On Wed, Oct 09, 2013 at 10:46:35PM -0700, Jeremy Friesner wrote:
> > With SSL sessions created via SSLv23_method(), use of this primitive
> > will lead to the failure in question when invoked before the SSL
> > session has switched to SSLv3, TLSv1, ?
>
> Aha! Yes, that appears to be my problem. As a simple workaround,
> I changed my code to call SSLv3_method() instead, and now everything
> is working perfectly. Thanks so much for your help! :^)
A better solution is to not call SSL_pending() until the SSL
handshake completes. For now you should keep track of whether
SSL_accept() has completed for a given session, and refrain from
SSL_pending() until then.
By using SSLv3_method() you don't get to take advantage of improvements
in TLSv1, TLSv1.1 or TLSv1.2. You only get SSLv3. SSLv3 is
obsolete, you should be using TLS 1.0 or later.
It is perhaps by now a reasonable feature request to ask the OpenSSL
developers for an alternative to SSLv23_method() that also negotiates
multiple protocol versions, but starts with TLSv1 as the lowest
supported version. Perhaps call it TLS_method(). One gets a close
approximation to this with the options SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3,
but as we see some subtle differences remain.
Also perhaps the SSL_pending() function should not fail in such a
surprising way. When called before the handshake has completed,
it should perhaps simply return 0.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
