Openssl I O Error
Contents |
Start here for a quick overview of the site Help Center Detailed answers to any questions you might have Meta Discuss the workings and policies of this site About openssl: i/o error, 11 bytes expected to read on bio Us Learn more about Stack Overflow the company Business Learn more about hiring developers
Ssl_engine_io.c(1950): Openssl: I/o Error, 5 Bytes Expected To Read On Bio
or posting ads with us Server Fault Questions Tags Users Badges Unanswered Ask Question _ Server Fault is a question openssl: exit: error in sslv2/v3 read client hello a and answer site for system and network administrators. Join them; it only takes a minute: Sign up Here's how it works: Anybody can ask a question Anybody can answer The best answers are ssl_engine_io.c(1908): openssl: i/o error, 5 bytes expected to read on voted up and rise to the top openssl giving me errors and apache is not working with https up vote 0 down vote favorite I try to configure apache-tomcat with ssl, but find some issues [root@manage conf]# openssl s_client -state -debug -connect 10.104.1.38:443 -key server.key -cert server.crt CONNECTED(00000003) SSL_connect:before/connect initialization write to 0x80f1e98 [0x811d5e8] (121 bytes => 121 (0x79)) 0000 - 80 77 01 03 01 00 4e
Openssl: I/o Error, 7 Bytes Expected To Read On
00-00 00 20 00 00 39 00 00 .w....N... ..9.. 0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0 8..5............ 0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 05 00 ..3..2../....... 0030 - 00 04 01 00 80 00 00 15-00 00 12 00 00 09 06 00 ................ 0040 - 40 00 00 14 00 00 11 00-00 08 00 00 06 04 00 80 @............... 0050 - 00 00 03 02 00 80 00 00-ff 0a 86 af 23 f2 2f a1 ............#./. 0060 - 4b 2d 9b f3 a9 d9 0e 1b-34 4d 0c e4 1a 06 b6 25 K-......4M.....% 0070 - 76 04 de bd 6f 50 86 a1-9f v...oP... SSL_connect:SSLv2/v3 write client hello A read from 0x80f1e98 [0x8122b48] (7 bytes => 7 (0x7)) 0000 - 3c 21 44 4f 43 54 59 ErrorLog "/usr/local/tomcat/logs/error_log" TransferLog "/usr/local/tomcat/logs/access_log" SSLEngine on SSLProtocol +SSLv3 +TLSv1 SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HI
Prev Next This bug is not in your last search results. Bug46952 - openssl: exit: error in sslv3 read client certificate a ssl renegotiation hangs with long ca list Summary: ssl renegotiation hangs with end of file found: ssl handshake interrupted by system [hint: stop button pressed in browser?!] long ca list Status: RESOLVED FIXED Product: Apache httpd-2 Classification: Unclassified Component: mod_ssl Version: 2.2.11 Hardware: PC
The Timeout Specified Has Expired: Ssl Input Filter Read Failed.
Windows Server 2003 Importance: P2 blocker (vote) TargetMilestone: --- Assigned To: Apache HTTPD Bugs Mailing List URL: Keywords: Depends on: Blocks: Show dependency tree Reported: 2009-04-01 http://serverfault.com/questions/618007/openssl-giving-me-errors-and-apache-is-not-working-with-https 12:48 UTC by Lassi Tuura Modified: 2014-02-17 13:51 UTC (History) CC List: 5 users (show) David.Smith keven.boudreau litmaath pahuja steve Attachments extra debugging for mod_ssl (8.38 KB, patch) 2009-04-01 12:48 UTC, Lassi Tuura Details | Diff test case for the bug (12.99 KB, application/octet-stream) 2009-06-19 03:15 UTC, szamcsi Details View All Add an attachment (proposed patch, https://bz.apache.org/bugzilla/show_bug.cgi?id=46952 testcase, etc.) Note You need to log in before you can comment on or make changes to this bug. Description Lassi Tuura 2009-04-01 12:48:16 UTC Created attachment 23434 [details] extra debugging for mod_ssl Using apache 2.2.11 with openssl 0.9.7d, a location-specific SSLVerifyClient optional (or require), and a long list of CA certificates, the SSL session re-negotiation hangs. Shrinking the "CA" list works around the problem. There is bug in mod_ssl / openssl such that mod_ssl buffers the data, openssl thinks it issues a flush while working through the renegotiation state machine, but mod_ssl never flushes the data out. The web client hangs waiting for more data from the server, and the server hangs waiting for the client to send certificate, thinking it's sent the data out already. The client hang occurs at least with firefox (3.0.x), curl and openssl s_client. Safari does not hang. We have had mixed reports about Konqueror. For example I use the following command to connect to the server: curl --cert mycert.pem --key my
*ssl, int ret); DESCRIPTION SSL_get_error() returns a result code (suitable for the C "switch" statement) for a preceding call to SSL_connect(), SSL_accept(), SSL_do_handshake(), SSL_read(), SSL_peek(), or SSL_write() on ssl. The value returned by that TLS/SSL I/O https://www.openssl.org/docs/ssl/SSL_get_error.html function must be passed to SSL_get_error() in parameter ret. In addition to ssl http://www.gossamer-threads.com/lists/apache/dev/265750 and ret, SSL_get_error() inspects the current thread's OpenSSL error queue. Thus, SSL_get_error() must be used in the same thread that performed the TLS/SSL I/O operation, and no other OpenSSL function calls should appear in between. The current thread's error queue must be empty before the TLS/SSL I/O operation is attempted, or SSL_get_error() o error will not work reliably. RETURN VALUES The following return values can currently occur: SSL_ERROR_NONE The TLS/SSL I/O operation completed. This result code is returned if and only if ret > 0. SSL_ERROR_ZERO_RETURN The TLS/SSL connection has been closed. If the protocol version is SSL 3.0 or TLS 1.0, this result code is returned only if a closure alert has occurred in the protocol, i.e. if the openssl: i/o error, connection has been closed cleanly. Note that in this case SSL_ERROR_ZERO_RETURN does not necessarily indicate that the underlying transport has been closed. SSL_ERROR_WANT_READ, SSL_ERROR_WANT_WRITE The operation did not complete; the same TLS/SSL I/O function should be called again later. If, by then, the underlying BIO has data available for reading (if the result code is SSL_ERROR_WANT_READ) or allows writing data (SSL_ERROR_WANT_WRITE), then some TLS/SSL protocol progress will take place, i.e. at least part of an TLS/SSL record will be read or written. Note that the retry may again lead to a SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE condition. There is no fixed upper limit for the number of iterations that may be necessary until progress becomes visible at application protocol level. For socket BIOs (e.g. when SSL_set_fd() was used), select() or poll() on the underlying socket can be used to find out when the TLS/SSL I/O function should be retried. Caveat: Any TLS/SSL I/O function can lead to either of SSL_ERROR_WANT_READ and SSL_ERROR_WANT_WRITE. In particular, SSL_read() or SSL_peek() may want to write data and SSL_write() may want to read data. This is mainly because TLS/SSL handshakes may occur at any time during the protocol (initiated by e
Post #1 of 2 (4830 views) Permalink OpenSSL: I/O error, 5 bytes expected to read on Hi, Apache 2049 for HPUX - Openssl 097d. Some Clients use Internet Explorer 50 and they face "The page cannot be displayed" on SSL pages. At this time messages below appears in Apache log. What is the problem ? Thanks and best regards, Emre- [Fri Jun 18 14:54:42 2004] [debug] worker.c(1047): the listener thread didn't exit [Fri Jun 18 14:55:06 2004] [info] Connection to child 1 established (server 10.11.91.55:443, client 10.11.91.3) [Fri Jun 18 14:55:06 2004] [info] Seeding PRNG with 136 bytes of entropy [Fri Jun 18 14:55:06 2004] [debug] ssl_engine_kernel.c(1805): OpenSSL: Handshake: start [Fri Jun 18 14:55:06 2004] [debug] ssl_engine_kernel.c(1813): OpenSSL: Loop: before/accept initialization [Fri Jun 18 14:55:06 2004] [debug] ssl_engine_io.c(1498): OpenSSL: read 11/11 bytes from BIO#401d1bc8 [mem: 401e96c8] (BIO dump follows) [Fri Jun 18 14:55:06 2004] [debug] ssl_engine_io.c(1445): +-------------------------------------------------------------------------+ [Fri Jun 18 14:55:06 2004] [debug] ssl_engine_io.c(1470): | 0000: 16 03 01 00 39 01 00 00-35 03 01 ....9...5.. | [Fri Jun 18 14:55:06 2004] [debug] ssl_engine_io.c(1476): +-------------------------------------------------------------------------+ [Fri Jun 18 14:55:06 2004] [debug] ssl_engine_io.c(1498): OpenSSL: read 51/51 bytes from BIO#401d1bc8 [mem: 401e96d3] (BIO dump follows) [Fri Jun 18 14:55:06 2004] [debug] ssl_engine_io.c(1445): +-------------------------------------------------------------------------+ [Fri Jun 18 14:55:06 2004] [debug] ssl_engine_io.c(1470): | 0000: 2e b6 1f e4 ad 87 d1 97-63 f5 56 d5 a1 e0 d7 95 ........c.V..... | [Fri Jun 18 14:55:06 2004] [d