Hi,

I've found in our application that is using omniORB with SSL
that sometimes SSL_accept returns an error with error code
set to SSL_ERROR_ZERO_RETURN which is not handled in the switch
statement of sslEndpoint.cc sslEndpoint::AcceptAndMonitor.
This causes a endless loop with the following line in the log:
...
SSL_accept:failed in SSLv3 read client certificate A
SSL_accept:failed in SSLv3 read client certificate A
SSL_accept:failed in SSLv3 read client certificate A
...

This effects omniORB-4.0.7 and may affect 4.1.0 and 4.1.1 as the switch
statement looks the same.

I have temporary patched our version of omniORB by adding:
case SSL_ERROR_ZERO_RETURN:
above line 405 in sslEndpoint.cc 'case SSL_ERROR_SSL:'.
But I don't know if that is a good enough solution in the long run.

And By the way, SSL_ERROR_WANT_X509_LOOKUP, SSL_ERROR_WANT_CONNECT and
SSL_ERROR_WANT_ACCEPT
isn't handled either but it may be OK for them to fall through the
switch and do SSL_accept again.

/Janne
-------------- next part --------------
A non-text attachment was scrubbed...
Name: jan.lennartsson.vcf
Type: text/x-vcard
Size: 356 bytes
Desc: not available
Url : http://www.omniorb-support.com/pipermail/omniorb-list/attachments/20071023/041e8598/jan.lennartsson.vcf