cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re:Re: Re: SSL read error: 5 - What could be the reson?

From: Naren D <dnaren_at_lycos.com>
Date: Tue, 14 Jan 2003 10:41:40 -0500

Let's just say SSL support is not complete with Curl. I wrote a perl script to do the same and it always works. I am posting a message to a secure server and getting the response.

I glanced through the source code and I found that there was no support for servers that intiate authentication for sending response. Here is the quote from OpenSSL site (from the FAQ, item - 19):

"A pitfall to avoid: Don't assume that SSL_read() will just read from the underlying transport or that SSL_write() will just write to it -- it is also possible that SSL_write() cannot do any useful work until there is data to read, or that SSL_read() cannot do anything until it is possible to send data. One reason for this is that the peer may request a new TLS/SSL handshake at any time during the protocol, requiring a bi-directional message exchange; both SSL_read() and SSL_write() will try to continue any pending handshake. "

I guess the server I am trying to post the message to, is an exception they are referring to. My posted message reaches the server but I don't get the response.

I didn't find the call "SSL_set_accept_state()" in the Curl source code. So Curl doesn't seem to understand the request for a new TLS/SSL handshake before the secure server sends the response. Curl uses the same handle for both SSL read and SSL write calls.

Where as Perl uses the same OpenSSL but their modules are coded to handle this situation. So I gave up on Curl and embedded perl interpreter in my C++ code.

Naren.

On Mon, 13 Jan 2003 07:50:05
 Daniel Stenberg wrote:
>On Fri, 10 Jan 2003, Naren D wrote:
>
>> Here are the details:
>>
>> ERROR: - SSL read error: 5
>> The error generated was 73
>> It means: Connection reset by peer
>> Error retrieving response
>
>Right, so it means that the connection was broken and thus, this error is
>perfectly reasonable.
>
>> Sometimes I get "Empty Reply from server" error.
>
>That too points to a problem with the site, or possibly with on old libcurl
>bug that causes it to sometimes say that wrongly. (We did fix numerous bugs
>since 7.9.8.)

_____________________________________________________________
Get 25MB, POP3, Spam Filtering with LYCOS MAIL PLUS for $19.95/year.
http://login.mail.lycos.com/brandPage.shtml?pageId=plus&ref=lmtplus

-------------------------------------------------------
This SF.NET email is sponsored by: FREE SSL Guide from Thawte
are you planning your Web Server Security? Click here to get a FREE
Thawte SSL guide and find the answers to all your SSL security issues.
http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0026en
Received on 2003-01-14