RE: SSL_shutdown

Sun, 10 Feb 2008 17:52:38 -0800 

Connection shutdown is just:
        Library->BIO_ssl_shutdown(Bio);
        Library->BIO_set_close(Bio,BIO_CLOSE);
        Library->BIO_free_all(Bio);
        //if (Library->SSL_shutdown(Ssl) == 0)
        //      Library->SSL_shutdown(Ssl);
        // Library->SSL_free(Ssl); // Do I need this or not? (doesn't help
the TCP socket issue)

Would be my best guess.

-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Matthew Allen
Sent: Sunday, February 10, 2008 7:57 PM
To: openssl-users@openssl.org
Subject: SSL_shutdown

Hi,

I'm developing an email application that uses OpenSSL (0.9.7?) and I'm
having problems on MacOSX (tiger). Basically after the connection is
finished I called SSL_shutdown, check the return code and if zero I call it
again... just once. After all this everything appears to be fine, but after
hours of doing this the application can't open files or sockets anymore.
Using lsof I can see that in my process there are hundreds of TCP sockets in
the "CLOSED" state using up the handle table, which is why I'm getting
EMFILE errors all over the place.

So... how do I get libssl to close/free/release the TCP socket handle?

A summary of the connection setup, minus error checking:
        Bio = Library->BIO_new_ssl_connect(Library->Ctx);
        Library->BIO_get_ssl(Bio, &Ssl);
        Library->SSL_set_mode(Ssl, SSL_MODE_AUTO_RETRY);
        if (Library->BIO_set_conn_hostname(Bio, h) > 0)

Connection shutdown is just:
        if (Library->SSL_shutdown(Ssl) == 0)
                Library->SSL_shutdown(Ssl);
        // Library->SSL_free(Ssl); // Do I need this or not? (doesn't help
the TCP socket issue)

I can provide the whole file if you want, but I doubt I can post it all here
on the list. (Maybe as an attachment?)

Can anybody point me in the right direction?

Regards
--
Matthew Allen

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to