OpenSSL - Problema de SSL_write

I write a little HTTPS client in C and I have a problem with the SSL_write function. Three tests to illustrate my problem:

#define HEADERS1 "GET / HTTP/1.1\r\n"
#define HEADERS2 "Host: www.example.com\r\n"
#define HEADERS3 "User-Agent: OpenSSL\r\n"
#define HEADERS4 "\r\n"

#define HEADERS "GET / HTTP/1.1\r\nHost: www.example.com\r\nUser-Agent: OpenSSL\r\n\r\n"

Prueba 1:

SSL_write(ssl,HEADERS,strlen(HEADERS));

Success: The server correctly return the /index.html ressource with the HTTP/1.1 200 Code.

Prueba 2:

SSL_write(ssl,HEADERS1,strlen(HEADERS1));
SSL_write(ssl,HEADERS2,strlen(HEADERS2));
SSL_write(ssl,HEADERS3,strlen(HEADERS3));
SSL_write(ssl,HEADERS4,strlen(HEADERS4));

Failure: The server doesn't return anything. All SSL_write functions don't return ERROR but my application is locked on SSL_read because the destination server give no content... and no headers :(

Prueba 3:

SSL_write(ssl,HEADERS1,strlen(HEADERS1));
SSL_write(ssl,HEADERS2,strlen(HEADERS2));
SSL_write(ssl,HEADERS4,strlen(HEADERS4));

Success: The server correctly return the /index.html ressource with the HTTP/1.1 200 Code.

Is there a particular limitation on the number of times I can call SSL_write to send headers? Very strange...

¡Muchas gracias!


Ok, so my problem persits but I have more details:

IISS-SSL => All tests success.

Apache-SSL => All tests success.

Nginx-SSL => All tests success.

LightHTTPD-SSL => Test 2 failure.

I don't understand why only LightHTTPD don't understand my request...

preguntado el 27 de agosto de 11 a las 22:08

Perhaps running the server with debug on and lookind at the logs could help. Also you can try to capture the traffic (wireshark can decrypt it, if supplied with the server key). -

You also should be checking for errors that SSL_write may return. -

Thanks n.m. Problem solved.The problem is a bug from LightHTTPD (redmine.lighttpd.net/issues/2197) wich persits on the old versions... -

1 Respuestas

For SSL_Write() operation, correct way should be after SSL_Write call , check on the message returned. If it is SSL_WANT_READ, then give some small amount of time for it to read.

Doing Continuous write operation with checking return value may be successful , but it is not safe, as you will not be sure of the data you wrote reached server and server read it completely.

This in turn may affect other SSL_write operations.

Respondido 09 Jul 15, 00:07

No es la respuesta que estás buscando? Examinar otras preguntas etiquetadas or haz tu propia pregunta.