-blocking operation is, I don't fully understand the ramifications of 
switching to non-blocking I/O. Compounding this issue is the third party 
code, which was clearly written with blocking I/O :(


I appreciate your time!

Thanks
-Jim

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org

User Support Mailing List                    
[EMAIL PROTECTED]
Automated List Manager                           
[EMAIL PROTECTED]





______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]






















					Reply via email to