[racket-dev] possible bug in openssl/mzssl

From: Neil Van Dyke (neil at neilvandyke.org)
Date: Tue Feb 28 18:41:23 EST 2012

Timur Sufiev wrote at 02/27/2012 08:58 AM:
> [...] Raw ports were wrapped with SSL successfully, but then program 
> has hung up between 2 last actions: sending the request to server and 
> reading its reply. Further investigation showed that in the course of 
> SSL processing the server had requested session renegotiation from the 
> client and would provide it with requested data if the client sent 
> negotiation info to server. [...]

This sounds like a problem that I had over a year ago with having Racket 
(PLT Scheme) send HTTPS client certificates:

I did not solve that exact problem.  A consulting client had an urgent 
need, so I worked around the problem by making a Racket module that 
provided an abstraction over external "curl" processes, and used that 
module instead.  (Which also probably increased app performance, when 
that client moved to Web SCGI with Racket and added some new behavior, 
since large HTTPS and file I/O that happened in the background of Web 
requests could bypass the Racket process and could also be scheduled by 
the host OS on other processors.)  That particular Racket "curl" module 
is not currently open source, but you might find a similar Racket 
library, or implement your own simple library pretty easily.

Also, a tip on one way to decrypt the SSL traffic:

Neil V.


Posted on the dev mailing list.