0

I am using SSL_Connect() and return code is "-1" , with SSL_get_error() i can see that error is SSL_ERROR_WANT_READ.

As per suggestion on one forum, where it suggested to keep calling SSL_connect() until this error goes. With this modification for first call i am getting error WANT_READ and for second call i am getting SSL_ERROR_SSL. After that for all subsequent calls it is SSL_ERROR_SSL only and as per description of this error it looks something went wrong in SSL library.

Can some one who resolved SSL_connect successfully provide some help.

My code is a plain sequence of calling :
1. SSL_library_init()
2. Creating methods(v23) and context using this meth
3. context has not been modified and it plain as created.
4. SSL object is created using this plain ctx and ssl_connect is called on this ssl after calling SSL_set_fd()

Please let me know if i am doing some thing wrong in this sequence or if i am missing something ?

Is it required to load various things to ctx like certificates and verify locations before using it , if yes what are the bare minimum things required.

Thanks in advance for help.

Hussain
  • 5,552
  • 4
  • 40
  • 50
Amit
  • 21
  • 4

1 Answers1

1

If it wants a read you have to do a read, or block in select() until OP_READ fires if non-blocking, and then call SSL_Connect() again. If it wants a write you have to do a write, or block in select() until OP_WRITE fires if non-blocking, and then call SSL_Connect() again.

See here.

user207421
  • 305,947
  • 44
  • 307
  • 483
  • and you have to do again the call with very same arguments ( ie same buffers ) not a copy of them. In case of SSL_Connect it is SSL *ssl that should be the same. My remark is less in SSL_Connect() relevant than in SSL_read() of course. – philippe lhardy Apr 25 '14 at 15:43