[openssl-dev] [openssl.org #4670] a bug in ssl_lib(ver 1.0.2)

[aa via RT]

Hi OpenSSL,
First, Thank you for your contribution in OpenSSL.


I found the bug last week, that is:
step-1, Create a socket of non-blocking mode, and then establish the connection-oriented; (all works successfully done)
step-2, Call SSL_connect(or SSL_do_handshake) for establish a security session on that original-connection; (all works successfully done)
step-3, After some works of data transfer, I want to shutdown the SSL-CONNECTION and close the original-socket, So I do the procedure as following,
step-3.1, Call SSL_shutdown firstly, and it returns zero. According to comments of SSL_shutdown in manual as:
       (0: The shutdown is not yet finished. Call SSL_shutdown() for a second time, if a bidirectional shutdown shall be performed. The output of SSL_get_error may be misleading, as an erroneous SSL_ERROR_SYSCALL may be flagged even though no error occurred.)
     So, I call SSL_shutdown again, and it returns -1, and SSL_get_error returns SSL_ERROR_SYSCALL.
step-3.2, For a while, go back the step-1, at that time, I found SSL_connect / SSL_do_handshake will be always failed( the original-socket is still good );
               But, if sleep/pause around 400ms between the operator 'connect'(original socket API) and the operator 'SSL_connect', then all works successfully finished.


Hope you will check it.
Maybe it occurred due to my incorrect processing.




Best regards
CXX
SST.
-- 
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4670
Please log in as guest with password guest if prompted