[openssl-dev] [openssl.org #4060] AutoReply: a crash happened inside SSL_Connect function
Matt Caswell via RT
rt at openssl.org
Tue Sep 29 08:24:40 UTC 2015
I agree with everything Viktor said. In particular that you should
continue to use SSLv23_method. Some additional comments below:
On 28/09/15 16:31, Tiantian Liu via RT wrote:
> sslerror = SSL_get_error(ssl, res);
> if (sslerror == SSL_ERROR_WANT_READ) {
> isexp = is_expired(exptime);
> if (isexp == 1) {
> strcpy(error, "SSL connect error");
> return 0;
> }
> continue;
> }
> strcpy(error, "SSL connect error");
> return 0;
You need to handle more that just SSL_ERROR_WANT_READ here. You should
also handle SSL_ERROR_WANT_WRITE. You could get either returned from a
call to SSL_connect.
Please can you supply a backtrace from your crash? Also a packet capture
between your application and the server would be useful.
Matt
More information about the openssl-dev
mailing list