> On Dec 28, 2018, at 6:17 AM, Christian <c.wehrme...@freshlions.de> wrote:
>
> BIO_set_fd with 4|1 #Socket 4, BIO_CLOSE
> SSL_set_accept_state
> SSL_accept
> SSL_accept failed, SSL_get_error: 1 #SSL_ERROR_SSL
> 140059505588032:error:1408F119:SSL routines:ssl3_get_record:decryption failed
> or bad record mac:../ssl/record/ssl3_record.c:375:
> SSL_shutdown
> SSL_clear
1. Don't call SSL_shutdown(), rather just call SSL_free() and close the
socket using close(), IIRC SSL_set_fd() (you should not need to use
BIO_set_fd) leaves you as the owner of the socket to close or not.
2. DO NOT reuse the same SSL handle for multiple connections, create a
new one for subsequent connections, but you can and generally should
reuse the SSL_CTX.
--
Viktor.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
- Re: [openssl-users] Authentication over ECDHE Viktor Dukhovni
- Re: [openssl-users] Authentication over ... Christian
- Re: [openssl-users] Authentication o... Viktor Dukhovni
- Re: [openssl-users] Authenticati... Salz, Rich via openssl-users
- Re: [openssl-users] Authenti... Viktor Dukhovni
- Re: [openssl-users] Aut... Matt Caswell
- Re: [openssl-users]... Michel
- Re: [openssl-users]... Matt Caswell
- Re: [openssl-users]... Christian
- Re: [openssl-users]... Christian
- Re: [openssl-users]... Viktor Dukhovni
- Re: [openssl-users]... Matt Caswell
- Re: [openssl-users] Authentication over ECDHE Matt Caswell
- Re: [openssl-users] Authentication over ... Viktor Dukhovni
- Re: [openssl-users] Authentication over ECDHE C.Wehrmeyer
- Re: [openssl-users] Authentication over ... Jakob Bohm via openssl-users
- Re: [openssl-users] Authentication o... C.Wehrmeyer
- Re: [openssl-users] Authenticati... J. J. Farrell
- Re: [openssl-users] Authenticati... Filipe Fernandes
- Re: [openssl-users] Authenti... Richard Levitte
- Re: [openssl-users] Authenti... C.Wehrmeyer
