16

Am I getting the following error when attempting an SSL_write:

error:1409F07F:SSL routines:SSL3_WRITE_PENDING: bad write retry

tshepang
  • 12,111
  • 21
  • 91
  • 136
Amit Bens
  • 1,315
  • 3
  • 12
  • 20

1 Answers1

25

The reason is pretty simple: when SSL_Write returns with SSL_ERROR_WANT_WRITE or SSL_ERROR_WANT_READ, you have to repeat the call to SSL_write with the EXACT same parameters again, after the condition is satisfied (read/write available on the socket).

Calling it with different parameters, will yield the 1409F07F bad write retry error.

For example, when SSL_write(ssl, ptr, size) with ptr = 0xABCDEFGH, size = 4096 fails with SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE, when retrying the SSL_write call, the parameters ptr and size should be same. It is not equivalent if ptr is another pointer pointing to a copy of the same contents as in the original call.

However this default behavior of SSL_write can be changed by setting SSL_MODE_ENABLE_PARTIAL_WRITE and/or SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER.

Thanks for @ShriramV for the clarifying comments, integrated to the answer

Amit Bens
  • 1,315
  • 3
  • 12
  • 20
  • 2
    Can you please ellbaorate 10x – codersofthedark Nov 24 '11 at 10:26
  • @dragonsupercool For instance if you first SSL_write with target buffer X offset Y and size Z, you must re-call with the same values for all parameters, as the write operation will attempt to resume from where it left off (or something like that, this is where my knowledge ends ;p) – Amit Bens Nov 28 '11 at 18:30
  • @Amit -- this makes no sense. Are you saying that if you call SSL_write with 500 bytes of data and it returns 100 (saying it sent only 100 bytes), with an error code of SSL_ERROR_WANT_READ, you have to re-call it with the already sent 100 bytes as well as the remaining 400 bytes? – Chris Dodd Mar 06 '12 at 23:30
  • @ChrisDodd as odd as this sounds, yes. otherwise you will be getting the aforementioned error. You are welcome to test this and post your findings. – Amit Bens Mar 08 '12 at 09:31
  • 11
    While retrying SSL_write, the parameters should be exactly be same - literally. For example when SSL_write(ssl, ptr, size) with ptr = 0xABCDEFGH, size = 4096 fails with SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE, when retrying the SSL_write call, the parameters ptr and size should be same. It is not equivalent if ptr is another pointer pointing to a copy of the same contents as in the original call. However this default behavior of SSL_write can be changed by setting SSL_MODE_ENABLE_PARTIAL_WRITE and/or SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER. – Shriram V Apr 22 '13 at 19:02
  • I got the same error of `:SSL routines:SSL3_WRITE_PENDING: bad write retry`. I try to send out push notification to around 15k users. I noticed that it will break around every multiple of hundreds, but before that error pops up the error of `SSL: Broken pipe` will show up first. I solved the problem whenever broken pipe error shows up via reconnecting the connection again. Then continue sending. It works. Just keep doing this until you send too all users. – haxpor Nov 20 '15 at 20:17
  • in my case I need to initialisation again SSL connection, so it might be on every method call you will need to setup SSL connection in laravel in my case – Kirtikumar A. Apr 04 '16 at 19:08
  • 1
    @ShriramV - Upvoted. Your comment about those two flags should really be part of the answer. – CubicleSoft Jun 04 '16 at 18:02