Re: [Chicken-users] openssl problem

[Mark Voortman]

Thomas,

> the problem is, that closing the in and output ports of an SSL
> connection attempts to do a clean shutdown of the SSL connection. This
> may sometimes take a while because CHICKEN blocks the thread for I/O
> longer than necessary or because the other endpoint of the
> communications channel behaves uncooperatively (which, for some unknown
> reason, seems to be often the case with clients using the Netscape SSL
> library).

What do you mean with a while? Minutes? Btw, the function calls to
close-input-port and close-output-port do actually return quickly, but the
page keeps loading in the browser. Only after killing the server process
it stops loading and shows the page.

> Other than setting a timeout or introducing a maximum retry count in the
> openssl egg code, the only way I can think of to do a hard shutdown is
> to abandon both ports and perform a close syscall on the file descriptor
> of the communications socket.

Do you mean something like this: (file-close (port->fileno in))?

> The rationale for not doing such a forced close is, that the SSL library
> is theoretically allowed to keep internally cached state between
> different connections with the same peer and without clean shutdown all
> kinds of strange behavior are apparently allowed to happen if you ever
> connect again with the same communications partner -- of course this
> doesn't really apply in reality ;-)

Thanks for the help.

Cheers,
Mark