Some minor bugs

darkone · 12-22-2002, 08:31 AM

Just downloaded 2.0 to test compatability with my daemon. Noticed couple of minor 'bugs' in it:

- It does not perform SSL_shutdown() when requested (Most clients and servers are violating this TLS rule, but it's the only way to check data integrity)
- Instead of ABOR some garbage is being sent to daemon

Quote:

www.openssl.org
The shutdown procedure consists of 2 steps: the sending of the ``close notify'' shutdown alert and the reception of the peer's ``close notify'' shutdown alert. According to the TLS standard, it is acceptable for an application to only send its shutdown alert and then close the underlying connection without waiting for the peer's response (this way resources can be saved, as the process can already terminate or serve another connection). When the underlying connection shall be used for more communications, the complete shutdown procedure (bidirectional ``close notify'' alerts) must be performed, so that the peers stay synchronized.

Cheers, dark0n3

bigstar · 12-22-2002, 09:05 AM

SSL_shutdown is issued prior to closing the socket.

darkone · 12-22-2002, 10:37 AM

Odd.. I'll investigate it further then

darkone · 12-22-2002, 10:53 AM

SSL_shutdown() on server end returns 0:

The shutdown is not yet finished. Call SSL_shutdown() for a second time, if a bidirectional shutdown shall be performed. The output of SSL_get_error(3) may be misleading, as an erroneous SSL_ERROR_SYSCALL may be flagged even though no error occurred.

You are performing bidirectional shutdown?

darkone · 12-22-2002, 11:00 AM

Further note: With SmartFTP I get 0 on first call, and shutdown completes on second call. Maybe you're missing the second call to SSL_shutdown?

bigstar · 12-22-2002, 09:53 PM

Ah twice? I was not aware that it needed to be called twice. I'll add that, thanks!

To be honest those ssl docs read like a foreign language, it's nearly impossible for me to make heads or tails out of it.

darkone · 12-29-2002, 10:27 AM

Why does directory named 'share' get highlighted? (highlight & skiplists are empty)

bigstar · 12-29-2002, 04:35 PM

Hmm, I don't know. 'Share' Is not highlighted for me.

darkone · 12-30-2002, 03:01 PM

odd.. it isn't highlighted anymore, maybe i was just too tired

bigstar · 01-26-2003, 06:20 PM

I was re-reading the docs and it says you should call SSL_shutdown again if the return value is 0..

When this code was changed it always called SSL_shutdown twice.. I think i'll change this so SSL_shutdown is only called again if the result is 0.