Claus Assmann wrote:
It should probably be
ssl_errno = SSL_get_error(ssl, rc);
Ah yes you could be correct on that, please consult the SSL_get_error()
documentation for correct usage.
but even then I get SSL_ERROR_SYSCALL and errno=EBADF using sendmail
8, while previously it didn't complain about errors.
So where is the error? In the application (if so: what is the correct
handling of the new code?) or in OpenSSL 0.9.8m?
That is a different issue, out of scope of my information.
EBADF means you have attempted to access a file descriptor after the
close() system call has been made upon it and currently that file
descriptor is invalidated in the kernel, so any kernel system call made
using that FD will return EBADF system call error.
Maybe you need to audit the ownership and responsibility for closing the
socket within the application. It is likely your application called
close() on the file descriptor too early as OpenSSL had not finished
using it, or rather you had not finished using OpenSSL's "SSL *" handle
which has that file descriptor associated with it.
Maybe a simple series of printf() inserted in and around the use of the
following API calls would highlight the out-of-order problem, I'd advise
you also print out the %p or %d value of their first and/or return
values arguments as well:
%p = SSL_new(...)
SSL_set_fd(%p, %d)
SSL_set_rfd(%p, %d)
SSL_set_wfd(%p, %d)
SSL_shutdown(%p, ...)
SSL_free(%p, ...)
close(%d)
Note there are other ways to skin a rabbit with the association of an FD
to an 'SSL *' for example see man page BIO_s_socket.
In short you should never see EBADF caused by OpenSSL itself. If you
can write a simple test case where by a legitimate sequence of OpenSSL
API calls are made and cause the EBADF system call error to be returned;
and there was no outside interference with the socket/fd. Then that
would be an OpenSSL bug.
However I do suspect out-of-order sequence of API calls is causing
outside interference on the state of the fd.
Darryl
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
