[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS negotiation failure

To: openldap-software@openldap.org
Subject: Re: TLS negotiation failure
From: Emmanuel Dreyfus <manu@netbsd.org>
Date: Thu, 10 Sep 2009 14:51:34 +0000
Content-disposition: inline
In-reply-to: <1j5tfqc.fonwxenngl6qM%manu@netbsd.org>
References: <1j5tfqc.fonwxenngl6qM%manu@netbsd.org>
User-agent: Mutt/1.5.18 (2008-05-17)

On Thu, Sep 10, 2009 at 07:06:59AM +0200, Emmanuel Dreyfus wrote:
> So connection_read() reports an error from ldap_pvt_tls_accept(), which
> is caused by tls_imp->ti_session_accept(). For OpenSSL, that is
> tlso_session_accept(), which just calls SSL_accept()

I tried looping on SSL_accept() until it succeed, in tlso_session_accept().
It often has to try between 400 and 800 times before getting a 
success.

I suspect a locking issue, or a non blocking I/O thing..

-- 
Emmanuel Dreyfus
manu@netbsd.org

Follow-Ups:
- Re: TLS negotiation failure
  - From: Emmanuel Dreyfus <manu@netbsd.org>

References:
- TLS negotiation failure
  - From: manu@netbsd.org (Emmanuel Dreyfus)

Prev by Date: TLS negotiation failure
Next by Date: Re: TLS negotiation failure
Index(es):
- Chronological
- Thread