Hi,

I am running appWeb web server (apache like for embedded systems) on an
embedded device, and use openssl version 0.9.7d.
I know it's not the latest (and that's an understatement), however
before making the effort to upgrade (which I have, but have not been too
successful at) I wanted to consult with you guys regarding a problem I
see:

When making quite large POST's and returning a large chunk of data to
the browser (roughly 30k each) I get a "Page cannot be displayed" error
on IE, and something similar on FF.
Looking at the trace via wireshark and gdb revealed that the browser
sends all of its data successfully. The server then processes the data
and finishes preparing the output.
It returns a HTTP 200 OK to the browser, along with some more data I
couldn't decipher and then sends a FIN to the browser before finishing
sending the data.

The failure is in the BIO_write() function which returns -1, and the
BIO_should_retry() returns 0 meaning I shouldn't try again.

As you can see from the subject line, I used the ERR library to find out
where the error occurs and found it to be ssl23_read(). Here's the
function:
SSL_F_SSL23_READ - maps to 120
SSL_R_SSL_HANDSHAKE_FAILURE - maps to 229.

My questions are:
1. Why am I in a "read" function while writing?
2. Why should there be a re-negotiation during the connection? my
timeout is set to be 300 seconds, which is way more than the time passed
(the whole transaction takes roughly 15 seconds).

I would really appreciate any help / ideas you may have.

Thanks,

- Nir.

int ssl23_read(SSL *s, void *buf, int len)
{
int n;

clear_sys_error();
if (SSL_in_init(s) && (!s->in_handshake))
{
n=s->handshake_func(s);
if (n < 0) return(n);
if (n == 0)
{
SSLerr(SSL_F_SSL23_READ,SSL_R_SSL_HANDSHAKE_FAILUR E);
return(-1);
}
return(SSL_read(s,buf,len));
}
else
{
ssl_undefined_function(s);
return(-1);
}
}