Hi,
I work on a client-server application that needs to be supported on both UNIX and windows platforms.
Currently, we keep one socket open for all communication from client to server (during which many read-write operations take place)
For user authentication and security purposes, we are planning to implement SSL-Stunnel.
I have developed a small ssl client (based on sclient.c example) which connects to the Stunnel Server.
Upon the first SSL_write, SSL is closing the underlying socket. Hence the contents written by subsequent SSL_write operations are not visible in the server log.
I saw lot of posts on the same problem. But couldn't find the solution.
Any help is greatly appreciated.
Please note that:
1. Due platform independency issues, I use RWSocket (a Roguewave library class) instead of the BSD socket in conjunction with SSL.
A potion of stunnel server log
2006.06.12 10:47:43 LOG7[19699:28]: FD 1 in non-blocking mode
2006.06.12 10:47:43 LOG7[19699:28]: rssvr connecting 127.0.0.1:28091
2006.06.12 10:47:43 LOG7[19699:28]: Remote FD=1 initialized
2006.06.12 10:47:43 LOG7[19699:28]: TCP_NODELAY option set on remote socket
2006.06.12 10:47:45 LOG7[19699:28]: Socket closed on read
2006.06.12 10:47:45 LOG7[19699:28]: SSL write shutdown
2006.06.12 10:47:45 LOG7[19699:28]: SSL alert (write): warning: close notify
2006.06.12 10:47:45 LOG7[19699:28]: SSL_shutdown retrying
2006.06.12 10:47:45 LOG7[19699:28]: SSL doesn't need to read or write
2006.06.12 10:47:50 LOG3[19699:28]: SSL_read: Connection reset by peer (131)
2006.06.12 10:47:50 LOG5[19699:28]: Connection reset: 0 bytes sent to SSL, 26 bytes sent to socket
2006.06.12 10:47:50 LOG7[19699:28]: linger (remote): Invalid argument (22)
2006.06.12 10:47:50 LOG7[19699:28]: linger (local): Invalid argument (22)
2006.06.12 10:47:50 LOG7[19699:28]: rssvr finished (0 left)
Thanks
Sri
Srilalitha Muralidhara
This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden.
Disclaimer: *********** The contents of this E-mail (including the contents of the enclosure(s) or attachment(s) if any) are privileged and confidential material of HCL Capital Market Services and should not be disclosed to, used by or copied in any manner by anyone other than the intended addressee(s). In case you are not the desired addressee, you should delete this message and/or re-direct it to the sender. The views expressed in this E-mail message (including the enclosure(s) or attachment(s) if any) are those of the individual sender, except where the sender expressly, and with authority, states them to be the views of HCL Capital Market Services. This e-mail message including attachment/(s), if any, is believed to be free of any virus. However, it is the responsibility of the recipient to ensure that it is virus free and HCL Capital Market Services is not responsible for any loss or damage arising in any way from its use.
On Monday 12 June 2006 12:01, Srilalitha Muralidhara wrote:
2006.06.12 10:47:45 LOG7[19699:28]: SSL alert (write): warning: close notify
Clean SSL shutdown alert was received.
2006.06.12 10:47:50 LOG3[19699:28]: SSL_read: Connection reset by peer (131)
... and then TCP RST!
Strange. It looks like your application has set SO_LINGER option on its socket, so it sends TCP RST instead of TCP FIN packet.
Best regards, Mike
-
Michal Trojnara -
Srilalitha Muralidhara(HCL Capital Market Services)