Return-Path: Delivered-To: apmail-ws-axis-c-dev-archive@www.apache.org Received: (qmail 15144 invoked from network); 2 Nov 2007 09:44:26 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 2 Nov 2007 09:44:26 -0000 Received: (qmail 75762 invoked by uid 500); 2 Nov 2007 09:44:13 -0000 Delivered-To: apmail-ws-axis-c-dev-archive@ws.apache.org Received: (qmail 75751 invoked by uid 500); 2 Nov 2007 09:44:13 -0000 Mailing-List: contact axis-c-dev-help@ws.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: List-Id: "Apache AXIS C Developers List" Reply-To: "Apache AXIS C Developers List" Delivered-To: mailing list axis-c-dev@ws.apache.org Received: (qmail 75740 invoked by uid 99); 2 Nov 2007 09:44:13 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 02 Nov 2007 02:44:13 -0700 X-ASF-Spam-Status: No, hits=-100.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO brutus.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 02 Nov 2007 09:44:31 +0000 Received: from brutus (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id 119F2714204 for ; Fri, 2 Nov 2007 02:43:51 -0700 (PDT) Message-ID: <24288584.1193996631069.JavaMail.jira@brutus> Date: Fri, 2 Nov 2007 02:43:51 -0700 (PDT) From: "Dumindu Pallewela (JIRA)" To: axis-c-dev@ws.apache.org Subject: [jira] Resolved: (AXIS2C-728) SSL client authenticate failed In-Reply-To: <32004703.1192531130710.JavaMail.jira@brutus> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/AXIS2C-728?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dumindu Pallewela resolved AXIS2C-728. -------------------------------------- Resolution: Fixed Fix Version/s: 1.1.1 Current (Nightly) Patch applied. Thanks Senaka! > SSL client authenticate failed > ------------------------------ > > Key: AXIS2C-728 > URL: https://issues.apache.org/jira/browse/AXIS2C-728 > Project: Axis2-C > Issue Type: Bug > Components: core/transport > Affects Versions: 1.1.0 > Environment: OS:RedHar Linux v5 > Reporter: tsunoda norihiko > Assignee: Dumindu Pallewela > Fix For: Current (Nightly), 1.1.1 > > Attachments: diff.txt > > > I make a client program to perform SSL client authentication/server authentication using Axis2/C. > In the environment only for the server authentication, the program worked normally. > But I cannot receive the response message in the client authentication environment and detected error code 82 - "Input stream is NULL in msg_ctx". > When I confirm server side. > SSL handshake and message transmission to the client worked normally. > I found that an error occurred in axis2_ssl_stream_read() when I debugged a client program. > ${axis2c_src}/src/core/transport/http/sender/ssl/ssl_stream.c > >>> > 146 int AXIS2_CALL > 147 axis2_ssl_stream_read( > 148 axutil_stream_t *stream, > 149 const axutil_env_t *env, > 150 void *buffer, > 151 size_t count > 152 ) > 153 { > 154 ssl_stream_impl_t *stream_impl = NULL; > 155 int read = -1; > 156 int len = -1; > 157 > 158 AXIS2_ENV_CHECK(env, AXIS2_CRITICAL_FAILURE); > 159 > 160 stream_impl = AXIS2_INTF_TO_IMPL(stream); > 161 > 162 read = SSL_read(stream_impl->ssl , buffer, count); > 163 switch (SSL_get_error(stream_impl->ssl , read)) > 164 { > 165 case SSL_ERROR_NONE: > 166 len = read; > 167 break; > 168 case SSL_ERROR_ZERO_RETURN: > 169 len = -1; > 170 break; > 171 case SSL_ERROR_SYSCALL: > 172 AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, > 173 "SSL Error: Premature close"); > 174 len = -1; > 175 break; > 176 default: > 177 len = -1; > 178 break; > 179 } > 180 return len; > 181 } > <<< > At the default case in the switch online 176, the value of len should not be "-1". > SSL_get_error() return SSL_ERROR_WANT_READ. > The specifications of SSL_read() seem to be as follows. > >>> > In this case a call to SSL_get_error(3) with the return value of SSL_read() > will yield SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE. > As at any time a re-negotiation is possible, a call to SSL_read() can also cause write operations! > The calling process then must repeat the call after taking appropriate action to satisfy the needs of SSL_read(). > <<< > (http://www.openssl.org/docs/ssl/SSL_read.html#NOTES) > I could get a response message when I debug as follows. > ${axis2c_src}/src/core/transport/http/sender/http_client.c > >>> > 413 /* read the status line */ > 414 do > 415 { > 416 memset(str_status_line, 0, 512); > 417 while ((read = axutil_stream_read(client->data_stream, env, tmp_buf, > 418 1)) > 0) > 419 { > 420 tmp_buf[read] = '\0'; > 421 strcat(str_status_line, tmp_buf); > 422 if (0 != strstr(str_status_line, AXIS2_HTTP_CRLF)) > 423 { > 424 end_of_line = AXIS2_TRUE; > 425 break; > 426 } > 427 } > + 428 /* debug */ > + 429 #if 0 > 430 if (read < 0) > 431 { > 432 AXIS2_LOG_DEBUG(env->log, AXIS2_LOG_SI, "[axis2c] http client , response timed out" ); > 433 AXIS2_ERROR_SET(env->error, > 434 AXIS2_ERROR_RESPONSE_TIMED_OUT, > 435 AXIS2_FAILURE); > 436 return -1; > 437 } > 438 else if (read == 0) > + 439 #endif > + 440 if(read == 0) > 441 { > 442 AXIS2_ERROR_SET(env->error, > 443 AXIS2_ERROR_RESPONSE_SERVER_SHUTDOWN, > 444 AXIS2_FAILURE); > 445 AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "Response error, Server Shutdown"); > 446 return 0; > 447 } > <<< > However, this is my temporary modification. > What kind of method will be appropriate? -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. --------------------------------------------------------------------- To unsubscribe, e-mail: axis-c-dev-unsubscribe@ws.apache.org For additional commands, e-mail: axis-c-dev-help@ws.apache.org