[openssl-users] SSL_read() = -1 and SSL_ERROR_SYSCALL, with mem BIO's
Ian Gilmour
ian.gilmour.x at gmail.com
Fri May 19 11:02:50 UTC 2017
Hi,
I'm using a 3rd party library that maintains a TLS connection to a
server using mem BIO's and in which, usually under load, SSL_read()
occasionally returns -1, the SSL_get_error() returns SSL_ERROR_SYSCALL
and ERR_get_error() returns 0 (errno is 0). Under these conditions the
original code closes the existing connection and a few seconds later
reopens a new connection to the server.
I'd like to try and avoid these short offline periods if possible. When
the system is under load I'm seeing this error occur every few minutes.
As a test I modified the code to not close the connection on this
specific error condition.
With this mod in place and the system under load, the connection appears
to stay up for hours rather than minutes, with no adverse affects that I
can see.
But is it valid to do this? Or is the fact that I'm seeing this error so
frequently an indication of a problem elsewhere in the code?
Thanks in advance,
Ian G
More information about the openssl-users
mailing list