Re: connect-timeout not working
Date: Fri, 04 Jan 2002 17:18:06 +0100
Georg Horn wrote:
> On Fri, Jan 04, 2002 at 12:46:31PM +0100, Daniel Stenberg wrote:
> > On Fri, 4 Jan 2002, Georg Horn wrote:
> > > After looking over it again, i think that it hangs somewhere during the
> > > SSL- handshake, because i get error messages like this:
> > >
> > > curl: (35) SSL: error:00000000::lib(0) :func(0) :reason(0)
> > >
> > > So the connect() seems to work fine, but it hangs somewhere in the SSL-lib
> > > and never returns. Any idea, how to solve this?
> > Uh. Not right now (need to study related OpenSSL stuff first). Can you make
> > sure that this is really the case?
> Yes, i think sometimes it happens that the signal interrupts us just
> during ssl-stuff. I can reproduce that by specifying a short timeout of
> one second (the "alarmfunc called" was added by me):
> > curl -v --connect-timeout 1 https://meine.db24.de
> alarmfunc called
> * Closing connection #0
> curl: (35) SSL: error:00000000::lib(0) :func(0) :reason(0)
This is the OpenSSL form of: no error occured.
The tricky thing with SSL is, it is possible that the
SSL protocoll wants to write some data when you read data
and want to read some data when you write data.
Now if you do a select() and mark the socket only for reading
and the SSL protocoll wants to write some data, you could wait
a very long time...
At the moment I don't know how curl is handling reading/writing but
you have to do a:
response = SSL_read(ssl_data,data,length);
if (response > 0)
/* all OK */
if (response ==0)
/* closed connection... */
if (response < 0)
case SSL_ERROR_NONE: /* all OK */
case SSL_ERROR_WANT_READ: /* SSL wants to read from socket... */
case SSL_ERROR_WANT_WRITE: /* SSL wants to write to socket... */
case SSL_ERROR_WANT_CONNECT: /* SSL connection in progress... */
case SSL_ERROR_WANT_X509_LOOKUP: /* certifikate lookup... */
case SSL_ERROR_SYSCALL: /* error in system call */
/* we must consult errno... *
case SSL_ERROR_SSL: /* error in SSL */
default: /* should never happen... */
this is a quick copy / paste from some (old) functions I use.
But you should see where you have to look...
-- Goetz Babin-Ebell, TC TrustCenter AG, http://www.trustcenter.de Sonninstr. 24-28, 20097 Hamburg, Germany Tel.: +49-(0)40 80 80 26 -0, Fax: +49-(0)40 80 80 26 -126
- application/x-pkcs7-signature attachment: S/MIME Cryptographic Signature