Boost :

Date view	Thread view	Subject view	Author view

From: Christian Henning (chhenning_at_[hidden])
Date: 2006-11-02 11:24:21

Next message: Douglas Gregor: "[boost] Boost regression notification (2006-11-02 [RC_1_34_0])"
Previous message: Anthony Williams: "Re: [boost] [thread] Roadmap for RW locks ?"
In reply to: Scott: "[boost] [asio] Unrecoverable errors upon connecting to a SSL server via a non-SSL client"

You might also want to try to post your issue at the asio user list:

asio-users_at_[hidden]

Christian

On 11/2/06, Scott <cheesy4poofs_at_[hidden]> wrote:
> I've been testing our server for robustness by attempting invalid
> connections to it. If the server is running without SSL and a client
> attempts to connect via SSL, then the connection is basically refused and
> everything is fine.
>
> However, if the server is SSL and the client attempts a non-SSL connection,
> problems start to appear. On the first attempt, everything *seems* to be
> fine. The client gets a connection closed message (end of file) and the
> server closes the connection because of a failed SSL handshake.
>
> On the 2nd attempt, things go really bad. Inside the server session
> constructor, the attempt to create a SSL context fails on
> use_certificate_chain_file():
>
>
> typedef boost::asio::ssl::context Context;
> typedef boost::shared_ptr<Context> ContextPtr;
> sslContext = nw::Connection::ContextPtr(
> new nw::Connection::Context(ioservice,
> boost::asio::ssl::context::sslv23));
> sslContext->set_options(
> boost::asio::ssl::context::default_workarounds
> | boost::asio::ssl::context::no_sslv2
> | boost::asio::ssl::context::single_dh_use);
> sslContext->use_certificate_chain_file(chain);
>
>
> A boost::error is thrown with a code of 10022, "An invalid argument was
> supplied". It's basically happening in openssl_context_service.hpp:
>
> if (::SSL_CTX_use_certificate_chain_file(impl, filename.c_str()) != 1)
> {
> boost::asio::error e(boost::asio::error::invalid_argument);
> error_handler(e);
> return;
> }
>
> However, it's the exact same arguments I used previously that worked fine.
>
> Call Stack:
>
> kernel32.dll!7c81eb33()
> kernel32.dll!7c81eb33()
> msvcr71.dll!__crtExitProcess(int status=2089872920) Line 463 + 0x9
> C
> 0012f6f4()
> ntdll.dll!7c91056d()
> msvcr71.dll!free(void * pBlock=0x0012f714) Line 103 C
> > NwEngineD.exe!boost::throw_exception<boost::asio::error>(const
> boost::asio::error & e={...}) Line 40 C++
>
> NwEngineD.exe!boost::asio::detail::throw_error_t::operator()<boost::asio::er
> ror>() Line 49 + 0x9 C++
>
> NwEngineD.exe!boost::asio::ssl::detail::openssl_context_service::use_certifi
> cate_chain_file<boost::asio::detail::throw_error_t>() Line 215 C++
>
> NwEngineD.exe!boost::asio::ssl::context_service::use_certificate_chain_file<
> boost::asio::detail::throw_error_t>() Line 127 C++
>
> NwEngineD.exe!boost::asio::ssl::basic_context<boost::asio::ssl::context_serv
> ice>::use_certificate_chain_file(const
> std::basic_string<char,std::char_traits<char>,std::allocator<char> > &
> filename={...}) Line 271 C++
>
>
> Any help would be greatly appreciated.
>
> Thanks,
> Scott
>
> _______________________________________________
> Unsubscribe & other changes: http://lists.boost.org/mailman/listinfo.cgi/boost
>

Next message: Douglas Gregor: "[boost] Boost regression notification (2006-11-02 [RC_1_34_0])"
Previous message: Anthony Williams: "Re: [boost] [thread] Roadmap for RW locks ?"
In reply to: Scott: "[boost] [asio] Unrecoverable errors upon connecting to a SSL server via a non-SSL client"

Date view	Thread view	Subject view	Author view

Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk