What is the difference between this an my patch from a year or so ago ?
http://marc.info/?t=115099728200002&r=1&w=2 '[PATCH] Fix for SSL_shutdown() with non-blocking not returning -1'
http://marc.info/?t=115154004000001&r=1&w=2 '[PATCH2] Fix for SSL_shutdown() with non-blocking not returning -1'
http://marc.info/?t=115129081200001&r=1&w=2 'SSL protocol state machine, IO layer, app layer regression testing'
http://marc.info/?l=openssl-dev&m=116525974320575&w=2 'Re: Fix for SSL_shutdown() with non-blocking not returning -1'
I have had numerous requests and thanks from other OpenSSL users over the past 16 months in connection with this patch. I always request that they themselves petition the maintainers of OpenSSL to deal with this matter.
The problem I was exposing was very specific and I provided a test case mechanism to prove my patch fixed my problem.
The specific problem I had is that if the write buffer in the kernel is full and you issue a shutdown and that shutdown does not make it into the kernel buffer (write() returns EAGAIN) then your SSL connection and that socket/BIO channel is hosed from that point on.
This means its impossible to multiplex SSL connections over a single socket and get correct shutdown conditions.
Darryl ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
