httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Orton <jor...@redhat.com>
Subject Re: mod_ssl not sending Alert upon close ?
Date Thu, 05 Feb 2004 20:10:22 GMT
I've seen some unclean shutdown errors a few times but never managed to
get a repro case.  What client are you using, how do you reproduce this?  
I presume you have the same SetEnvIf ssl-unclean-shutdown settings for
broken clients when comparing 1.3 and 2.0 behaviour?

On Thu, Feb 05, 2004 at 11:06:57AM -0800, Mathihalli, Madhusudan wrote:
> Hi,
> 	It's been a while since I played with the Apache code, and it'll 
> be nice if somebody can help me here.
> 
> I put some debug statements in the ssl_engine_io.c - in 
> bio_filter_out_write() and bio_filter_in_read() to see if the alert 
> message is actually being sent, and got the following output:
> 
> bio_filter_out_write: trying to write inl: 900 (length 0 blen 0)
> bio_filter_out_write: buffering data (NO WRITE YET)
> bio_filter_out_flush: trying to flush blen: 900
> bio_filter_out_write: trying to write inl: 67 (length 0 blen 0)
> bio_filter_out_write: buffering data (NO WRITE YET)
> bio_filter_out_flush: trying to flush blen: 67
> (70014)End of file found: bio_filter_in_read: got EOF - returning -1 (at the end)
> (70014)End of file found: SSL input filter read failed.
> ------>> Does the socket fd get closed at this point ?
> bio_filter_out_write: trying to write inl: 23 (length 0 blen 0)
> bio_filter_out_write: buffering data (NO WRITE YET)
> ------>> This is the close notify message that SSL_set_shutdown() was trying to
send - but it never gets sent because the message is buffered. Maybe we need to revisit the
logic of bio_filter_out_write() ?

And you're sure that the client sent a close notify alert before the
EOF?

joe

Mime
View raw message