ssl client write / server accept seems broken

Embedded Devel lists at optimcloud.com
Tue Mar 23 02:37:04 UTC 2021 

I have an application previously written for us 10+ years ago that no 
longer seems to be happy

and the original dev is no  longer available, so who can i pay to bang 
this out and make it happy, or who can guide me through getting it 
functional... basic info below.

I have a client process which is supposed to speak to a server via ssl, 
and then send data

Ive created a "CA" and generated the CSR / and certs for both the client 
and the server.

when i run the client - i get an error on the client side

Tue Mar 23 02:13:58 2021 user.err : ac_ssl_client_write(): Error 
SSL_ERROR_SSL - return code: -1.
Tue Mar 23 02:13:58 2021 user.info : ac_send_init(): Error

here is the specific snippt of c thats failing

int ac_ssl_client_write(ac_ssl_conn_t *ssl_con, void *buf, int buf_len)
{
         fd_set write_fds;
         struct timeval tv;
         int rc = -1;

         tv.tv_sec = TIMEOUT_WRITE;
         tv.tv_usec = 0;

         FD_ZERO(&write_fds);
         FD_SET(ssl_con->socket, &write_fds);


         if ((rc = select(ssl_con->socket + 1, NULL, &write_fds, NULL, 
&tv)) == 1) {
                 if (FD_ISSET(ssl_con->socket, &write_fds)) {
                         rc = SSL_write(ssl_con->ssl, buf, buf_len);

                         if(ac_ssl_handle_err(ssl_con, rc, 
"ac_ssl_client_write()", "") != 0)
                                 return -1;
                 }
         }

         FD_CLR(ssl_con->socket, &write_fds);

         return rc;
}

and like wise i get this error on the server side

Mar 23 03:13:58 optim04 ac_server[597280]: ac_ssl_server_accept(): Error 
SSL_ERROR_SYSCALL - return code: -1. SSL_accept()
Mar 23 03:13:58 optim04 ac_server[597280]: ac_ssl_server_accept(): Error 
code: -3

which ive located in this snippet of code

/* Accept SSL Connection */
int ac_ssl_server_accept(ac_ssl_conn_t *ssl_con)
{
         int rc = -1;
         /* Load Key and Certficates */
         if ((rc = ac_ssl_server_certs(ssl_con)) != 0) {
                 LOG(LOG_ERR, "ac_ssl_server_certs(): Error code %d\n", rc);
                 return -1;
         }

         if ((ssl_con->ssl = SSL_new(ssl_con->ctx)) == NULL) {
                 LOG(LOG_ERR, "SSL_new(): Error\n");
                 close(ssl_con->socket);
                 if (ssl_con->ctx != NULL)
                         SSL_CTX_free(ssl_con->ctx);
                 return -2;
         }

         SSL_set_fd(ssl_con->ssl, ssl_con->socket);
         SSL_set_accept_state(ssl_con->ssl);

         rc = SSL_accept(ssl_con->ssl);
         if(ac_ssl_handle_err(ssl_con, rc, "ac_ssl_server_accept()", 
"SSL_accept()") == 1)
                 return -3;


         return 0;
}

More information about the openssl-users mailing list