[Date Prev][Date Next] [Chronological] [Thread] [Top]

socket I/O, EOF, openssl 0.9.4



Following up on my previous email... This patch to ssl23_read_bytes()
seems to fix my problem with bogus clients hosing SSL_accept():
--- s23_pkt.c   1999/12/08 17:20:56     1.1.1.1
+++ s23_pkt.c   2000/01/14 19:58:16
@@ -104,9 +104,9 @@
                        s->rwstate=SSL_READING;
                        j=BIO_read(s->rbio,(char *)&(p[s->packet_length]),
                                n-s->packet_length);
+                       s->rwstate=SSL_NOTHING;
                        if (j <= 0)
                                return(j);
-                       s->rwstate=SSL_NOTHING;
                        s->packet_length+=j;
                        if (s->packet_length >= (unsigned int)n)
                                return(s->packet_length);

It strikes me that if BIO_read returns <=0, something irrecoverably bad has
happened, and there's no point in coming back to try again later. Currently
the code in slapd that invokes SSL_accept has a test
	if (!SSL_want_nothing(ssl))
to decide if the accept should be retried. This works in the normal case,
when all the data for the transaction arrives in multiple chunks and can't
be read all at once. But without the above patch, it causes the accept to be
retried forever on a bogus connection. Perhaps this is the wrong approach,
but there doesn't seem to be any obvious way to distinguish "we're OK, just
in the middle of a long transaction" from "we're hosed, this connection is
invalid" in the SSL_accept return status.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc